Data Plane
Self-hosting a DevZero Data Plane on AWS EKS.
Hosting the DevZero Data Plane on AWS EKS
For a detailed overview of the DevZero Data Plane, click here
Prerequisites
Prerequisites and requirements for this doc are the same as AWS Setup.
Deploying the data plane
Clone devzero-inc/self-hosted
git clone https://github.com/devzero-inc/self-hosted.git
cd self-hosted
Contact DevZero Support if you don't have access to the repository.
Set up kubeconfig
Set up your local kubeconfig to connect to the EKS cluster using the region and cluster name from the terraform output:
aws eks update-kubeconfig --region <region> --name <cluster-name>
Set up data plane dependencies
Go to the charts/dz-data-plane-deps
directory to modify configurations before running any installation steps.
cd charts/dz-data-plane-deps
If you are using private subnets and traffic is routed through a VPN, add this and replace <private_subnet_1>
and <private_subnet_2>
:
Change data-plane-deps
domains from example.com
to where DevZero will be hosted (e.g.: devzero.companyx.com
)
# in: charts/dz-data-plane-deps
# change example.com to devzero.companyx.com in all files in the values/ directory
find values -type f -exec sed -i'.bak' 's/example\.com/devzero\.companyx\.com/g' {} \; && find values -name "*.bak" -delete
Install data plane dependencies
# in: charts/dz-data-plane-deps
make install
Change data-plane
domains from example.com
to where DevZero will be hosted (e.g.: devzero.companyx.com
)
# in: charts/dz-data-plane-deps
cd ../dz-data-plane
# in: charts/dz-data-plane
find . -name "values.yaml" -exec sed -i'.bak' 's/example\.com/devzero\.companyx\.com/g' {} \; && find . -name "values.yaml.bak" -delete
Install data plane
# in: charts/dz-data-plane
make install
Setup ingress and connect to AWS Route 53
Get the ingress service in the cluster
kubectl get service -n devzero-data-ingress
Alternatively, run:
kubectl get svc -n devzero-data-ingress -o jsonpath='{.items[?(@.spec.type=="LoadBalancer")].status.loadBalancer.ingress[*].hostname}'
Copy the address of your ingress services.
Create a CNAME record. Set the name to *.usw2.eng
. Set the value to the address of the ingress service (copied from previous step).
For the wildcard name in the CNAME record, we suggest following *.<REGION>.<DOMAIN>
(e.g.: *.usw2.eng
).
You will need this in the Slug section for connecting this data plane to the control plane.
Connecting to DevZero control plane
Connect the data plane to the DevZero control plane
Visit the regions page on the DevZero dashboard and click Add New
.
For a self-hosted deployment of the control plane, go to https://devzero.companyx.com/dashboard/organization-settings/regions
.
Use the retrieved values (token, URL, and CA certificate) to connect the
self-hosted DevZero region to your team:
Fetching Cluster Configuration
After deploying the Helm chart, retrieve the following values for integration with the DevZero dashboard:
Cluster Name
Enter something meaningful and unique.
Examples: Frankfurt (eu-central-1), Mumbai (ap-south-1), N. California (us-west-1), São Paulo (sa-east-1)
Region ID
Enter a cloud-friendly region name (does not necessarily have to be unique).
To preserve familiarility, feel free to reuse existing GCP terms. For a list of AWS Region Names, click here.
Examples: ap-south-1 (Mumbai), eu-central-1 (Frankfurt), sa-east-1 (São Paulo), us-west-1 (N. California)
Cluster URL
To get the Cluster URL/IP:
kubectl config view --minify --raw -o jsonpath='{.clusters[0].cluster.server}'
For example,
% kubectl config view --minify --raw -o jsonpath='{.clusters[0].cluster.server}'
https://35.236.26.173
Add the string as is, without leading or trailing whitespaces.
Cluster CA Certificate
To get the Cluster CA certificate:
kubectl config view --minify --raw -o jsonpath='{.clusters[0].cluster.certificate-authority-data}'
For example,
% kubectl config view --minify --raw -o jsonpath='{.clusters[0].cluster.certificate-authority-data}'
LS0tLS1CRUdJTi.....FUlRJRklDQVRFLS0tLS0K
Add the string as is, without leading or trailing whitespaces.
Service Account Name
To get the name of the Service Account:
kubectl get serviceaccounts -n devzero-self-hosted
Usually, this should be devzero-sa
.
Add the string as is, without leading or trailing whitespaces.
Service Account Token
To get the Service Account Token:
kubectl get secret devzero-sa-token -n devzero-self-hosted -o jsonpath='{.data.token}' | base64 -d
For example,
% kubectl get secret devzero-sa-token -n devzero-self-hosted -o jsonpath='{.data.token}' | base64 -d
eyJhbGciOi......pMWncc3bxGtreh9fDTgg
Add the string as is, without leading or trailing whitespaces.
Slug
Set any memorable value for the slug (ideally the same name you see in the AWS Dashboard).
Take name of the CNAME record from the Setup ingress and connect to AWS Route 53 section.
If the name was *.usw2.eng
, set Slug
to usw2.eng
.