Terraform project for using Amazon Managed Streaming for Apache Kafka (Amazon MSK) from Amazon Elastic Kubernetes Service (Amazon EKS).
Assumes that you have eksctl, Terraform, AWS CLI v2, and Helm 3 installed.
- Deploy EKS cluster using eksctl;
- Deploy MSK cluster and associated resources using Terraform (see commands below);
- Create VPC Peering relationship between MSK and EKS VPCs;
- Update routing tables for both VPCs and associated subnets to route traffic to CIDR range of opposite VPC;
- Update default VPC security groups to allow traffic;
- Create IAM Roles for Service Accounts (IRSA) - allows access to MSK from EKS (see Helm README);
- Deploy Tomcat-based Kafka client container using Helm (see Helm README);
- Configure Kafka client container (see Kafka Client Configuration Notes);
aws kafka list-clusters
aws kafka list-clusters --query 'ClusterInfoList[*].ClusterArn'
aws kafka describe-cluster --cluster-arn <YOUR_ARN_HERE>
# assuming cluster 0 (first or single cluster)
aws kafka describe-cluster --cluster-arn \
$(aws kafka list-clusters --query 'ClusterInfoList[0].ClusterArn' --output text)Deploy AWS MSK resources. PLEASE NOTE - this code creates two MSK clusters - one with and one without IAM. You can choose to deploy both or remove Terraform code for either one to prevent its creation.
Original Terraform reference code based on this Terraform MSK Example.
cd ./tf-msk
terraform validate
terraform plan
terraform apply
The contents of this repository represent my viewpoints and not of my past or current employers, including Amazon Web Services (AWS). All third-party libraries, modules, plugins, and SDKs are the property of their respective owners.