Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add AWS CDK project and Helm charts for Beckn-Onix deployment o… #233

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions aws-cdk/.gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,9 @@
*.js
!jest.config.js
*.d.ts
node_modules

# CDK asset staging directory
.cdk.staging
cdk.out
.env
44 changes: 44 additions & 0 deletions aws-cdk/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# Beckn-ONIX, one-click deployment on AWS


### Description
Beckn-ONIX is **[FIDE](https://fide.org/)** project aimed at easing setup and maintainance of a **[Beckn](https://becknprotocol.io/)** Network using reference implementations. Objectives include setting up reliable, configurable and fast Beckn network as a virtual appliance. This initiative is independent of the evolution of the Beckn protocol. This effort is also aimed at inviting contributions from the community to create secure, reliable builds for production environments.

> **Info:** Disclaimer : Beckn-onix is a reference implementation of the Beckn-onix stack. It is a reference application only and has not been tested for production environmens. However, implementers can fork this repository and build it for scale. The maintainer of this repository holds no liabillity for deployments of this application in production environments.


### Packaging overview
This packaging initiative provides a robust solution for deploying and managing Beckn-ONIX services on AWS. It is designed to ensure high availability, scalability, and resilience of Beckn-ONIX components like the Gateway, Registry, BAP, and BPP, making them ready for a Kubernetes-based environment. Additionally, it allows users the flexibility to choose managed AWS services, optimizing for production-scale deployments while reducing operational overhead.

The packaging supports a fully automated, one-click deployment solution aligned with the reference architecture, ensuring that each layer of the Beckn-ONIX stack is designed with fault tolerance, load balancing, and scaling in mind. This approach not only simplifies the deployment process but also promotes best practices in infrastructure as code, making it easier to maintain and evolve the platform in a cost-effective manner.

### Beckn-ONIX Deployment
This repository contains the source code and configuration for deploying Beckn-ONIX services stack that leverages the power of Amazon Web Services (AWS) **[Cloud Development Kit (CDK)](https://aws.amazon.com/cdk)** for infrastructure provisioning and **[Helm](https://helm.sh)** for deploying services within an Amazon Elastic Kubernetes Service (EKS) cluster.

Two mode of deployments, catering to different deployment scenarios.

#### Mode One: AWS CDK + Helm
This mode offers a comprehensive solution for users who prefer a one-click deployment approach to provisioning AWS infrastructure and deploying the Beckn-ONIX services, all in automated fashion.

* [AWS CDK One Click Deployment](documentations/01-Deployment-CDK-Beckn-ONIX.md)

#### Mode Two: Direct Helm Chart Invocation
An alternative deployment approach accommodates users with existing essential AWS infrastructure components like Amazon RDS Postgres and an Amazon EKS cluster. This mode enables the direct installation of the Sunbird RC 2.0 Helm chart without relying on AWS CDK scripts. Alternatively, you can combine both methods, utilizing CDK for provisioning specific services like the EKS cluster.

* [Helm Chart Deployment](documentations/02-Deployment-Helm-Beckn-ONIX.md)

### Beckn-ONIX reference architecture
#### Mendatory AWS services
Required AWS services to deploy and operate the Beckn-ONIX services:
* Amazon VPC
* Amazon RDS for PostgreSQL (registry and gateway)
* Amazon EKS
* Amazon ALB
* Amazon EBS and EFS volumes

#### Optional AWS services - Only for BAP and BPP
* Amazon DocumentDB with MongoDB compatibility
* Amazon Elasticache - Redis
* Amazon MQ - RabbitMQ

![Architecture](documentations/images/Beckn-ONIX-AWS-reference-arch-master.png)
59 changes: 59 additions & 0 deletions aws-cdk/beckn-cdk/.env
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
### AWS ENVIRONMENT SPECIFIC VARIABLES ###

# AWS account ID
ACCOUNT="####"

# AWS region to deploy services (default: "ap-south-1")
REGION="ap-south-1"

# AWS Availability Zone count (default: 2)
MAX_AZS=2

# VPC CIDR block (default: "10.20.0.0/16")
CIDR="10.20.0.0/16"

# Database user name (default: "postgres")
RDS_USER="postgres"

# EKS cluster name (default: "eksCluster-beckn-onix")
EKS_CLUSTER_NAME="eksCluster-beckn-onix"

# EC2 nodes count (default: 5 nodes)
EC2_NODES_COUNT="5"

# EC2 instance type (default: "t3.large")
EC2_INSTANCE_TYPE="t3.large"

# IAM role ARN for Amazon EKS master role
# (to be associated with the system:masters RBAC group for super-user access)
ROLE_ARN="arn:aws:iam::####:role/Admin"


