Deploying Zilla Plus via AWS AMI

Available in Zilla Plus

Overview

The Zilla Plus is an enterprise-ready, Kafka-native edge, and service proxy. It is a flexible, secure, and reliable way of creating stateless, multi-protocol API entry points into your Kafka cluster for both native and non-native Kafka clients.

This Guide will walk you through deploying Zilla Plus service using AWS AMI.

Subscribe via AWS Marketplace

To launch a Zilla Plus instance, a subscription to the Zilla Plus product on Amazon Marketplace is required.

• To get started, visit the AWS Marketplace Product Page
• Subscribe to the appropriate Zilla Plus edition:
  • Zilla Plus for Amazon MSK
  • Zilla Plus for Confluent Cloud
  • Zilla Plus for Redpanda
• You should see Zilla Plus listed in your AWS Marketplace subscriptions.

You can skip this step if you have already subscribed to Zilla Plus via AWS Marketplace.

Launch Zilla Plus Instance via AMI

Prerequisites

• A Subscription to the Zilla Plus product on Amazon Marketplace

Steps to launch a Zilla Plus instance

1. Sign in to the AWS Console

   • Navigate to the EC2 Dashboard in your preferred region.

2. Start a New Instance

   • Click Launch Instance and provide a name (e.g., zilla-plus-proxy).

3. Select the Zilla Plus AMI

   • Choose the subscribed Zilla Plus AMI from your list.

4. Choose an Instance Type

   • Select an instance type that fits your workload (e.g., t3.medium or larger).

5. Configure Networking

   • Create or select a VPC security group that allows access to the required ports for Zilla Plus.
   • Ensure the instance is launched in a subnet with Auto-assign public IP enabled.

6. Add User Data

   • Expand Advanced details > User data - optional
   • Paste custom cloud-init script to initialize the Zilla Plus service with zilla.yaml configuration.
   • You can also use base64-encoded input directly by selecting User data has already been base64 encoded option.

7. Launch the Instance

   • Click Launch Instance.

User Data

Services Init

runcmd:
  - systemctl enable amazon-ssm-agent
  - systemctl start amazon-ssm-agent
  - systemctl enable zilla-plus
  - systemctl start zilla-plus

Zilla Config Init

content: |
  name: public
  vaults:
    secure:
      type: aws-secrets
  bindings:
    tcp_server:
      type: tcp
      kind: server
      options:
        host: 0.0.0.0
        port: {{ EXTERNAL_PORT }}
      exit: tls_server
    tls_server:
      type: tls
      kind: server
      vault: secure
      options:
        keys:
        - {{ EXTERNAL_KEY }}
      routes:
      - exit: kafka_proxy
        when:
        - authority: "{{ EXTERNAL_AUTHORITY }}"
    kafka_proxy:
      type: kafka-proxy
      kind: proxy
      options:
        external:
          host: "{{ EXTERNAL_HOST }}"
          port: {{ EXTERNAL_PORT }}
        internal:
          host: "{{ INTERNAL_HOST }}"
          port: {{ INTERNAL_PORT }}
      exit: tls_client
    tls_client:
      type: tls
      kind: client
      vault: secure
      options:
        trustcacerts: true
      exit: tcp_client
    tcp_client:
      type: tcp
      kind: client
      options:
        host: "*"
        port: {{ INTERNAL_PORT }}
      routes:
      - when:
        - authority: "{{ INTERNAL_AUTHORITY }}"
  telemetry:
    exporters:
      logs:
        type: stdout

Complete User Data for reference

#cloud-config

write_files:
  - path: /etc/zilla/zilla.yaml
    #region config_init
    content: |
      name: public
      vaults:
        secure:
          type: aws-secrets
      bindings:
        tcp_server:
          type: tcp
          kind: server
          options:
            host: 0.0.0.0
            port: {{ EXTERNAL_PORT }}
          exit: tls_server
        tls_server:
          type: tls
          kind: server
          vault: secure
          options:
            keys:
            - {{ EXTERNAL_KEY }}
          routes:
          - exit: kafka_proxy
            when:
            - authority: "{{ EXTERNAL_AUTHORITY }}"
        kafka_proxy:
          type: kafka-proxy
          kind: proxy
          options:
            external:
              host: "{{ EXTERNAL_HOST }}"
              port: {{ EXTERNAL_PORT }}
            internal:
              host: "{{ INTERNAL_HOST }}"
              port: {{ INTERNAL_PORT }}
          exit: tls_client
        tls_client:
          type: tls
          kind: client
          vault: secure
          options:
            trustcacerts: true
          exit: tcp_client
        tcp_client:
          type: tcp
          kind: client
          options:
            host: "*"
            port: {{ INTERNAL_PORT }}
          routes:
          - when:
            - authority: "{{ INTERNAL_AUTHORITY }}"
      telemetry:
        exporters:
          logs:
            type: stdout
    #endregion config_init

#region services_init
runcmd:
  - systemctl enable amazon-ssm-agent
  - systemctl start amazon-ssm-agent
  - systemctl enable zilla-plus
  - systemctl start zilla-plus
#endregion services_init

Verify Zilla Plus Service

This checks that the services and networking were properly configured.

Navigate to the EC2 running instances dashboard.

Check your selected region

Make sure you have selected the desired region, ex: US East (N. Virginia) us-east-1.

Select the Zilla Plus instance launched to show the details.

Find the Public IPv4 Address and then SSH into the instance.

ssh -i ~/.ssh/<key-pair.cer> ec2-user@<instance-public-ip-address>

After logging in via SSH, check the status of the zilla-plus system service.

Service is running

Verify that the zilla-plus service is active and logging output similar to that shown below.

systemctl status zilla-plus.service

zilla-plus.service - Zilla Plus
   Loaded: loaded (/etc/systemd/system/zilla-plus.service; enabled; vendor preset: disabled)
   Active: active (running) since...

Check Zilla Logs

You can get an stdout dump of the zilla-plus.service using journalctl.

journalctl -e -u zilla-plus.service | tee -a /tmp/zilla.log

systemd[1]: Started zilla-plus.service - Zilla Plus.
...

Check Cloud Init Logs

All output from cloud-init is captured by default to /var/log/cloud-init-output.log. There shouldn't be any errors in this log.

cat /var/log/cloud-init-output.log

Cloud-init v. 22.2.2 running 'init'...

Conclusion

You have successfully deployed the Zilla Plus using AWS AMI.

Tips

Check out the Troubleshooting guide if you run into any issues.