An OpenShift/Kubernetes Operator that manages AWS EC2 instances using Kubernetes Custom Resources. This allows you to provision and manage AWS infrastructure natively using standard YAML files.
Before deploying this operator, ensure you have the following:
- OpenShift / Kubernetes Cluster: Access to a running cluster.
- CLI Tools
ocorkubectlinstalled and logged in. - AWS Account An IAM User with
AmazonEC2FullAccesspermissions. You will need the **Access Key ID You will need the Secret Access Key - Network Access Your cluster nodes must be able to pull images from the internal registry:
docker.io(Note: If deploying to a cluster outside this network, push the image to a public registry like Docker Hub or Quay.io first).
Follow these steps to deploy the operator to any OpenShift cluster.
Get the manifests and configuration files to your local machine (or bastion host).
$ git clone https://github.com/bshaw7/k8s-ec2-operator
$ cd k8s-ec2-operator
Install the CRDs (Custom Resource Definitions) and the Operator Deployment using the pre-built image.
Run this command from the project root:
$ oc apply -f config/samples/ec2_v1alpha1_ec2instance.yaml
Note: If you do not have
makeinstalled on the cluster machine, you can generate a raw YAML installer file locally usingkustomize build config/default > install.yamland then runoc apply -f install.yaml.
The operator runs as a Pod in the k8s-ec2-operator-system namespace. It needs your AWS credentials to talk to the EC2 API.
We are using ap-south-1 (Mumbai) for this setup.
Run the following commands to create a Secret and inject it into the Deployment:
# 1. Create the Secret (Replace with your REAL keys)
oc create secret generic aws-creds \
-n k8s-ec2-operator-system \
--from-literal=AWS_ACCESS_KEY_ID=YOUR_ACCESS_KEY_HERE \
--from-literal=AWS_SECRET_ACCESS_KEY=YOUR_SECRET_KEY_HERE \
--from-literal=AWS_REGION=ap-south-1
# 2. Inject the Secret into the Deployment environment
oc set env deployment/k8s-ec2-operator-controller-manager \
-n k8s-ec2-operator-system \
--from=secret/aws-creds
Check that the operator is running successfully.
oc get pods -n k8s-ec2-operator-system
- **Status
Running**: Ready to use. - **Status
ImagePullBackOff**: The cluster nodes cannot reach the private registry URL. Check your network or image pull secrets.
Create a YAML file named ec2-instance.yaml with your specific AWS details (AMI and Subnet ID).
apiVersion: ec2.my.domain/v1alpha1
kind: EC2Instance
metadata:
name: my-demo-server
spec:
ami: ami-0001234567 # Change this to a valid AMI for your region
instanceType: "t3.micro" # instanfe type
subnetID: subnet-123456789 # Change this to your valid Subnet ID
# OPTIONAL FIELDS
tags:
Name: "my-demo-server"
Environment: "Production"
ManagedBy: "OpenShift Operator"
Apply it to the cluster:
oc apply -f ec2-instance.yaml
Check the status of the object. Once the Operator processes it, the STATUS column will show the new AWS Instance ID.
oc get ec2instance my-test-server
You can also describe the object to see events:
oc describe ec2instance my-test-server
To terminate the AWS server, simply delete the Kubernetes manifest. The operator includes a Finalizer, so it will automatically clean up (terminate) the EC2 instance in AWS before removing the Kubernetes object.
oc delete -f ec2-instance.yaml
$ oc delete -f config/samples/ec2_v1alpha1_ec2instance.yamlIf your instance is not being created, check the Operator logs:
oc logs -f deployment/k8s-ec2-operator-controller-manager -n k8s-ec2-operator-system