Deploy Resoto to AWS with Cloud Development Kit
We provide a CDK construct to simplify the deployment of Resoto to AWS.
The Resoto CDK construct is no longer actively maintained. We recommend running Resoto using Docker.
The Resoto web installer is the easiest way to get a production-grade setup, whereas the CDK construct is a bit more involved but gives you more control over the setup and does not require you to send us your cloud credentials.
Don't want to manage your own Resoto installation? Get started for free with Fix, an all-in-one security dashboard built on top of Resoto.
Prerequisites​
- Git
- AWS account with IAM role permissions
- AWS command-line interface
kubectlcommand-line tool- Node.js
Directions​
-
Run the following commands in the terminal:
$ git clone git@github.com:someengineering/resoto-cdk.git
$ cd resoto-cdk
$ npm ci -
Then, deploy Resoto with the following command:
$ npm run cdk deploy -- --parameters ResotoTag=3.9.0noteIf this is your first CDK deployment, you will need to bootstrap your AWS account. You can do so with the following command:
$ npm run cdk bootstrapinfoIt is possible to override the default CloudFormation parameter values:
$ npm run cdk deploy -- --parameters ResotoTag=3.9.0 --parameters MngInstanceType=r5a.xlargeParameter Description Default Value ResotoTagThe Resoto image tag to use 3.9.0MngMaxSizeThe maximum number of instances in the k8s managed node group 3MngMinSizeThe minimum number of instances in the k8s managed node group 1MngDesiredSizeThe desired number of instances in the k8s managed node group 1MngInstanceTypeThe instance type of the k8s managed node group r5a.xlarge -
Confirm the deployment. This will trigger CDK to create an EKS cluster and install the Resoto Helm chart.
infoThe deployment will take approximately 30 minutes. You can follow the progress in the terminal.
Once deployment is complete, you will see output similar to the following:
Outputs:
ResotoEKS.ResotoEKSConfigCommandXXXX = aws eks update-kubeconfig ...
ResotoEKS.ResotoPskSecret = kubectl get secrets ...
ResotoEKS.ResotoUI = https://a3xxxxxx.us-east-1.elb.amazonaws.com:8900
Stack ARN:
arn:aws:cloudformation:us-east-1:115717706081:stack/ResotoEKS/e1b9e6a0-d5f6-11eb-8498-0a374cd00e27einfo-
The value of
ResotoEKS.ResotoEKSConfigCommandXXXXin Outputs is a command to configurekubectlto connect to the EKS cluster.You can check that the connection is working by running the following command:
$ kubectl get pods -A | grep resotocore
​resoto resoto-resotocore-xxx 1/1 Running 0 32m -
The value of
ResotoEKS.ResotoPskSecretin Outputs is a command to retrieve the Resoto PSK.$ kubectl get secrets resoto-psk -o jsonpath='{.data.psk}' | base64 -d -
The value of
ResotoEKS.ResotoUIin Outputs is the URL of the Resoto UI.
-
