cat ~/.aws/credentials
[default]
aws_access_key_id = ...
aws_secret_access_key = ...
[frontend]
aws_access_key_id = ...
aws_secret_access_key = ...
[backend]
aws_access_key_id = ...
aws_secret_access_key = ...
cat ~/.aws/config
[default]
region = sa-east-1
[profile frontend]
region = us-west-2
[profile backend]
region = us-west-2
./infrasctucture/setup.sh
./eks/setup.sh
kubectl config use-context <iam_user>@am-multi-account-1.<region>.eksctl.io
helm repo add eks https://aws.github.io/eks-charts
kubectl create ns appmesh-system
helm upgrade -i appmesh-controller eks/appmesh-controller \
--namespace appmesh-system
kubectl -n appmesh-system get pods
kubectl create ns yelb
kubectl label namespace yelb mesh=am-multi-account-mesh
kubectl label namespace yelb "appmesh.k8s.aws/sidecarInjectorWebhook"=enabled
./mesh/create_mesh.sh
aws --profile frontend cloudformation deploy \
--template-file shared_resources/shared_mesh.yaml \
--parameter-overrides \
"BackendAccountId=$(aws --profile backend sts get-caller-identity | jq -r .Account)" \
--stack-name am-multi-account-shared-mesh \
--capabilities CAPABILITY_IAM
aws —profile backend ram get-resource-share-invitations
aws —profile backend ram accept-resource-share-invitation \
--resource-share-invitation-arn <value from previous command>
kubectl config use-context <iam_user@am-multi-account-2.<region>.eksctl.io
helm repo add eks https://aws.github.io/eks-charts
kubectl create ns appmesh-system
helm upgrade -i appmesh-controller eks/appmesh-controller \
--namespace appmesh-system
kubectl -n appmesh-system get pods
aws --profile backend iam create-service-linked-role --aws-service-name appmesh.amazonaws.com
kubectl create ns yelb
kubectl label namespace yelb mesh=am-multi-account-mesh
kubectl label namespace yelb "appmesh.k8s.aws/sidecarInjectorWebhook"=enabled
./mesh/create_mesh.sh
kubectl apply -f mesh/yelb-redis.yaml
kubectl apply -f mesh/yelb-db.yaml
kubectl apply -f mesh/yelb-appserver.yaml
kubectl apply -f yelb/resources_backend.yaml
kubectl config use-context <iam_user>@am-multi-account-1.<region>.eksctl.io
Get the yelb-appserver
VirtualService ARN and change mesh/yelb-ui.yaml
accordingly.
kubectl --context=<iam_user>@am-multi-account-2.<region>.eksctl.io \
-n yelb get virtualservice yelb-appserver
kubectl apply -f mesh/yelb-ui.yaml
kubectl apply -f yelb/resources_frontend.yaml
./cleanup.sh