• KubeDB

    Run Production-Grade Databases on Kubernetes

    arrow_forward
    Stash

    Backup and Recovery Solution for Kubernetes

    arrow_forward
    KubeVault

    Run Production-Grade Vault on Kubernetes

    arrow_forward
    Voyager

    Secure Ingress Controller for Kubernetes

    arrow_forward
    ConfigSyncer

    Kubernetes Configuration Syncer

    arrow_forward
    Guard

    Kubernetes Authentication WebHook Server

    arrow_forward
    KubeDB

    KubeDB simplifies Provisioning, Upgrading, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • task_altLower administrative burden
    • task_altNative Kubernetes Support
    • task_altPerformance
    • task_altAvailability and durability
    • task_altManageability
    • task_altCost-effectiveness
    • task_altSecurity
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • task_altDeclarative API
    • task_altBackup Kubernetes Volumes
    • task_altBackup Database
    • task_altMultiple Storage Support
    • task_altDeduplication
    • task_altData Encryption
    • task_altVolume Snapshot
    • task_altPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • task_altVault Kubernetes Deployment
    • task_altAuto Initialization & Unsealing
    • task_altVault Backup & Restore
    • task_altConsume KubeVault Secrets with CSI
    • task_altManage DB Users Privileges
    • task_altStorage Backend
    • task_altAuthentication Method
    • task_altDatabase Secret Engine
    Voyager

    Secure Ingress Controller for Kubernetes

    • task_altHTTP & TCP
    • task_altSSL
    • task_altPlatform support
    • task_altHAProxy
    • task_altPrometheus
    • task_altLet's Encrypt
    configsyncer

    Kubernetes Configuration Syncer

    • task_altConfiguration Syncer
    Guard

    Kubernetes Authentication WebHook Server

    • task_altIdentity Providers
    • task_altCLI
    • task_altRBAC
  • RESOURCES
  • Webinar New
CONTACT SALES
28-Dec-2023

Deploy AWS Databases with KubeDB Crossplane Provider

author-image
SK Ali Arman

Software Engineer

Deploy AWS Databases with KubeDB Crossplane Provider

KubeDB is now a Crossplane distribution for Hyper Clouds. Crossplane connects your Kubernetes cluster to external, non-Kubernetes resources, and allows platform teams to build custom Kubernetes APIs to consume those resources. We have introduced providers for AWS.

You need crossplane already installed in your cluster. This will allow KubeDB users to provision and manage Cloud provider managed databases in a Kubernetes native way.

Install Crossplane

helm upgrade -i crossplane \
  oci://ghcr.io/appscode-charts/crossplane \
  -n crossplane-system --create-namespace

Check the installation with the following command. You will see two pod with prefix name crossplane in case of successful installation.

kubectl get pod -n crossplane-system

Install KubeDB AWS Provider

Install the AWS provider into Kubernetes cluster with helm chart.

helm upgrade -i kubedb-provider-aws \
  oci://ghcr.io/appscode-charts/kubedb-provider-aws \
  --version=v2023.12.28 \
  -n crossplane-system --create-namespace

Setup Provider Config

Create AWS access key and secret key from AWS IAM. You can see AWS documentaion .

Create a text file containing the AWS account aws_access_key_id and aws_secret_access_key with the following command.

export AWS_ACCESS_KEY_ID=<your_access_key>
export AWS_SECRET_ACCESS_KEY=<your_secret_access_key>
echo "
[default]
aws_access_key_id = $AWS_ACCESS_KEY_ID
aws_secret_access_key = $AWS_SECRET_ACCESS_KEY
" > aws-credentials.txt

Create a Kubernetes secret with the AWS credentials.

kubectl create secret  generic aws-secret -n crossplane-system --from-file=creds=./aws-credentials.txt

