Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Deployment of cSRX on AWS Cloud Using Elastic Kubernetes Services (EKS) for Orchestration

SUMMARY cSRX deployment on AWS can be achieved as plain docker container on EC2 instance using Amazon Elastic Kubernetes Service (Amazon EKS). The cluster management is done by Kubernetes, assisted by AWS and all Kubernetes commands work as is in case of EKS for container creation and management. This topic provides you details on how you can deploy cSRX on AWS cloud using Elastic Kubernetes Services (EKS) for Orchestration.

Deploy cSRX on AWS Cloud Using Elastic Kubernetes Services (EKS)

This topic provides you details to deploy the cSRX on AWS cloud.

  1. As a prerequisite, install AWS CLI, eksctl, and kubectl packages. For more information, see Getting started with Amazon EKS.
  2. Create cluster on EKS using the following CLI command:
  3. Monitor the cluster status using the eksctl commands listed below:
  4. Verify the cluster created. Cluster with instance type of t3.medium and 2 worker nodes is created.
  5. Start a cSRX pod on the EKS cluster using the following .yaml file. Use this yaml file as reference and run the kubectl command to deploy cSRX pod. Use the cSRX image available on AWS marketplace to spawn cSRX containers.
  6. Verify the deployment using the kubectl command below:

Sample File for cSRX Deployment

This topic provides you sample file for deploying cSRX in AWS cloud using AWS EKS orchestration.

Table 1: Sample File for cSRX Deployment
vim csrx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: csrx-byol
  labels:
    app: csrx-byol
spec:
  replicas: 2 
  selector:
    matchLabels:
      app: csrx-byol
  template:
    metadata:
      name: csrx-byol
      labels:
        app: csrx-byol
      annotations:
        k8s.v1.cni.cncf.io/networks: br-51@eth1, br-52@eth2
    spec:      
      serviceAccountName: csrxpod
      containers:
      - name: csrx-byol
        securityContext:
           privileged: true
        image: <csrx-image> ## replace image name with repo:tag
        ports:
          - containerPort: 80
        env:
        - name: CSRX_SIZE
          value: "large"
        - name: CSRX_HUGEPAGES
          value: "no"
        - name: CSRX_PACKET_DRIVER
          value: "interrupt"
        - name: CSRX_FORWARD_MODE
          value: "routing"
        - name: CSRX_AUTO_ASSIGN_IP
          value: "yes"
        - name: CSRX_MGMT_PORT_REORDER
          value: "yes"
        - name: CSRX_TCP_CKSUM_CALC
          value: "yes"
        - name: CSRX_JUNOS_CONFIG
          value: "/var/jail/csrx_config"
        - name: CSRX_LICENSE_FILE
          value: "/var/jail/.csrx_license"
        volumeMounts:
        - name: disk
          mountPath: "/dev"
        - name: config
          mountPath: "/var/jail"
      volumes:
      - name: disk
        hostPath:
          path: /dev
          type: Directory
      - name: config
        configMap:
          name: cm-byol
          items:
          - key: csrx_config
            path: csrx_config
          - key: csrx_license
            path: .csrx_license
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: csrx-byol
  name: csrx-byol
spec:
  selector:
      app: csrx-byol
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80