AWS-Integrator

  • Canonical Kubernetes
Channel Revision Published Runs on
latest/stable 72 04 Sep 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/stable 34 30 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/stable 9 05 May 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/candidate 73 13 Dec 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/candidate 34 28 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/candidate 4 11 Mar 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/beta 72 14 Aug 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/beta 22 01 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/beta 10 21 Apr 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 71 03 Aug 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 32 14 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 14 28 Jun 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.31/stable 72 04 Sep 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/candidate 73 13 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/beta 72 13 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.31/edge 71 03 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/stable 68 11 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/beta 68 19 Apr 2024
Ubuntu 22.04 Ubuntu 20.04
1.30/edge 70 26 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/stable 67 21 Apr 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/candidate 67 15 Apr 2024
Ubuntu 22.04 Ubuntu 20.04
1.29/beta 62 14 Dec 2023
Ubuntu 22.04 Ubuntu 20.04
1.29/edge 63 02 Mar 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.29/edge 32 25 Aug 2023
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.28/stable 61 26 Sep 2023
Ubuntu 22.04 Ubuntu 20.04
1.28/candidate 61 22 Sep 2023
Ubuntu 22.04 Ubuntu 20.04
1.28/beta 54 07 Aug 2023
Ubuntu 22.04 Ubuntu 20.04
1.28/edge 57 25 Aug 2023
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.28/edge 32 25 Aug 2023
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.27/stable 50 12 Jun 2023
Ubuntu 22.04 Ubuntu 20.04
1.27/candidate 50 12 Jun 2023
Ubuntu 22.04 Ubuntu 20.04
1.27/beta 47 09 Apr 2023
Ubuntu 22.04 Ubuntu 20.04
1.27/edge 45 07 Apr 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/stable 41 27 Feb 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/candidate 41 25 Feb 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/beta 35 09 Apr 2023
Ubuntu 22.04 Ubuntu 20.04
1.26/edge 35 23 Nov 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.26/edge 32 14 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/stable 34 30 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/candidate 34 28 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/beta 36 01 Dec 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/beta 22 01 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.25/edge 24 09 Sep 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.24/stable 16 04 Aug 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/stable 9 05 May 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/candidate 16 01 Aug 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04
1.24/beta 9 21 Apr 2022
Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/edge 15 22 Jul 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.24/edge 14 28 Jun 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.23/beta 5 22 Mar 2022
Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
1.23/edge 3 24 Feb 2022
Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
juju deploy aws-integrator
Show information

Platform:

Ubuntu
22.04 20.04 18.04 16.04

This charm acts as a proxy to AWS and provides an interface to apply a certain set of changes via IAM roles, profiles, and tags to the instances of the applications that are related to this charm.

Usage

When on AWS, this charm can be deployed, granted trust via Juju to access AWS, and then related to an application that supports the interface. The set of permissions that the related application could request is documented in the interface’s Requires API documentation.

For example, Charmed Kubernetes has support for this, and can be deployed with the following bundle overlay:

applications:
  aws-integrator:
    charm: aws-integrator
    num_units: 1
    trust: true
relations:
  - ['aws-integrator', 'kubernetes-control-plane']
  - ['aws-integrator', 'kubernetes-worker']

Then deploy Charmed Kubernetes using this overlay:

juju deploy ccharmed-kubernetes --overlay ./k8s-aws-overlay.yaml --trust

Note: This trusts the AWS Integrator charm with the credentials used by Juju. You could instead provide alternate credentials via the `credentials` charm config option.

RDS

In addition to the integrator relation, this charm also provides a proxy to the AWS Relational Database Service (RDS) for charms using the mysql interface. Charms attached to the rds-mysql relation endpoint will have an RDS MySQL database instance created for them and access information provided via the relation.

For example, if this was deployed alongside the Mediawiki charm, it could provide the database for backing the wiki:

applications:
  aws-integrator:
    charm: aws-integrator
    num_units: 1
    trust: true
  mediawiki:
    charm: mediawiki
    num_units; 1
relations:
  - ['aws-integrator:rds-mysql', 'mediawiki:db']

Permissions Requirements

The credentials given to the charm must include the following access rights:

EC2
AssociateIamInstanceProfile
CreateTags
DescribeInstances
IAM
AddRoleToInstanceProfile
AttachRolePolicy
CreateInstanceProfile
CreatePolicy
CreateRole
DeleteInstanceProfile
DeletePolicy
DeleteRole
DetachRolePolicy
ListAttachedRolePolicies
ListInstanceProfiles
ListPolicies
ListRoles
RemoveRoleFromInstanceProfile
CreatePolicyVersion
ListPolicyVersions
GetPolicyVersion
DeletePolicyVersion
SetDefaultPolicyVersion
GetPolicy
STS
GetCallerIdentity
RDS
DescribeDBInstances
CreateDBInstance
DeleteDBInstance
DeleteDBInstanceAutomatedBackup

Note that these may be different from the permissions that Juju requires to operate.

Resource Usage Note

By relating to this charm, other charms can directly allocate resources, such as EBS volumes and ELBs, which could lead to cloud charges and count against quotas. Because these resources are not managed by Juju, they will not be automatically deleted when the models or applications are destroyed, nor will they show up in Juju’s status or GUI. It is therefore up to the operator to manually delete these resources when they are no longer needed, using the AWS console or API.

Examples

Following are some examples using AWS integration with Charmed Kubernetes.

Creating a pod with an EBS-backed volume

This script creates a busybox pod with a persistent volume claim backed by AWS’s Elastic Block Storage.

#!/bin/bash

# create a storage class using the `kubernetes.io/aws-ebs` provisioner
kubectl create -f - <<EOY
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: ebs-1
provisioner: kubernetes.io/aws-ebs
parameters:
  type: gp2
EOY

# create a persistent volume claim using that storage class
kubectl create -f - <<EOY
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: testclaim
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 100Mi
  storageClassName: ebs-1
EOY

# create the busybox pod with a volume using that PVC:
kubectl create -f - <<EOY
apiVersion: v1
kind: Pod
metadata:
  name: busybox
  namespace: default
spec:
  containers:
    - image: busybox
      command:
        - sleep
        - "3600"
      imagePullPolicy: IfNotPresent
      name: busybox
      volumeMounts:
        - mountPath: "/pv"
          name: testvolume
  restartPolicy: Always
  volumes:
    - name: testvolume
      persistentVolumeClaim:
        claimName: testclaim
EOY

Creating a service with an AWS load-balancer

The following script starts the hello-world pod behind an AWS Elastic Load Balancer.

kubectl create deployment hello-world --image=gcr.io/google-samples/node-hello:1.0
kubectl scale deployment hello-world --replicas=5
kubectl expose deployment hello-world --type=LoadBalancer --name=hello --port=8080
watch kubectl get svc hello -o wide