Overview
This blog post kicks off a three-part series exploring Amazon Elastic Kubernetes Service (EKS) and how builders like ourselves can deploy workloads and harness the power of Kubernetes.
Throughout this series, we'll delve into the fundamentals of Amazon EKS. We'll walk through the process of cluster provisioning, workload deployment, and monitoring. We'll leverage various solutions along the way, including Karpenter
and Grafana
.
As mentioned, this series aims to empower fellow builders to explore the exciting world of containerization.
Kubernetes And It's Components
Before we dive into provisioning our first cluster, let's take a quick look at Kubernetes and its components.
Control Plane Components
-
kube-apiserver
- the central API endpoint for Kubernetes, handling requests for cluster management. -
etcd
- a consistent and highly-available key value store used as Kubernetes' backing store for all cluster data. -
kube-scheduler
- the automated scheduler responsible for assigning pods to available nodes in the cluster. -
kube-controller-manager
- component that runs controller processes (e.g. Node controller, Job controller, etc.) -
cloud-controller-manager
- component that embeds cloud-specific control logic.
Node Components
-
kubelet
- an agent that runs on each node in the cluster that makes sure that containers are running in a Pod. -
kube-proxy
- is a network proxy that runs on each node in the cluster, implementing part of the Kubernetes service concept. -
Container runtime
- is responsible for managing the execution and lifecycle of containers within Kubernetes.
That's a quick recap of Kubernetes components. We will talk more about the different things that make up Kubernetes, like pods and services, later on in this series.
Worth noting โ this month marks a significant milestone! June 2024 marks the 10th anniversary of Kubernetes๐ฅณ๐. Over the past decade, it has established itself as the go-to platform for container orchestration. This widespread adoption is evident in its integration with major cloud providers like AWS.
Amazon Elastic Kubernetes Service (EKS)
Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service to run Kubernetes in the AWS cloud and on-premises data centers. In the cloud, Amazon EKS automatically manages the availability and scalability of the Kubernetes control plane nodes responsible for scheduling containers, managing application availability, storing cluster data, and other key tasks. Read more: https://aws.amazon.com/eks/
There are several ways to provision an EKS cluster in AWS:
- AWS Management Console - provides a user-friendly interface for creating and managing clusters.
-
Using
eksctl
- a simple command-line tool for creating and managing clusters on EKS. -
Infrastructure as Code (IaC) tools - tools like
CloudFormation
,Terraform
andOpenTofu
.
In this series will use OpenTofu
to provision an EKS cluster along with all the necessary resources to create a platform ready for workload deployment. So if you already know Terraform
, learning OpenTofu
will be easy as it is an open-source, community-driven fork of Terraform
managed by the Linux Foundation. It offers similar functionalities while being actively developed and maintained by the open-source community.
Let's Get Our Hands Dirty!
Our first goal is to setup a cluster. For this activity, we will be using this repository:
romarcablao / back2basics-working-with-amazon-eks
Back2Basics: Working With Amazon Elastic Kubernetes Service (EKS)
Back2Basics: Working With Amazon Elastic Kubernetes Service (EKS)
Read the series here: Back2Basics: Amazon EKS
Installation
Depending on your OS, select the installation method here: https://opentofu.org/docs/intro/install/
Provision the infrastructure
- Make necessary adjustment on the variables.
- Run
tofu init
to initialize the modules and other necessary resources. - Run
tofu plan
to check what will be created/deleted. - Run
tofu apply
to apply the changes. Typeyes
when asked to proceed.
Fetch kubeconfig
to access the cluster
aws eks update-kubeconfig --region $REGION --name $CLUSTER_NAME
Check what's inside the cluster
# List all pods in all namespaces
kubectl get pods -A
# List all deployments in kube-system
kubectl get deployment -n kube-system
# List all daemonsets in kube-system
kubectl get daemonset -n kube-system
# List all nodes
kubectl get nodes
Let's try to deploy a simple app
# Create a deployment
kubectl create deployment my-app --image nginx
# Scale the replicas of my-app deployment
โฆPrerequisite
Make sure you have OpenTofu
installed. If not, head over to the OpenTofu Docs for a quick installation guide.
Steps
1. Clone the repository
First things first, let's grab a copy of the code:
git clone https://github.com/romarcablao/back2basics-working-with-amazon-eks.git
2. Configure terraform.tfvars
Modify the terraform.tfvars
depending on your need. As of now, it is set to use Kubernetes version 1.30 (the latest at the time of writing), but feel free to adjust this and the region based on your needs. Here's what you might want to change:
environment = "demo"
cluster_name = "awscb-cluster"
cluster_version = "1.30"
region = "ap-southeast-1"
vpc_cidr = "10.0.0.0/16"
3. Initialize and install plugins (tofu init)
Once you've made your customizations, run tofu init
to get everything set up and install any necessary plugins.
4. Preview the changes (tofu plan)
Before applying anything, let's see what OpenTofu is about to do with tofu plan
. This will give you a preview of the changes that will be made.
5. Apply the changes (tofu apply)
Run tofu apply
and when prompted, type yes
to confirm the changes.
Looks familiar? You're not wrong! OpenTofu
works very similarly as it shares a similar core setup with Terraform
. And if you ever need to tear down the resources, just run tofu destroy
.
Now, lets check the resources provisioned!
Once provisioning is done, we should be able to see a new cluster. But where can we find it? You can simply use the search box in AWS Management Console
.
Click the cluster and you should be able to see something like this:
Do note that we enable a couple of addons in the template hence we should be able to see these three core addons.
CoreDNS
- this enable service discovery within the cluster.
Amazon VPC CNI
- this enable pod networking within the cluster.
Amazon EKS Pod Identity Agent
- an agent used for EKS Pod Identity to grant AWS IAM permissions to pods through Kubernetes service accounts.
Accessing the Cluster
Now that we have the cluster up and running, the next step is to check resources and manage them using kubectl
.
By default, the cluster creator has full access to the cluster. First, we need to fetch thekubeconfig
file by running:
aws eks update-kubeconfig --region $REGION --name $CLUSTER_NAME
Now, let's list all pods in all namespaces
kubectl get pods -A
Here's a sample output from the command above:
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system aws-node-5kvd4 2/2 Running 0 2m49s
kube-system aws-node-n2dqb 2/2 Running 0 2m51s
kube-system coredns-5765b87748-l4mj5 1/1 Running 0 2m7s
kube-system coredns-5765b87748-tpfnx 1/1 Running 0 2m7s
kube-system eks-pod-identity-agent-f9hhb 1/1 Running 0 2m7s
kube-system eks-pod-identity-agent-rdbzs 1/1 Running 0 2m7s
kube-system kube-proxy-8khgq 1/1 Running 0 2m51s
kube-system kube-proxy-p94w7 1/1 Running 0 2m49s
Let's check a couple of objects and resources:
# List all deployments in kube-system
kubectl get deployment -n kube-system
# List all daemonsets in kube-system
kubectl get daemonset -n kube-system
# List all nodes
kubectl get nodes
How about deploying a simple workload?
# Create a deployment
kubectl create deployment my-app --image nginx
# Scale the replicas of my-app deployment
kubectl scale deployment/my-app --replicas 2
# Check the pods
kubectl get pods
# Delete the deployment
kubectl delete deployment my-app
What's Next?
Yay๐, we're able to provision an EKS cluster, check resources and objects using kubectl
and create a simple nginx deployment. Stay tuned for the next part in this series, where we'll dive into deployment, scaling and monitoring of workloads in Amazon EKS!
Top comments (0)