AWS Marketplace LM
Kpow SE-LM is the Standard Edition of Kpow integrated with AWS License Manager for entitlement management.
Kpow SE-LM will check out a single Cluster Credit entitlement from the AWS License Manager for every Kafka cluster in use with Kpow.
Cluster Credit entitlements can be purchased via the AWS Marketplace. Kpow SE-LM can be used with EKS and Self-Managed Kubernetes clusters.
The Basics
Subscribe to Kpow SE-LM on the AWS Marketplace and follow the Marketplace launch instructions to download the Kpow SE-LM Helm charts and launch Kpow in Kubernetes.
Required IAM role
The Kpow Marketplace container for SE-LM must be run with the AWSLicenseManagerConsumptionPolicy IAM policy.
This policy allows the Kpow container to checkout license entitlements from the AWS License Manager.
Launch Target
Once you have subscribed to Kpow SE-LM on the AWS Marketplace click through to the 'Launch' page. You will be asked to choose a Launch Target.
Choose either AWS Managed Kubernetes (EKS) or Self-Managed Kubernetes (EKS Anywhere) to access the Kpow SE-LM helm chart and instructions.
Launch Kpow on EKS
These instructions are taken from the Launch page of the Kpow SE-LM product on AWS Marketplace.
Step 1: Create an AWS IAM role and Kubernetes service account
Use the following command to create an AWS IAM role and Kubernetes service account.
kubectl create namespace factorhouse
eksctl create iamserviceaccount \
--name kpow \
--namespace factorhouse \
--cluster <ENTER_YOUR_CLUSTER_NAME_HERE> \
--attach-policy-arn arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess \
--attach-policy-arn arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage \
--attach-policy-arn arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy \
--approve \
--override-existing-serviceaccounts
Step 2: Launch the software
Use the following commands to launch this software by installing a Helm chart on your Amazon EKS cluster. The Helm CLI version in your launch environment must be 3.7.1.
export HELM_EXPERIMENTAL_OCI=1
aws ecr get-login-password \
--region us-east-1 | helm registry login \
--username AWS \
--password-stdin 709825985650.dkr.ecr.us-east-1.amazonaws.com
mkdir awsmp-chart && cd awsmp-chart
helm pull oci://709825985650.dkr.ecr.us-east-1.amazonaws.com/operator-io/kpow-lm-chart --version 1.0.45
tar xf $(pwd)/* && find $(pwd) -maxdepth 1 -type f -delete
helm install kpow-1-0-45 \
--namespace factorhouse ./* \
--set serviceAccount.create=false \
--set serviceAccount.name=kpow
--set env.BOOTSTRAP=...
Configure the Kpow SE-LM container
Kpow is configured primarily with environment variables with yaml files, keystores, and truststores being provided for certain installations.
The AWS Marketplace SE-LM container provided in your subscription exposes the same configuration options as our standard Kpow Helm charts, you might find the README.md documentation of those charts useful in configuring Kpow SE-LM.
One simple approach is to specify environment variables as you install:
helm install kpow \
--namespace factorhouse ./* \
--set serviceAccount.create=false \
--set serviceAccount.name=kpow \
--set aws.licenseConfigSecretName=awsmp-license-token-secret \
--set env.BOOTSTRAP="pkc-abc1.us-east-12.aws.confluent.cloud:9092" \
--set env.SECURITY_PROTOCOL="SASL_SSL" \
--set env.SASL_MECHANISM="PLAIN" \
--set env.SASL_JAAS_CONFIG="org.apache.kafka.common.security.plain.PlainLoginModule required username=\"SOME_USERNAME\" password=\"SOME_PASSWORD";" \
--set env.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM="https"
Launch Kpow on EKS Anywhere
Running Kpow SE-LM on self-managed Kubernetes via EKS Anywhere requires generating an access token and associating it to an IAM account.
These actions, and the following instructions to launch the product, can be found on the Launch page of the Kpow SE-LM AWS Marketplace product.
Accessing the UI
On a successful deployment, Kpow starts a web-server with a UI running on port 3000.
There are many different options to configure network egress allowing access to the Kpow pod on port 3000, one simple option to validate a deployment is to follow the notes provided by the output of the Helm install command:
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace factorhouse -l "app.kubernetes.io/name=kpow,app.kubernetes.io/instance=kpow-1-0-29" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:3000 to use your application"
kubectl --namespace factorhouse port-forward $POD_NAME 3000:3000
This command temporarily port-forwards from localhost:3000 to your-pod:3000, meaning you can view the Kpow UI at http://localhost:3000 while that command runs.
Get help!
For assistance installing and configuring Kpow on the AWS Marketplace contact [email protected]