Skip to content

AWS Overview

Okera is a Kubernetes application that can be installed and run in AWS. This document describes the overall architecture of Okera when it runs in AWS, as well as links to prerequisites and installation guides.

AWS Architecture Overview

The most basic setup of Okera within AWS is shown in this diagram:

AWS Architecture Overview

The basic setup has the following properties:

  • Okera is deployed as a set of services on a Kubernetes cluster. This cluster is running inside your VPC, and can be provisioned using the Okera installer, or provided by you (e.g. leveraging EKS).
  • Okera instances are assigned their own subnet(s) and security group(s).
  • A shared RDBMS is provided by AWS RDS, where MySQL (or compatible, such as Aurora) is used, with the ability to replicate data to a slave in another availability zone (AZ). This is for resilience against AZ failures, so that a copy of the state data is accessible.
  • The shared RDBMS runs in the same subnet as Okera.
  • The instances Okera is running are assigned a special AWS IAM role, providing Okera access to Amazon S3 and (if required) KMS.
  • Other AWS services such as Amazon EMR can be configured to use Okera as a data access service.
  • Third-party vendor services may also be configured to access Okera, through some means of network connectivity, such as VPC Peering.
  • DNS, by means of AWS Route53, may be used to assign host names to your Okera services.

For more complex setups, there are advanced installation features:

  • When using Amazon Aurora, data should be replicated across multiple AWS regions to keep the Okera state related data safe and available.
  • For fail-over safety, it is also recommended to have Amazon S3 buckets replicated across the multiple regions.
  • Multiple subnets may be used to divide external facing services from internal ones. This also applies to security groups, which should be split between administrative and service-level access.

Note: Okera does not need any AWS keys or secrets to work and recommends using IAM.


Before proceeding with the installation of Okera, make sure the Prerequisites are all met.

In AWS, there are several installation options:

  1. Installation using CloudFormation - this explains how to leverage CloudFormation to create the necessary resources (such as EKS instances and Auto-Scaling Groups) and run the Okera installer on them automatically.
  2. Installation on EKS - this explains how to install Okera on top of an existing EKS cluster.