Install GoodData.CN on AWS

The GoodData.CN Terraform repository provides Infrastructure as Code to deploy a complete GoodData.CN proof-of-concept environment on AWS. This automated deployment creates all the necessary AWS resources and configures a fully functional GoodData.CN instance in approximately 20 minutes.

This Terraform-based deployment handles everything for you:

• Creates AWS infrastructure (VPC, EKS, RDS, S3, networking)
• Deploys GoodData.CN with all required dependencies
• Configures TLS certificates and ingress
• Sets up monitoring and autoscaling
• Provides scripts for organization management

Prerequisites

Before starting, ensure you have:

• AWS account with appropriate permissions for creating VPC, EKS, RDS, and S3 resources
• Terraform installed
• AWS CLI installed and configured
• kubectl installed
• Helm installed
• Tinkey installed for encryption key generation
• Standard utilities: curl, openssl, and base64
• GoodData.CN license key (your GoodData contact can help you obtain this)
• Docker Hub account (free account sufficient) to avoid image pull rate limits

For example, here’s how to configure prerequisites on a fresh Debian/Ubuntu Linux installation:

# Install Homebrew if not already installed
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Install required tools
brew install terraform awscli kubectl helm

# Install Tinkey for encryption keys
brew install tink

Dev Container

If you prefer not to install all CLI tools locally, the repository includes a .devcontainer configuration. After installing the Dev Containers extension in VS Code, reopen the repository in a container to use the pre-installed toolchain.

AWS Architecture

The deployment creates a production-like architecture with:

• Multi-AZ VPC with public and private subnets
• EKS cluster with autoscaling node groups
• Application Load Balancer with TLS termination
• RDS PostgreSQL in private subnets with automated backups
• S3 buckets for caching and data storage with encryption
• ECR pull-through cache to reduce Docker Hub dependencies
• Security groups with minimal required access

Cost Considerations

This deployment creates real AWS resources that incur costs:

• EKS cluster: ~$73/month for control plane
• EC2 instances: Variable based on eks_node_types and usage
• RDS instance: Based on rds_instance_class selection
• Load Balancer: ~$18/month
• S3 storage: Based on data volume
• Data transfer: Based on usage patterns

Remember to destroy resources when not needed to avoid unnecessary charges.

Install

1. Clone the GoodData.CN Terraform repository:

   git clone https://github.com/gooddata/gooddata-cn-terraform.git
   cd gooddata-cn-terraform
   

2. Check the latest GoodData.CN version for your configuration.

3. Create a configuration file called settings.tfvars with your deployment parameters:

   aws_profile_name       = "my-profile"              # AWS profile from ~/.aws/config
   aws_region             = "us-east-2"               # AWS region for deployment
   deployment_name        = "gooddata-cn-poc"         # Resource prefix (lowercase, <20 chars)
   dockerhub_username     = "myusername"              # Docker Hub username
   dockerhub_access_token = "myaccesstoken"           # Docker Hub access token
   helm_gdcn_version      = "3.42.0"                  # Latest GoodData.CN version
   gdcn_license_key       = "base64-encoded-key=="    # Your GoodData.CN license key
   letsencrypt_email      = "admin@example.com"       # Email for TLS certificates
   

   Docker Hub Access Token

   Create this in Docker Hub Settings > Personal Access Tokens. This prevents rate limiting during image pulls.

4. Navigate to the AWS deployment directory:

   cd aws
   

5. Authenticate with AWS:

   aws sso login  # or aws configure if using access keys
   

6. Initialize Terraform:

   terraform init
   

7. Review the deployment plan:

   terraform plan -var-file=settings.tfvars
   

   This shows all AWS resources that will be created, including:

   • VPC with public/private subnets across two availability zones
   • EKS cluster with autoscaling worker nodes
   • RDS PostgreSQL instance for GoodData metadata
   • S3 buckets for cache, data sources, and exports
   • Load balancer and networking components

8. Deploy the infrastructure:

   terraform apply -var-file=settings.tfvars
   

   **Initial deployment takes approximately 20 minutes.** AWS will create all resources and install GoodData.CN with its dependencies.

9. Configure kubectl to access the EKS cluster:

   aws eks update-kubeconfig \
       --name   "$(terraform output -raw eks_cluster_name)" \
       --region "$(terraform output -raw aws_region)" \
       --profile "$(terraform output -raw aws_profile_name)"
   

10. Create your first GoodData.CN organization:

    ../create-org.sh
    

    This script will prompt you for:

    • Organization ID: Unique identifier (default: test)
    • Organization Name: Display name (default: Test, Inc.)
    • Organization Hostname: From terraform output gdcn_org_hostname
    • Admin Username: Admin user for the organization (default: admin)
    • Admin Password: Password for the admin user

11. Access your GoodData.CN instance:

    Open the URL shown in the terraform output gdcn_org_hostname and log in with the credentials you provided during organization setup.

    You can now move onto Getting Started and start testing your AWS-hosted instance of GoodData.CN.

Daily Operations

And to manage your organization:

Upgrade

To upgrade your AWS deployment to a newer GoodData.CN version:

1. Check for any updates to the Terraform repository:

   git pull origin main
   

2. Review the release notes for the latest version and any breaking changes.

3. Update helm_gdcn_version in your settings.tfvars file:

   helm_gdcn_version = "3.42.0"  # New version
   

4. Optionally, preview the plan before applying:

   terraform plan -var-file=settings.tfvars
   

5. Apply the upgrade:

   terraform apply -var-file=settings.tfvars
   

Configuration Options

The deployment supports various customization options through variables:

Infrastructure Sizing

# EKS Configuration
eks_version     = "1.33"                          # Kubernetes version
eks_node_types  = ["m6i.large", "m6i.xlarge"]     # Instance types for workers
eks_max_nodes   = 5                               # Maximum worker nodes

# RDS Configuration  
rds_instance_class = "db.t4g.medium"              # Database instance size

# Additional AWS Tags
additional_tags = {
  Environment = "poc"
  Team        = "analytics"
}

DNS and Networking

# Custom DNS provider (default: sslip.io)
wildcard_dns_provider = "nip.io"

# Custom AWS region
aws_region = "eu-west-1"

Teardown

To completely remove all AWS resources and avoid ongoing costs:

1. Delete all GoodData.CN organizations first:

   kubectl delete org --all -n gooddata-cn
   

2. Destroy all Terraform-managed resources:

   terraform destroy -var-file=settings.tfvars
   

   Beware of Data Loss!

   This will permanently delete all data and resources. Ensure you have backed up any important data before proceeding.

Troubleshooting

Terraform Errors

State Lock Issues:

# If terraform state is locked
terraform force-unlock <lock-id>

Resource Conflicts:

• Ensure deployment names are unique within your AWS account
• Check AWS service limits for your region
• Verify IAM permissions for all required services

Kubernetes Issues

Pod Failures:

# Check pod status
kubectl get pods -n gooddata-cn

# View pod logs
kubectl logs -n gooddata-cn <pod-name>

# Describe pod for events
kubectl describe pod -n gooddata-cn <pod-name>

Image Pull Errors:

• Verify Docker Hub credentials in settings.tfvars
• Check ECR pull-through cache configuration

AWS Resource Issues

EKS Access Denied:

• Ensure AWS CLI is configured correctly
• Verify the AWS profile has necessary EKS permissions
• Update kubeconfig as shown in step 9 of installation