One reason a lot of people enjoy using tools like Kubernetes and ECS is their integration with cloud providers. It can be very challenging to configure a cluster by hand, even if you use modern tools like Kubernetes. You have to configure the way your nodes are going to join the cluster and communicate with each other, the service discovery mechanism, and the integration with the extra tools the Cloud offers, like load balancers and persistent storages.
With Kubernetes and ECS , you can launch a cluster without worrying about these issues. Even if you want to build a high-availability cluster, distributed among several regions, you’ll have high-level tools to accomplish that without having to dig too heavily into networking issues.
In this section we’re going to install an essential dependency that will allow Kubernetes and AWS (Amazon Web Services) to manage our resources for us. This tool is called AWS Command Line Interface (AWS CLI) and allows interaction with all the services available in our AWS account.
If you don’t have an AWS account, you can go to the official page ( https://aws.amazon.com/ ) and create one now. It’s going to be necessary for the following steps. Keep in mind that though you have AWS Free Tier for some resources (with certain limits), we are going to be using resources that don’t fall into that category, so you will be billed for the time you run those resources. But don’t worry, you can launch as many servers, load balancers, or S3 buckets you want, and you’ll have a small bill as long as you delete them all after you’re done.
Installing the AWS CLI
The official documentation ( http://docs.aws.amazon.com/cli/latest/userguide/installing.html ) discusses several methods to install the tool according to your operating system (OS). One dependency that you would need on your system is python.
I am using Mac Os. If you’re also using Mac Os or Linux, you can use the AWS CLI Bundled Installer and install AWS CLI on your system with the following commands:
$ curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"$ unzip awscli-bundle.zip$ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
If you’re on Windows, you would have to use pip and install the awscli package. After executing those commands, run
$ aws --versionOutput:
aws-cli/1.10.66 Python/2.7.10 Darwin/16.0.0 botocore/1.4.56So the tool is correctly installed.
Configuring the AWS CLI
Before configuring the AWS CLI, you need to get an access key and secret access key for your account. These are personal tokens that will allow third-party applications or the AWS CLI to manage resources on your behalf. In order to get these tokens, go to http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html and follow the steps. This shouldn’t take too long since the entire process is done via the AWS graphical interface.
Once you have your tokens, go back to your console and run
$ aws configureAWS Access Key ID [None]: XXXXXXXXXXXXXXXXXXXXAWS Secret Access Key [None]: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXDefault region name [None]: us-east-1Default output format [None]: json
And add your own configuration. It’s also a good idea to set the default region immediately so you don’t have to select it for every command you run.
After running this command, your credentials will be saved under ∼/.aws/credentials:
[default]aws_access_key_id=XXXXXXXXXXXXXXXXXXXXaws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
And your configuration under /.aws/config:
[default]output = jsonregion = us-east-1
In case you wonder, default is your default profile. You can have several profiles which are associated with different AWS accounts. So, for example, you can configure a profile for work and another for personal use by using different sections in the files.
[default]aws_access_key_id=XXXXXXXXXXXXXXXXXXXXaws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX[work]aws_access_key_id=XXXXXXXXXXXXXXXXXXXXaws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The default profile will be used if don’t specify any profile when running commands. If you want to run commands using a specific profile, you just have to add the flag --profile another-profile to every command.
Now that we have this tool configured, Kubernetes can use it to launch the cluster, and we can also use it for managing our ECS resources.
All the operations you do with the AWS CLI can also be done using the graphical interface. The big advantage of using the CLI is that you can save your commands for avoiding repetition and you can also automate almost everything you want. For example, you can create a load balancer by following a graphical wizard and repeating that process for all the load balancers you need, or you can figure out how to do it by using the AWS CLI, save that command , and run it every time you need a new load balancer.
Tips for Using the AWS CLI
Sometimes you’ll have a substantial amount of output after running commands. I can show you a couple of tricks for querying specific fields or filtering by the specific elements we need.
One of the options we’ll be using heavily during this book is the --query option. With this option you can navigate through the response to a specific part that you want to see. For example, let’s say you want to see all your VPC (Virtual Private Cloud ) IDs and tags. You can use the describe-vpcs command, but if you run it without a query, you’ll have too much output. If you want to be more specific and you know which fields you want, you can do something like the following:
$ aws ec2 describe-vpcs --region us-east-1 --query="Vpcs[*].{ID:VpcId,tags:Tags[0]}"That will only return the ID and the tags for your VPCs. The --query="Vpcs[*].{ID:VpcId,tags:Tags[0]}" can be interpreted as follows: for all my VPCs (Vpcs[*]) fetch the VpcId with an alias of ID (ID:VpcId) and the first tag with an alias of tags (tags:Tags[0]). That will give a result like the following:
[{"ID": "vpc-e61cec82","tags": null},{"ID": "vpc-a0e9c0c7","tags": {"Value": "amazon-ecs-cli-setup-ecs-cluster","Key": "aws:cloudformation:stack-name"}}]
Much better. Then, once you refine your queries, you can save those commands for posterior use.
Let’s see another example. Suppose you have a Database instance. You know its identifier and you want to know its status. You can use the describe-db-instances command, but it’ll also give a big output. Let’s add the following query option:
$ aws rds describe-db-instances --db-instance-identifier webapp-postgres --query 'DBInstances[*].{Status:DBInstanceStatus}'That will only return the database (DB) status
[{"Status": "Running"}]
Another important option is the filter option. Normally you’ll have a certain set of filters for a specific command. You want to use filters when you have several elements and you need information about a specific one. For example, you need the IDs of a group of subnets for a specific VPC. You want to use the describe-subnets command. Without filters it’s going to return all your subnets from all VPCs. Let’s add a filter to get the ones for a specific VPC.
$ aws ec2 describe-subnets --filters "Name=vpc-id,Values=vpc-a0e9c0c7" --query="Subnets[*].SubnetId"Output:
["subnet-3a09f717","subnet-e0906cbb"]
That’s going to return the SubnetIds for that specific VPC. For the filter options, you have to pass the name of the filter, which is pre-defined in the documentation, and then the values for applying that filter.
Knowing how to manipulate the output of the AWS CLI can help you a lot. This tool has great documentation. You can use the online documentation or use the help command on your console. If at any point you have doubts about a command that we use throughout this book, just jump to its documentation to get more information .
Summary
In this chapter, we prepared the essentials tools we’ll need to run our orchestration frameworks. Since this book is focused on Amazon Web Services, we need to have certain tools available on our system and later on our continuous integration (CI) server. Now you should know how to install the AWS CLI and also the basics on how to manipulate the output for the AWS CLI. This is important since we’ll be running several different commands to create our AWS resources, and controlling the CLI output can serve as a quick feedback mechanism to collect and inspect data we may need.