Deploying a Kubernetes Cluster with Amazon EKS

Harshal Kathar
5 min readMay 31, 2020

--

AWS EKS allows you to create your own Kubernetes clusters in the AWS cloud very quickly and easily.

First, let’s look at how to create the AWS EKS Kubernetes cluster.

Step 1: Creating an EKS role

first, we create an IAM role for EKS.

Open the IAM console, select ROLES on the left and then click the create role button at the top of the page.

Select “AWS services” as the trusted entity and “EKS” as the service type as shown below.

IAM CONSOLE

Choose EKS -Cluster and click on permission, automatically “AmazonEKSClusterPolicy” is there for the role.

Leave the selected policies as-is, and proceed to the Review page.

Enter a name for the role (e.g. eksmasterrole) and hit the Create role button at the bottom of the page to create the IAM role.

The IAM role is created.

IAMCONSOLE

2. Create a VPC to deploy the cluster

Go to “AWS CloudFormation” and click on “Create Stack” and give below URL as “Amazon S3 URL”.

https://amazon-eks.s3-us-west-2.amazonaws.com/cloudformation/2019-02-11/amazon-eks-vpc-sample.yaml

Give the stack name and after reviewing the CIDR, Subnet. Click on create a stack

VPC CLoudformation.

Output:

After the stack is completed, in the output session you got a Security GroupId, VpcId, SubnetId. This information is useful when creating an EKScluster.

3. Create AWS EKS Cluster

Go to the “AWS EKS” service and click “Create cluster”.

Give any name as the “Cluster name” and give the previously created Role name as the “Role name”. And In the Kubernetes version, we select the latest 1.16 version.

EKS MASTER

Select the VPC which we create using Cloudformation.

Now give the information obtained in step 2 to complete the VPC details as shown below and click “Create cluster”.

4. Configure kubectl for Amazon EKS

launch one EC2 machine, connect it with putty, and install kubectl, iam-authenticator, Aws Cli on this machine.

Install kubectl:

https://docs.aws.amazon.com/eks/latest/userguide/install-kubectl.html

Install aws-iam-authenticator : https://docs.aws.amazon.com/eks/latest/userguide/install-aws-iam-authenticator.html

Install AWS CLI:

https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html

Once you setup kubectl and AWS-CLI in your machine run below command to configure kubectl for AWS EKS.

aws eks --region <regionname> update-kubeconfig --name <cluster-name>

here in the image, you see the EKS cluster is configured with kubectl.

We can now test our configurations using the kubectl get svc command:

kubectl get svc

5. IAM Role creation for WorkerNode

Create an IAM role for Worker nodes, follow the below steps to create a role.

  1. First, we create an IAM role for EKS worker nodes.
  2. go to the IAM Console -> click on Roles.
  3. Choose EC2 from the list of Common use cases under Choose a use case, then choose Next: Permissions.

4. In the Filter policies box, choose below 3 policies

AmazonEKSWorkerNodePolicy

AmazonEKS_CNI_Policy

AmazonEC2ContainerRegistryReadOnly

5. Role name, enter a unique name for your role, such as Workernoderole, then choose to Create a role.

eksworkernoderole

6. Launching Kubernetes worker nodes

Step 1 :

Go to EKS Console ->Click on Compute -> Click on Add Node Group.

Configure Node Group

In this section, you must select the IAM role which we created in the previous step(workernoderole).

Step 2 :

Set compute configuration

In this section, you select the AMI type, instance size, disk size for your worker nodes.

See below image for your convenience

Step 3 :

Set scaling configuration.

In this section, you select the minimum and maximum size of your nodes.

E.X: Maximum size if you select the 2 nodes then 2 worker nodes are created.

See below image for your convenience

Step 4 :

Review and Create

In this section, review all your configurations.

means cross-check instance size, ami, node group size, and after reviewing all these details click on Create.

Output :

You must see a similar output when worker node is attached to the EKS master.

In the output, if getting error related to the VPC then follow the below steps.

  1. Go to the VPC Console.
  2. Select the EKS VPC.
  3. Click on Subnet->Select one subnet -> Click on action tab -> Select auto-assign IP setting

4. auto-assign IP setting

Click on auto-assign IPv4 and save it.

so basically we enabled the auto-assign public address for the subnet.

Do these 4 steps to all your eks vpc subnets.

Use kubectl to check on the status of your worker nodes:

kubectl get node

Congrats! Your Kubernetes cluster is created and set up.

Thank you, if you have any doubt reach out to me
LinkedIn : linkedin.com/in/harshal-kathar-b2a19b118

--

--

Harshal Kathar
Harshal Kathar

Written by Harshal Kathar

DevOps Consultant | CKA |AWS | GCP| Terraform Certified

No responses yet