Repeatable k3s stack deployment on AWS EC2
This guide provides a streamlined approach to installing the complete Immuta software stack on a single AWS EC2 instance. It assumes knowledge of AWS infrastructure setup and uses Ansible along with AWS Secrets Manager for a smooth deployment process.
Prerequisites
EC2 Instance:
Type: m5.2xlarge
OS: Latest AWS Linux 2023 image
Networking:
Internet connectivity to and from the EC2 instance (Public IP)
DNS hostname (preferably with control over the DNS zone)
Security group allowing inbound on ports 22 (SSH) and 443 (HTTPS)
Security:
TLS certificate/key pair
Access to AWS Secrets Manager in the EC2 deployment account
Instance role with permissions to read secrets from AWS Secrets Manager
Credentials:
Immuta Harbor credentials
Deployment Instructions
Follow the steps below to deploy the software stack.
Only Immuta 2024.3 is supported
Store Secrets in AWS Secrets Manager
Create entries for the following keys:
immuta_db_password
tls_crt_b64
tls_key_b64
immuta_registry_user
immuta_registry_password
Note: to encode your certificate and key in base64:
Install Dependencies on EC2 Instance
Clone the EC2 Deployment Repository
Edit the immuta.yaml inventory file with your variable values:
Run the Ansible Playbook
Configure DNS and Validate the installation
Configure your DNS hostname to point to the public IP address of your EC2 Instance and validate connectivity:
Last updated