Delivering Software to Amazon EKS with Confidence Using JFrog Artifactory

By Craig Peters, Director of Product, Partnership at JFrog

JFrog, an AWS Partner Network (APN) Advanced Technology Partner, is a proud integration partner of Amazon Elastic Container Service for Kubernetes (Amazon EKS).

Over the past year, it seems that even companies that weren’t in the first phase of Kubernetes adoption are now joining the party. JFrog has been a key part of the container movement, launching an enterprise-grade Docker registry back in 2015. Now, we offer a robust Kubernetes registry that is compatible with a growing list of Kubernetes cluster providers.

In this post, I’ll provide a detailed example of deploying a containerized application to Amazon EKS using JFrog Artifactory as the Kubernetes registry, which involves multiple software artifact types and related package managers including Docker, NPM, and Helm.

I will also show you how to quickly and easily configure Artifactory as your Kubernetes registry for Amazon EKS by provisioning Artifactory and Amazon EKS, and deploying the Docker images from Artifactory to Amazon EKS.

To learn more about using Artifactory as your Kubernetes registry, read JFrog Artifactory: Your Kubernetes Registry.

Choices for Deploying Artifactory

If you already have Artifactory, you can simply set it up as a Docker registry and skip ahead to “Using Artifactory as your Private Registry.”

Artifactory can run from a number of possible locations. Our example in this post is based on subscribing to JFrog Artifactory Cloud through AWS Marketplace. Additional options are:

• Subscribe to Artifactory as a software-as-a-service (SaaS) service on Amazon Web Services (AWS) through JFrog.
• Deploy Artifactory to the Amazon EKS cluster (high availability or single node) using a Helm chart.
• Use an existing Artifactory instance.

Let’s get started!

Figure 1 – JFrog Artifactory flow diagram.

Subscribe to JFrog Artifactory Cloud

From the listing in AWS Marketplace, select Continue to Subscribe. Review the details and click Subscribe. Complete the subscription form indicating a hostname, username, and password. JFrog will then proceed to provision Artifactory for you, and associates the billing with your AWS bill.

Following your subscription to JFrog Artifactory Cloud via AWS Marketplace, JFrog sends you an email with your account details and user credentials. Use your assigned credentials to log into the JFrog Artifactory Account Management Dashboard to view and control your account information.

Figure 2 – JFrog account management dashboard.

Now, click Go to My Server to launch the Artifactory onboarding wizard and select the software repositories you want to manage. In this example, we have only selected a handful of repositories including Docker, Helm, Maven, NPM, and NuGet.

Figure 3 – JFrog Artifactory onboarding wizard.

A configuration summary is displayed when you complete the wizard and shows the local, remote, and virtual repositories that Artifactory created for you.

To learn more about how to plan for production, see Best Practices for Structuring and Naming Artifactory Repositories.

Figure 4 – JFrog Artifactory configuration settings summary.

Using Artifactory as Your Private Docker Registry

Let’s configure the Docker client to use Artifactory as your private Docker registry. From the Artifactory home page, click the Docker virtual repository in the Set Me Up panel. The command to log into your Docker registry is displayed.

Figure 5 – Docker Set Me Up in Artifactory.

Now, copy the Docker login command to your clipboard by clicking on the icon in the upper right.

In a terminal window on your local machine (or any host where you run the Docker client), paste and run the Docker login command. When prompted, use the Artifactory admin username and password to authenticate, as we have not enabled anonymous access. This will log the Docker client into the Docker registry hosted by Artifactory.

Proceed to use the Docker client as you normally would to pull an image from any registry. Artifactory automatically created remote Docker repositories for Docker Hub and Bintray so we can pull any image.

docker pull [your server]/nginx
Using default tag: latest 
Latest: Pulling from nginx 
digest:sha256:e4f-47a75c510f40b37b6b7dc6b7dc2516241ffa8vde5a442vde3d3372c9519c84d90 

Status: Downloaded newer image for partneraws-docker.jfrog.io/nginx:latest

In the Artifactory Package Viewer, search for Nginx to view it in Artifactory. Click the image to view the tag details.

Figure 6 – Artifactory Package Viewer.

Provisioning Amazon EKS

Provisioning a Kubernetes cluster using Amazon EKS is just as easy. First, access the Amazon EKS console and click Create Cluster.

Figure 7 – Creating a cluster in the Amazon EKS console.

Next, configure your master cluster. The settings in our example are the default settings used for the Amazon EKS trials. Your settings may vary.

Figure 8 – Configure the master cluster in the Amazon EKS console.

As the cluster is provisioned, the Amazon EKS progress is displayed. The endpoint is displayed when the process ends.

Figure 9 – The endpoint is created in Amazon EKS.

Now, configure the worker nodes as described in the Launching Amazon EKS Worker Nodes documentation. Make sure that kubectl is set up as per the Create a kubeconfig for Amazon EKS documentation. Verify that the pods are not deployed.

Let’s get information about what pods are running on our cluster by running the ‘kubectl get pods’ command. Your output should like this:

kubectl get pods
No resources found.

Running a Nginx Deployment on the Amazon EKS Cluster

Let’s run a simple Nginx deployment on the Amazon EKS cluster using the Docker image from Artifactory. To do this, create a Kubernetes secret to enable the Kubernetes cluster to authenticate with your private Artifactory-hosted Docker registry. For simplicity, we’ll create it using the kubectl command line:

kubectl create secret docker-registry regcred --docker-server=[your server] --docker-username=admin

--docker-password=[your_password] --docker-email=[your_email]

cat run-nginx.yaml
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
  name: nginx-deployment
spec: 
  selector:
    matchLabels:
       app: nginx
  replicas: 2 # tells deployment to run 2 pods matching the template
  template: # create pods using pod definition in this template
    metadata:
       # unlike pod-nginx.yaml, the name is not included in the metadata as a unique          
         name is 
       # generated from the deployment name
       labels:
          app: nginx
    spec:
       containers:
       - name: nginx
       - image: partneraws-docker.jfrog.io/nginx:1.7.9
       ports:
      - containerPort: 80
   imagePullSecrets:
      - name: regcred

kubectl apply -f run-nginx.yaml 
deployment.apps “nginx-deployment” created

kubectl get pods
 
NAME                               READY   STATUS   RESTARTS  AGE
Nginx-deployment-74d975fb86-4vtxt  1/1     Running  0         51s
Nginx-deployment-74d975fb86-T771n  1/1     Running  0         36s

The content and opinions in this blog are those of the third party author and AWS is not responsible for the content or accuracy of this post.

.

JFrog – APN Partner Spotlight

JFrog is an APN Advanced Technology Partner. JFrog Artifactory is a hosted solution for developers and DevOps engineers that provides complete control, insight, and binary management throughout the software development lifecycle.

Contact JFrog | Solution Overview | Buy on Marketplace

*Already worked with JFrog? Rate this Partner

*To review an APN Partner, you must be an AWS customer that has worked with them directly on a project.