#### BECKN-ONIX SPECIFIC MANDATORY VARIABLES ####

# COMMON BECKN-ONIX Helm repository URL
BECKN_ONIX_HELM_REPOSITORY="https://mozammil89.github.io/beckn-onix-aws-cdk"

# COMMON REGISTRY URL FOR GATEWAY, BAP AND BPP
# E.g. registry-cdk.beckn-onix-aws-cdk.becknprotocol.io
REGISTRY_URL="####" # it should be same as REGISTRY_EXTERNAL_DOMAIN

# COMMON SSL certificate ARN for REGISTRY, GATEWAY, BAP AND BPP
# AWS Certificate Manager - https://aws.amazon.com/certificate-manager/
CERT_ARN="####" # Pls check user guide for SSL public certificate creation steps through AWS Certificate Manager

# REGISTRY
REGISTRY_EXTERNAL_DOMAIN="####" # E.g. registry-cdk.beckn-onix-aws-cdk.becknprotocol.io

# GATEWAY
GATEWAY_EXTERNAL_DOMAIN="####" # E.g. gateway-cdk.beckn-onix-aws-cdk.becknprotocol.io

# BAP (Buyer Application Provider) Configuration
BAP_EXTERNAL_DOMAIN="####" # E.g. bap-cdk.beckn-onix-aws-cdk.becknprotocol.io
BAP_PRIVATE_KEY="####" # Pls check user guide for key generation
BAP_PUBLIC_KEY="####" # Pls check user guide for key generation

# BPP (Buyer Platform Provider) Configuration
BPP_EXTERNAL_DOMAIN="####" # E.g. bpp-cdk.beckn-onix-aws-cdk.becknprotocol.io
BPP_PRIVATE_KEY="####" # Pls check user guide for key generation
BPP_PUBLIC_KEY="####" # Pls check user guide for key generation
10 changes: 10 additions & 0 deletions aws-cdk/beckn-cdk/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
*.js
!jest.config.js
*.d.ts
node_modules

# CDK asset staging directory
.cdk.staging
cdk.out
.env
cdk.context.json
6 changes: 6 additions & 0 deletions aws-cdk/beckn-cdk/.npmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
*.ts
!*.d.ts

# CDK asset staging directory
.cdk.staging
cdk.out
204 changes: 204 additions & 0 deletions aws-cdk/beckn-cdk/bin/beckn-cdk.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,204 @@
#!/usr/bin/env node
import * as cdk from 'aws-cdk-lib';
import { StackProps } from 'aws-cdk-lib';
import { ConfigProps, getConfig } from '../lib/config';

import { VpcStack } from '../lib/vpc-stack';
import { RdsStack } from '../lib/rds-stack';
import { EksStack } from '../lib/eks-stack';
import { RedisStack } from '../lib/redis-stack';
import { DocumentDbStack } from '../lib/documentdb-stack';
import { RabbitMqStack } from '../lib/rabbitmq-stack';

import { HelmRegistryStack } from '../lib/helm-registry';
import { HelmGatewayStack } from '../lib/helm-gateway';
import { HelmCommonServicesStack } from '../lib/helm-beckn-common-services';
import { HelmBapStack } from '../lib/helm-bap';
import { HelmBppStack } from '../lib/helm-bpp';


const config = getConfig();
const app = new cdk.App();

type AwsEnvStackProps = StackProps & {
config: ConfigProps;
};

// Retrieve AWS Account ID and Region from the environment
const accountId = config.ACCOUNT;
const region = config.REGION;

if (!accountId || !region) {
console.error("AWS_ACCOUNT_ID or AWS_REGION is missing from .env file");
process.exit(1);
}

// Common environment configuration for all stacks
const env = { account: accountId, region: region };

// Function to deploy registry environment
const deployRegistry = () => {
var envC = "registry";
const vpcStack = new VpcStack(app, 'RegistryVpcStack', { config: config, env });
const eksStack = new EksStack(app, 'RegistryEksStack', { config: config, vpc: vpcStack.vpc, env });
const rdsStack = new RdsStack(app, 'RegistryRdsStack', { config: config, vpc: vpcStack.vpc, envC: envC, env });

new HelmRegistryStack(app, 'HelmRegistryStack', {
config: config,
rdsHost: rdsStack.rdsHost,
rdsPassword: rdsStack.rdsPassword,
eksCluster: eksStack.cluster,
env,
});
};

