Research and apply concepts and tools to create a Kubernetes cluster on AWS Elastic Kubernetes Service (EKS).
At the end of this set of instructions, you will have a running Amazon EKS cluster that you can deploy applications to.
First, introduce and motivate my chosen methods, and explain how they contributes to solving the research question/business problem in the above description.
Using the AWS CLI (from now on aws cli) is the command line tool for interacting with AWS services. We need to install it and configure it for SSO login or short-tem credentials usage when it comes to authentication workflows.
kubectl – Install this command line tool for working with Kubernetes clusters. There are versions for Linux, Windows and MacOS. eksctl – Install this command line tool for working with EKS clusters that automates many individual tasks. Is available in different operating systems also.
At the end you will have a first cluster created. We are ready now to create our first application and deploy it to EKS.
A step by step series will show you you how to get all the tools installed and IAM permissions setup for your environment. Before starting cluster creation, you must install and configure the following tools and IAM configurations that you need to create and manage an Amazon EKS cluster:
In this case, for simplicity purposes I created an admin user with PowerUserAccess permission set, so that user can do everything on AWS services except managing Users and Groups.
AWS AIM Identity Center - Establish an administrative user completely
AWS CLI - you must authenticate using IAM Identity Center with automatic token refresh or Authenticate with short-term credentials . I prefer the first one and the reason is to comply with SSO standards and authentication workflows via federation identity providers like Active Directory or Okta.
kubectl – A command line tool for working with Kubernetes clusters. For more information, see Installing or updating kubectl.
eksctl – A command line tool for working with EKS clusters that automates many individual tasks. For more information, see Installing or updating eksctl.
PROD-Ready For production-ready IAM permissions and cluster security please read below, after you finish this tutorial. Required IAM permissions – The IAM security principal that you're using must have permissions to work with Amazon EKS IAM roles, service linked roles, AWS CloudFormation, a VPC, and related resources. For more information, see Actions, resources, and condition keys for Amazon Elastic Container Service for Kubernetes and Using service-linked roles in the IAM User Guide. You must complete all steps in this guide as the same user.
To check the current user, run the following command:
aws sts get-caller-identity --profile PowerUserAccess-<YOUR ACCOUNT NUMBER>
Following are the steps I took to deploy my cluster on AWS Fargate, which is is a serverless compute engine that lets you deploy Kubernetes Pods without managing Amazon EC2 instances. For more information, see [Create your first cluster -eksctl] (https://docs.aws.amazon.com/eks/latest/userguide/getting-started-eksctl.html)
eksctl create cluster --name my-cluster --region region-code --fargate
# In my case the region was "us-east-1" and the cluster name is the same as shown above
Cluster creation takes several minutes. During creation you'll see several lines of output. The last line of output is similar to the following example line. EKS cluster "my-cluster" in "region-code" region is ready
After cluster creation is complete, view the AWS CloudFormation stack named eksctl-my-cluster-cluster in the AWS CloudFormation Console to see all of the resources that were created.
- View your cluster nodes, also called minions.
kubectl get nodes -o wide
- View your workloads running on your cluster nodes
kubectl get pods -A -o wide
After you've finished with the cluster and nodes that you created for this tutorial, you should clean up by deleting the cluster and nodes with the following command. If you want to do more with this cluster before you clean up, see Next steps.
eksctl delete cluster --name my-cluster --region region-code
As of 09/12/2023: eksctlk and kubectl are two great command line tools that provide you smooth integration and great performance when it comes to creating a Kubernetes cluster on AWS-EKS.
- Alexander Martinez Fajardo - Initial work - Alex00Pep
This project is licensed under the MIT License - see the LICENSE.md file for details
- Hat tip to anyone whose code was used
- Inspiration
- etc