Getting started with Gefyra and Elastic Kubernetes Service (EKS)
This guide will show you how to use Gefyra for the remote development of a Kubernetes application running on Elastic Kubernetes Service (EKS).
Prerequisites
- You have the aws command installed and configured
- Follow the installation of Gefyra for your preferred platform
Additionally, you need an account for the Amazon Web Services including the
permission to create a new cluster. Make sure your aws
is using the right
project configuration and/or profile.
Setup a cluster
You may follow this guide to create a cluster using the AWS Management Console.
- The easiest way to create a new cluster is using
aws
:
aws eks create-cluster --name gefyra --kubernetes-version 1.22 \
--role-arn arn:aws:iam::111122223333:role/myAmazonEKSClusterRole \
--resources-vpc-config subnetIds=subnet-ExampleID1,subnet-ExampleID2,securityGroupIds=sg-ExampleID1
This may take a long time. You can check the cluster status with:
aws eks describe-cluster --name gefyra --query "cluster.status"
> "ACTIVE"
- Depending on your way of creating the cluster, you may have to add a
NodeGroup
to the cluster, so you can actually run workloads. - Pull the
kubectl
configuration to connect to the cluster, with:
aws eks update-kubeconfig --name gefyra
Now you should be able to run any kubectl
command in that cluster.
- Apply some workload, for example from the testing directory of this repo:
kubectl apply -f https://raw.githubusercontent.com/gefyrahq/gefyra/main/testing/workloads/hello_dd.yaml
- Important: before Gefyra can connect from outside the cluster, you must set the security group of the nodes to allow UDP traffic on port 31820.
Find out the security group of the cluster. Then, create the required inbound traffic rule:
aws eks describe-cluster --name gefyra --query "cluster.resourcesVpcConfig.clusterSecurityGroupId"
> "<security-group-id>"
aws ec2 authorize-security-group-ingress --group-id "<security-group-id>" --protocol udp --port 31820 --cidr 0.0.0.0/0
Running Gefyra
- At first, we need a host IP of one of our nodes. You can get
them by running
kubectl get nodes -o wide | awk {'print $1" " $2 " " $7'} | column -t
. Pick one of them from theEXTERNAL-IP
column. - Now you can run
gefyra up --host <IP>
- Run a local Docker image with Gefyra to make it part of the cluster.
- Build your Docker image with a local tag, for example from the testing directory:
cd testing/images/ && docker build -f Dockerfile.local . -t pyserver
- Execute Gefyra's run command:
gefyra run -i pyserver -N mypyserver -n default
- Exec into the running container and look around. You will find the container to run within your Kubernetes cluster.
docker exec -it mypyserver bash
wget -O- hello-nginx
will print out the website of the cluster service hello-nginx from within the cluster.
- Build your Docker image with a local tag, for example from the testing directory:
- Create a bridge to intercept the traffic to the cluster application with the one running locally:
gefyra bridge -N mypyserver -n default --port 80:8000 --target deploy/hello-nginxdemo/hello-nginx
- List all running bridges:
gefyra list --bridges
- Unbridge the local container and reset the cluster to its original state:
gefyra unbridge -N mypybridge
Cleaning up
Remove Gefyra's components from the cluster with gefyra down
Please provide us with your feedback
Did everything work as expected? How was the experience of using Gefyra? We'd appreciate if you could take 2 minutes of your time to fill out our feedback form.