// Function to deploy gateway environment
const deployGateway = () => {
var envC = "gateway";
const vpcStack = new VpcStack(app, 'GatewayVpcStack', { config: config, env });
const eksStack = new EksStack(app, 'GatewayEksStack', { config: config, vpc: vpcStack.vpc, env });
const rdsStack = new RdsStack(app, 'GatewayRdsStack', { config: config, vpc: vpcStack.vpc, envC: envC, env });

new HelmGatewayStack(app, 'HelmGatewayStack', {
config: config,
rdsHost: rdsStack.rdsHost,
rdsPassword: rdsStack.rdsPassword,
eksCluster: eksStack.cluster,
env,
});

};

// Function to deploy BAP environment
const deployBAP = () => {
const vpcStack = new VpcStack(app, 'BapVpcStack', { config: config, env });
const eksStack = new EksStack(app, 'BapEksStack', {config: config, vpc: vpcStack.vpc, env });

// bitnami - common services on eks - self hosted
new HelmCommonServicesStack(app, 'HelmBapCommonServicesStack', {
config: config,
eksCluster: eksStack.cluster,
service: 'bap',
env,
});

new HelmBapStack(app, 'HelmBapStack', {
config: config,
eksCluster: eksStack.cluster,
vpc: vpcStack.vpc,
eksSecGrp: eksStack.eksSecGrp,
isSandbox: false,
env,
});

};

// Function to deploy BPP environment
const deployBPP = () => {
const vpcStack = new VpcStack(app, 'BppVpcStack', {config: config, env });
const eksStack = new EksStack(app, 'BppEksStack', {config: config, vpc: vpcStack.vpc, env });

// if bitnami
new HelmCommonServicesStack(app, 'HelmBapCommonServicesStack', {
config: config,
eksCluster: eksStack.cluster,
service: 'bpp',
env,
});

new HelmBppStack(app, 'HelmBppStack', {
config: config,
eksCluster: eksStack.cluster,
vpc: vpcStack.vpc,
eksSecGrp: eksStack.eksSecGrp,
isSandbox: false,
env,
});
};

// Function to deploy sandbox environment (all stacks)
const deploySandbox = () => {
var envC = "sandbox";
const vpcStack = new VpcStack(app, 'VpcStack', {config: config, env });
const eksStack = new EksStack(app, 'EksStack', {config: config, vpc: vpcStack.vpc, env });
const rdsStack = new RdsStack(app, 'RdsStack', { config: config, vpc: vpcStack.vpc, envC: envC, env });

new HelmRegistryStack(app, 'HelmRegistryStack', {
config: config,
rdsHost: rdsStack.rdsHost,
rdsPassword: rdsStack.rdsPassword,
eksCluster: eksStack.cluster,
env,
});

new HelmGatewayStack(app, 'HelmGatewayStack', {
config: config,
rdsHost: rdsStack.rdsHost,
rdsPassword: rdsStack.rdsPassword,
eksCluster: eksStack.cluster,
env,
});

// default - bitnami
new HelmCommonServicesStack(app, 'BapHelmCommonServicesStack', {
config: config,
eksCluster: eksStack.cluster,
service: 'bap',
env,
});

new HelmCommonServicesStack(app, 'BppHelmCommonServicesStack', {
config: config,
eksCluster: eksStack.cluster,
service: 'bpp',
env,
});

new HelmBapStack(app, 'HelmBapStack', {
config: config,
eksCluster: eksStack.cluster,
vpc: vpcStack.vpc,
eksSecGrp: eksStack.eksSecGrp,
isSandbox: true,
env,
});

new HelmBppStack(app, 'HelmBppStack', {
config: config,
eksCluster: eksStack.cluster,
vpc: vpcStack.vpc,
eksSecGrp: eksStack.eksSecGrp,
isSandbox: true,
env,
});
};

// Retrieve the environment from CDK context
const environment = app.node.tryGetContext('env');

// Deploy based on the selected environment
switch (environment) {
case 'sandbox':
console.log('Deploying sandbox environment...');
deploySandbox();
break;
case 'registry':
console.log('Deploying registry environment...');
deployRegistry();
break;
case 'gateway':
console.log('Deploying gateway environment...');
deployGateway();
break;
case 'bap':
console.log('Deploying BAP environment...');
deployBAP();
break;
case 'bpp':
console.log('Deploying BPP environment...');
deployBPP();
break;
default:
console.error('Unknown environment specified.');
process.exit(1);
}
Loading