…
|
||
---|---|---|
.. | ||
k8s | ||
README.md | ||
cloudformation.yaml | ||
jitsi-values.yaml |
README.md
AWS EKS Example
An example for creating an EKS cluster and deploying Jitsi in EKS.
Installation
Make sure that you Helm (v2+) and the AWS CLI installed on your machine. Clone this repository and go to jitsi-meet-examples/aws
.
AWS offers a free tier that can be used for test purposes, more info here.
In this folder, you can find a CloudFormation template creating an EKS cluster and its VPC along with an EKS node group. A folder called k8s
contains all the manifest to deploy for installing NGinx ingress, CertManager and ACME issuer.
Creating the cluster
First, go to your AWS Console in EC2 -> Key Pairs and create a new key called eks-dev-nodes
. It will be used later for granting SSH access to the nodes.
To create the cluster, make sure that your AWS CLI is correctly setup and authenticated. In your terminal, run the following command:
aws cloudformation create-stack --stack-name eks-cluster --template-body="$(cat ./cloudformation.yaml)" --capabilities=CAPABILITY_IAM
After the stack got created, retrieve the credentials for updating your kubeconfig
by running aws eks update-kubeconfig --name dev
.
Setting up the cluster
Run helm init
to install tiller
in your cluster. In case you want to user a service account + a role binding, deploy at first k8s/rbac-config-helm.yaml
(edit namespace name and service account manifest according to your need. Default is creating a helm
namespace forcing to suffix all commands with --tiller-namespace=helm
for executing the different commands).
Once it's done, deploy the ingress controller using the values specified in k8s/ingress-values.yaml
by doing the following in your terminal:
kubectl create ns ingress
helm upgrade -f ./k8s/ingress-values.yaml ingress stable/nginx-ingress --namespace ingress -i --wait
After it completes, deploy CertManager in the cluster:
kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.11/deploy/manifests/00-crds.yaml
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm upgrade cert-manager jetstack/cert-manager --namespace ingress --version v0.11.0 -i --wait
kubectl apply -f ./k8s/letsencrypt.yaml
Creating the DNS
For creating the DNS, I used https://my.freenom.com/
which offers free .tk
domain name.
For administrating the DNS, I decided to use Cloudflare
with a free-account.
After creating your DNS, update the name servers to point to the Cloudflare ones. Once it's done, go to your AWS console in EC2 -> Load Balancers. Look for the ingress NLB and add its domain name as CNAME entry in Cloudflare. Create a new subdomain for Jitsi: add a new CNAME entry for your domain name in Cloudflare targetting the NLB URL. The NLB will take care of redirecting the traffic to the correct ingress controller.
Deploying Jitsi
Now that the cluster is setup, we can deploy Jitsi Meet in the cluster. Make sure that you edit the value of web.ingress.hosts[0].host
to target the domain name created in the previous step.
Run the following command in your terminal:
kubectl create ns jitsi
helm upgrade jitsi ../../jitsi-meet -f ./jitsi-values.yaml --namespace jitsi -i --wait
Once the installation is complete, go back to the AWS console in EC2 -> Security Groups. Look for the security group prefixed with the name prefixed with eks-remoteAccess
. Go to the inbound rules
and add a custom rule for opening the port 30300 for UDP.
After it's done, launch a session and enjoy a call !
Cleaning the deployment
To clean up the deployment, delete the Cloudformation stack by running aws cloudformation delete-stack --stack-name jitsi
.
Contributing
In case you have questions, found an issue or simply want to improve the example, feel free to open an issue or a pull-requests. Both are welcome !