Zahraa Jawad

Posted on Nov 26, 2022

Kubernetes by AWS Management Console in step by step

#awscommunitybuilder #aws #cloudskills #beginners

Outline

 What is Kubernetes
 Kubernetes on AWS
 Why use Kubernetes
 How Kubernetes work
 Amazon EKS clusters
 Container orchestration
 Create EKS by AWS Management Console

 What is Kubernetes

Kubernetes is open-source software that allows you to deploy and manage containerized applications at scale. Kubernetes manages clusters of Amazon Elastic Compute Cloud (EC2) compute instances and runs containers on those instances with processes for deployment, maintenance, and scaling. Using Kubernetes, you can run any type of containerized applications using the same toolset on-premises and in the cloud.

AWS makes it easy to run Kubernetes in the cloud with scalable and highly available virtual machine infrastructure, community-backed service integrations, and Amazon Elastic Kubernetes Service (EKS), a certified conformant, managed Kubernetes service.

 Kubernetes on AWS

AWS makes it easy to run Kubernetes. You can choose to manage Kubernetes infrastructure yourself with Amazon EC2 or get an automatically provisioned, managed Kubernetes control plane with Amazon EKS. Either way, you get powerful, community-backed integrations to AWS services like Amazon Virtual Private Cloud (VPC), AWS Identity and Access Management (IAM), and service discovery as well as the security, scalability, and high- availability of AWS.

 Why use Kubernetes

• RUN APPLICATIONS AT SCALE
• SEAMLESSLY MOVE APPLICATIONS
• RUN ANYWHERE
• ADD NEW FUNCTIONALITY

 How Kubernetes work

Kubernetes works by managing a cluster of compute instances and scheduling containers to run on the cluster based on the available compute resources and the resource requirements of each container. Containers are run in logical groupings called pods and you can run and scale one or many containers together as a pod.
Kubernetes control plane software decides when and where to run your pods, manages traffic routing, and scales your pods based on utilization or other metrics that you define.
Kubernetes automatically starts pods on your cluster based on their resource requirements and automatically restarts pods if they or the instances they are running on fail. Each pod is given an IP
address and a single DNS name, which Kubernetes uses to connect your services with each other and external traffic.

 Amazon EKS clusters

An Amazon EKS cluster consists of two primary components:

• The Amazon EKS control plane
• Amazon EKS nodes that are registered with the control plane

The Amazon EKS control plane consists of control plane nodes that run the Kubernetes software, such as etcd and the Kubernetes API server. The control plane runs in an account managed by AWS, and the Kubernetes API is exposed via the Amazon EKS endpoint associated with your cluster. Each Amazon EKS cluster control plane is single-tenant and unique, and runs on its own set of Amazon EC2 instances.

Amazon EKS nodes run in your AWS account and connect to your cluster's control plane via the API server endpoint and a certificate file that is created for your cluster.

 Container orchestration

Container orchestration is the automation of much of the operational effort required to run containerized workloads and services. This includes a wide range of things software teams need to manage a container’s lifecycle, including provisioning, deployment, scaling (up and down), networking, load balancing and
more.

 Create EKS by AWS Management Console

Before create eks cluster, we need to do some basically requests like EKS cluster role.

To create the Amazon EKS cluster role in the IAM console:
• Open the IAM console
• Choose Roles, then Create role.

• Under Trusted entity type, select AWS service.
• From the Use cases for other AWS services dropdown list,
choose EKS.
• Choose EKS - Cluster for your use case, and then choose
Next.

• On the Add permissions tab, choose Next.

• For Role name, enter a unique name for your role, such as eksClusterRole.
• For Description, enter descriptive text such as Amazon EKS - Cluster role.

• Then choose Create role.

• The Role is successfully created.

And we can add another permissions to the role by :
• choose the role that we are created.

• Select Add permissions then Attach polices .

• Search for the polices we need and choose it by click the check box

• After add the polices click on Add polices.

• Notice that all policies have been successfully attached to our role.

In the next step to create the cluster:

Open the Amazon EKS console at https://console.aws.amazon.com/eks/home#/clusters . From services choose Containers then choose Elastic Kubernetes Service .

Choose Add cluster and then choose Create.

• Amazon EKS cluster is created in a VPC. Pod networking is provided by the Amazon VPC Container Network Interface (CNI) plugin.
So, the configuration of the networking :

• To enable private access for your Amazon EKS cluster's Kubernetes API server endpoint and limit, or completely disable, public access from the internet, you can choose the configure you need.

• Other eks cluster network setting, then click on Next.

• We can enable any logs to Send audit and diagnostic logs from the Amazon EKS control plane to CloudWatch Logs, then click on Next.

• Next page show the Review and create for all component and setting of the eks cluster and you can modify any setting by click on Edit.
• After all click on Create.

• The creation is in progress, and wait a few minutes to complete the creation.

• Notice that the cluster is Active, Now to configure the worker nodes :
• Click on Compute and choose Add node Group (which is the collection of nodes).

Step1-The configuration of node group:

Name: give any name for the group.
Role : select role for that will be used by the node, Or create a new role.

• To create the new role: Open the IAM console
• Choose Roles, then Create role.

• Under Trusted entity type, select AWS service.
• From the Use cases for other AWS services dropdown list, choose EC2,and then choose Next.

We need to choose the three permissions:

Then click on Next.

In the next step:
• chose name to the role , such as EKSWorkerNodeRole.
• Add a short explanation for this role.

• In the same page we can see the permissions we chose it, and the click on Create role.

• When the role is created back to the previous tap:

• Refresh the (Node IAM role ) and choose the role the we are created.

• In the same page, the next configurations:

The next step is to Set compute and scaling configuration:
• Choose the AMI type (Select the EKS-optimized Amazon Machine Image for nodes).
• Capacity type (On-Demand or Spot).
• Select the instant type (here select t3.micro to save cost)
• Select the size of the attached EBS volume for each node.

• Set the desired , Minimum and Maximum number of nodes that the group should launch with initially, scale in to or scale out to.
• Then click on Next.

• The next step is to select the subnet which is the network of the worker nodes.
(you can choose the default) , then click on Next.

Note, When enabling this option, managed node groups will create a security group on your behalf with port 22 inbound access. If launching your worker in a public subnet, it’s strongly recommended to restrict the source IP address ranges.

• If we select to configure the SSH access node we need to Select an SSH key pair to allow secure remote access to your nodes, or create a new SSH key pair.
• To create a new SSH key pair go to the corresponding page in the EC2 console.

• The key pair was created and download in your machine.

• Back to the previous tap and refresh the key pair space the choose the one we are created.
• Choose SG, then click on Next.

• Next page show the Review and create for all component and setting of the node group and you can modify any setting by click on Edit.
• After all click on Create.