Create the ProviderConfig with the following yaml file

cat <<EOF | kubectl apply -f -
apiVersion: aws.kubedb.com/v1beta1
kind: ProviderConfig
metadata:
  name: default
spec:
  credentials:
    source: Secret
    secretRef:
      name: aws-secret
      key: creds
      namespace: crossplane-system
EOF

Check provider-config with the following command.

kubectl get providerconfig.aws.kubedb.com

Create Postgres Instance

Create VPC

cat <<EOF | kubectl apply -f -
apiVersion: ec2.aws.kubedb.com/v1alpha1
kind: VPC
metadata:
  name: example
spec:
  forProvider:
    region: us-east-2
    cidrBlock: 172.16.0.0/16
    tags:
      Name: DemoVpc
EOF

Create three subnets

cat <<EOF | kubectl apply -f -
apiVersion: ec2.aws.kubedb.com/v1alpha1
kind: Subnet
metadata:
  name: example-subnet1
spec:
  forProvider:
    region: us-east-2
    availabilityZone: us-east-2b
    vpcIdRef:
      name: example
    cidrBlock: 172.16.10.0/24
EOF

cat <<EOF | kubectl apply -f -
apiVersion: ec2.aws.kubedb.com/v1alpha1
kind: Subnet
metadata:
  name: example-subnet2
spec:
  forProvider:
    region: us-east-2
    availabilityZone: us-east-2c
    vpcIdRef:
      name: example
    cidrBlock: 172.16.20.0/24
EOF

cat <<EOF | kubectl apply -f -
apiVersion: ec2.aws.kubedb.com/v1alpha1
kind: Subnet
metadata:
  name: example-subnet3
spec:
  forProvider:
    region: us-east-2
    availabilityZone: us-east-2a
    vpcIdRef:
      name: example
    cidrBlock: 172.16.30.0/24
EOF

Create Subnet Group

cat <<EOF | kubectl apply -f -
apiVersion: rds.aws.kubedb.com/v1alpha1
kind: SubnetGroup
metadata:
  name: example
spec:
  forProvider:
    region: us-east-2
    subnetIdRefs:
      - name: example-subnet1
      - name: example-subnet2
      - name: example-subnet3
    tags:
      Name: My DB subnet group
EOF

Create Secret

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: example-dbinstance
  namespace: crossplane-system
type: Opaque
data:
  password: MTIzNDU2Nzg=
EOF

Deploy the rds postgres instance

cat <<EOF | kubectl apply -f -
apiVersion: rds.aws.kubedb.com/v1alpha1
kind: Instance
metadata:
  annotations:
    meta.kubedb.com/example-id: rds/v1alpha1/instance
  labels:
    testing.kubedb.com/example-name: example-dbinstance
  name: example
spec:
  forProvider:
    region: us-east-2
    engine: postgres
    engineVersion: "15.4"
    username: adminuser
    dbName: dbexample
    passwordSecretRef:
      key: password
      name: example-dbinstance
      namespace: crossplane-system
    instanceClass: db.t3.micro
    storageType: gp2
    allocatedStorage: 20
    dbSubnetGroupName: example
    backupRetentionPeriod: 0
    backupWindow: "09:46-10:16"
    maintenanceWindow: "Mon:00:00-Mon:03:00"
    publiclyAccessible: false
    skipFinalSnapshot: true
    storageEncrypted: true
    autoMinorVersionUpgrade: true
  writeConnectionSecretToRef:
    name: example-dbinstance-out
    namespace: crossplane-system
EOF

Provider AWS also supports

  • DocumentDB
  • Elasticache
  • Dynamodb
  • RDS
    • MariaDB
    • MySQL

Support

To speak with us, please leave a message on our website .

To receive product announcements, follow us on Twitter .

If you have found a bug with KubeDB or want to request for new features, please file an issue .

TAGS

aws crossplane kubedb kubernetes

Get Up and Running Quickly

Deploy, manage, upgrade Kubernetes on any cloud and automate deployment, scaling, and management of containerized applications.

CONTACT US