Hi there, I am excited to share my second blog on deploying an app to AWS Kubernetes which is nothing but EKS. In this particular blog, I have taken this approach of manually creating EKS cluster using the AWS management console, just to learn how it works, which I feel is very important.
In my last blog, which was the very first blog I created, I talked about containerizing an application. If you haven't seen please go to this link:
https://leogether.blogspot.com/2020/08/containerizing-net-microservice.html?zx=5b6e13926dfa506
Before we can move on to hands-on I would like to highlight on pre-requisites and steps we are going to do, and also a bit of understanding of Kubernetes.
To know about Kubernetes, please see my blog here:
https://leogether.blogspot.com/2020/08/kubernetes-container-orchestration.html
Pre-requisites
To get started with EKS, I have listed down steps below in detail to give you an overview of what we will be doing:
- Provision an Amazon EKS Cluster - To do that we will do these steps:
- Create an IAM Role for EKS Cluster.
- Create VPC for EKS Cluster (using Cloud formation).
- Create an EKS Cluster.
- Connect to EKS. We will use kubectl tool to point to cluster so that we can access the Kubernetes Cluster. This is done by using the command update-kubeconfig, which creates/ or updates a config file.
- Deploy worker nodes - Worker node is nothing but ECS instances. To do that we will do these steps.
- Deploy application on the EKS cluster.
Provision an Amazon EKS Cluster
Create an IAM Role for EKS Cluster
First, let's create an IAM role to assign permissions to Kubernetes to control resources.
Log in to the AWS management console with a user account with EKS privileges. You should follow the principle of least privilege.
Go to IAM under AWS management console
Click on Roles, then Create Role button
Select EKS
And select EKS-Cluster
Click on next and you will see this role:
Click on Next till the last screen and create a role.
New role will be created as below:
Create VPC for EKS Cluster
Now we will use a cloud formation template to create a cluster VPC with public and private subnets. There is already a template provided by AWS for creating VPC for EKS that we will be using. The template URL is:
This template will create:
- VPC and its necessary network resources
- 2 public subnet, 2 private subnet
- Security Group
Go to Cloud formation under management console,
Click Create Stack button and use the above YAML file as below:
Click on Next, give a stack name then go till last to create a stack.
You can go to the VPC in the management console to see the details of the resources created.
Under Cloud formation please make note of the output variables as we will be needing it later.
Creating EKS Cluster
Now go to the EKS under management console and once you land on the default page
Click on Next step, enter the name of the cluster, leave everything else as default and click on next
In the next screen Choose the VPC, Subnet and Security group that was part of the CloudFormation template.
Choose Public and Private endpoint option for Cluster endpoint access and Click next.
Leave the logging disabled for now as it is just a demo, click on next and then click on Review and Create.
The status field shows CREATING until the cluster provisioning completes.
Once the cluster is created, status is changed to Active.
Connect to EKS (using kubectl)
Next, as mentioned before, we will need to make kubectl tool to point to cluster so that we can access the Kubernetes cluster
We will run update-kubeconfig command as below and the Configuration file will be created or updated by default. This is used to manage the entire EKS cluster.
aws eks <your -region> update-kubeconfig --name <name of your cluster>
You can also verify if the config file is created under C:\users\<your user name>\kube
To verify if kubectl is able to talk to my cluster, test your configuration using command:
kubectl get svc
The above command shows that Kubernetes master is running without any issues.
To know the cluster information, type kubectl cluster-info
Optional - I am also listing here other useful commands that you like to run for your own understanding:
To check the status of EKS cluster:
aws eks describe-cluster --name <your cluster name> --query cluster.status --output text
To see the details of EKS Cluster:
aws eks describe-cluster --name <your cluster name>
To find out how many contexts you have running:
kubectl config get-contexts There can also be one or more context. Context is nothing but a cluster. The one with * will be the current context.
Or to know the current context (cluster) running:
kubectl config current-context
Namespace created for the cluster:
kubectl get ns
Deploy worker nodes
Now we need to create worker nodes which are actually EC2 instances.
If you run the command: kubectl get nodes, you will see no resources found.
This means Cluster is created, the master is up and running, but no nodes are created. Note that pods can only be created in nodes.
Create an IAM role for Worker nodes
First create IAM role for worker nodes as below (using the same steps as we did for creating IAM role for EKS cluster):
Create Worker Node and add them to the cluster
Go to the EKS console and choose the cluster that you created. Go to the Compute tab.
Click on Add Node Group
Configure the Node group as below, some of the sections will be pre-selected.
NodeInstanceRole is the IAM role for worker node we just created above.
Select all subnets that were created for VPC.
Allow remote access will allow you to remote SSH to the nodes
Go to Step 2, where you can define AMI, Instance type, and Disk size.
Step 3 defines scaling policies for worker nodes