How to Create AWS EKS Cluster

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service provided by Amazon Web Services (AWS). It simplifies the deployment, management, and scaling of containerized applications using Kubernetes.

Advantage of EKS

• EKS is fully managed, so AWS handles control plane maintenance, scaling, and updates, allowing you to focus on your applications.

• It offers high availability across multiple AWS Availability Zones, ensuring uptime and fault tolerance for your Kubernetes clusters.

• Security, It integrates with AWS IAM for authentication and authorization, and you can apply IAM policies for fine-grained access control.

• EKS seamlessly integrates with AWS services, simplifying application deployments and operations.

• EKS is user-friendly, compatible with standard Kubernetes tools, and simplifies Kubernetes cluster management.

Elastic Kubernetes Service(EKS) can be created in two ways,

1. Web Console
2. AWS CLI tool

I Web Console

Prerequisites

i) Ensure you have a default VPC. This will automatically createa size /20 default subnet in each availability zone. If you don't have one follow this instructions to create one.

• A default VPC will look like so:

ii) Create an IAM role that your cluster and the node group will assume. A role is a set of permissions to be assigned to an entity.

• Below are the steps you will follow after selecting create a new role
  • Click on the Create role button to start the wizard.
  • Choose AWS service as the trusted entity.

• Click on the EKS to see EKS use cases. (See the snapshot below)
• Choose EKS - Cluster. It will allow access to other AWS service resources that are required to operate clusters managed by EKS. Click Next.

• The needed policy, AmazonEKSClusterPolicy, will be selected. This policy provides Kubernetes the permissions it requires to manage resources on your behalf.
• Click Next, and ignore the Tags.
• Click Next, and name the role

iii) Create an IAM role for the worker nodes, this wil give permisssion to kubelet running on the worker node to make calls to other APIs on your behalf. The steps will be the same as above only that:

• In the Use case you will select EC2 instead of EKS case.

• In the attach policy you need to give choose the following
  • AmazonEKSWorkerNodePolicy
  • AmazonEC2ContainerRegistryReadOnly
  • AmazonEKS_CNI_Policy

iv) Create an SSH key Pair that we'll use to log into EC2 Instance, the public key is placed automatically on the EC2 instances, whereas you use the private key instead of a password to access your instances securely.

• To create, go to EC2 service → Networkk & Security → Key Pairs.
  • Click on Create key pair
  • name your key pair then chose a format. (.pem format is used by Mac/Linux users, and a .ppk format is used by Windows users.)

• private key file will be downloaded locally.

Create EKS Cluster

An EKS cluster consists of:
Control place which has nodes running the K8 software like the kubernetes API and the etcd which run in AWS-owned accounts.
Data plane is made up of worker nodes which run in customer accounts.

Create a Control Plane
Step 1
Under EKS Service→ Amazon EKS→ Clusters, click on create cluster.

• Give your cluster a name and choose kubernetes version, select the IAM role we created earlier Step 2 Chose the default VPC, subnets and security group in your account. Mark the cluser endpoints as public.

step 3
Accept the default set for the rest of the steps and create the cluster.

Create a Node Group

Node groups are worker nodes(VMs) used to run the pods that your cluster will be serving. We'll create a node group and attach it to the cluster.
step 1
Once the cluster that we created earlier is Active, click on the name for more details

step 2
Click on Compute under the new cluster the click on Add Node Group

Step 3
Give it a name then attache the IAM node role we created earlier.

Step 4
Under Node group and compute and Scaling Configuration, choose the OS,hardware config and worker node count.

step 5
Choose the subnets we created earlier while creating the cluster and also choose the SSH key pair we created earlier. Allow remote access from anywhere on the internet.

Clean Up

• Delete the Node Group. Explore how you'd do the deletion. If you need help, refer to the instructions here.
• Delete the cluster.
• Delete the custom IAM roles you have created in this exercise.

II AWS CLI Tool

• Creating EKS using the AWS CLI involves resources and is way ekctls CLI is used to to simplify cluster creation. eksctl uses services of AWS CloudFormation internally to create clusters on AWS.

  • AWS CloudFormation is an AWS service for creating, managing, and configuring ANY resource on the AWS cloud using a YAML/JSON script. In the script file, you can define the properties of the resource you want to create in the cloud.

In the case of a simple cluster, eksctl will not need to create a script but for a more complex one you will be needed to a minimal YAML script.

eksctl Installation

Linux

curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/latest_release/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin

Windows

# Install Chocolatey. Refer to the https://chocolatey.org/install  for detailed steps
Set-ExecutionPolicy AllSigned 
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
# Exit and re-run Powershell as an Admin
chocolatey install eksctl
# Verify
choco -?

Mac OS

# Check Homebrew 
brew --version
# If you do not have Homebrew installed - https://brew.sh/ 
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
# Install eksctl
brew tap weaveworks/tap
brew install weaveworks/tap/eksctl

If you face any error due to ownership permission, you can change the ownership of those directories to your user.

sudo chown -R $(whoami) /usr/local/<directory_name>

Create a basic cluster

• Once you have you have installed eksctl, create a basic cluster,

eksctl create cluster

The cluster will generate:

• An auto-generated name
• Two m5.large worker nodes. Recall that the worker nodes are the virtual machines, and the m5.large type defines that each VM will have 2 vCPUs, 8 GiB memory, and up to 10 Gbps network bandwidth.
• Use the Linux AMIs as the underlying machine image
• Your default region A dedicated VPC

You can specify it on one command:

eksctl create cluster --name myCluster --nodes=4

Create an advanced cluster

• you will need to write the configurations in a YAML file separately then run

eksctl create cluster --config-file=<path>

List the details

This is specific to a cluster

eksctl get cluster [--name=<name>][--region=<region>]

Delete Cluster

This will delete a cluster and all the resources associated to it

eksctl delete cluster --name=<name> [--region=<region>]