Image for post
Image for post

Building Kubernetes (EKS) with eksctl

Getting started with AWS Elastic Kubernetes Service using eksctl

Amazon EKS (Elastic Kubernetes Service) implementation of Kubernetes. Unlike other implementations, such as Google GKE (Google Kubernetes Engine), batteries are not necessarily included with EKS. Thus you cannot do create a complete cluster with one single command.

About The Hard Way

With EKS, you will also need to do the following:

  1. Create EKS Master Cluster IAM role and IAM Policy to allow EKS service to retrieve data from other AWS services
  2. Create EKS Master Cluster Security Group to allow cluster communication with worker nodes and worker nodes to communicate with Cluster API server.
  3. Create the EKS Master node (control plane) itself
  4. Create Security Group to allow nodes (EC2 instances) to communicate to Kubernetes API.
  5. Create worker node IAM role and Instance Profile
  6. Create worker node Security Group to allow worker nodes to communicate with each other, and allow kubelets and pods to receive communication from cluster control plane
  7. Create Security Group to allow pods to communicate to with cluster API server.
  8. Create worker node ASG (auto scale group) with worker nodes (EC2 instances) that will install Kubernetes worker node components (such as user-data cloud-init script)
  9. Create required Kubernetes configuration to allow worker nodes (EC2 instances) to join the cluster through IAM role authentication (authorization config map in kube-system namespace)
  10. Create Kubernetes configuration to allow users (IAM users) to manage the cluster (authorization config map in kube-system namespace)

Doing it the Easy Way

Wouldn’t it be nice if we could create a cluster with a single command, like we can do with Google GKE?

gcloud container clusters create \
--cluster-version 1.14.10-gke.36 \
--region us-west1 \
--machine-type n1-standard-2 \
--num-nodes 1 \
--min-nodes 1 \
--max-nodes 4 \
my-demo
eksctl create cluster \
--version 1.14 \
--region us-west-2 \
--node-type t3.medium \
--nodes 3 \
--nodes-min 1 \
--nodes-max 4 \
--name my-demo

Installing The Tools

For this small tutorial, we’ll need the following tools below. As a prerequisite, you’ll need to have AWS CLI tools installed, and configure AWS CLI with appropriate credentials to create things on AWS.

Installing eksctl

On macOS, if you have Homebrew installed, you simply run this:

brew tap weaveworks/tap 
brew install eksctl
choco install -y eksctl
TARBALL_NAME="eksctl_$(uname -s)_amd64.tar.gz"
HTTP_PATH="weaveworks/eksctl/releases/download/latest_release"
LOCATION="https://github.com/$HTTP_PATH/$TARBALL_NAME"
curl --silent --location $LOCATION | tar xz -C /tmpsudo mv /tmp/eksctl /usr/local/bin

Install Kubernetes CLI

We will need a client tool to interact and manage our cluster, which is the kubectl (koob-cuttle) tool.

brew install kubernetes-cli
choco install -y kubernetes-cli
sudo apt-get update && sudo apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg \
| sudo apt-key add -
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" \
| sudo tee -a /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubectl
cat <<KUBEREPO_EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
KUBEREPO_EOF
yum install -y kubectl

Creating the EKS Cluster

Now that the eksctl is installed, we can create a cluster. We can create the cluster in either of these methods with eksctl:

  1. using a script (domain specific language packaged in YAML)

Store Your Future Kubeconfig

When we create a Kubernetes cluster, we need to create a configuration, called kubeconfig, that stores the credentials to access our Kubernetes cluster.

mkdir -p ~/kubeconfigs

Creating EKS through pure-CLI Method

Run the command below to create the cluster; expect this to take around 20 minutes:

eksctl create cluster \
--version 1.14 \
--region us-west-2 \
--node-type t3.medium \
--nodes 3 \
--nodes-min 1 \
--nodes-max 4 \
--name my-demo-cluster \
--kubeconfig=$HOME/kubeconfigs/demo-cluster-config.yaml

Creating EKS through YAML Method

As an alternative, we can also use YAML, as sort of DSL (domain specific language) script for creating Kubernetes clusters with EKS.

mkdir -p $HOME/eksctl_scripts
touch -p $HOME/eksctl_scripts/demo_cluster.yaml
demo_cluster.yaml
eksctl create cluster \
-f $HOME/eksctl_scripts/demo_cluster.yaml \
--kubeconfig=$HOME/kubeconfigs/demo-cluster-config.yaml

Configure Kubernetes CLI

In above examples, we added an option to save a configuration to demo-cluster-config.yaml. To access our cluster, we can set this environment variable:

export KUBECONFIG=$HOME/kubeconfigs/demo-cluster-config.yaml

Testing the EKS Cluster

We can see everything running on our cluster with this command:

kubectl get all --all-namespaces
Image for post
Image for post
Output of kubectl get all

Deploying Applications

Now that we have an available cluster, let’s start deploying some applications. We should have the Kubernetes client tool, kubectl (koob-cuttle) tool, and KUBECONFIG set to use our kubeconfig file for our cluster.

Create Deploy Manifest

In Kubernetes, we deploy a pod, which is description how to run out service with one or more containers. In our case we’ll use an application called hello-kubernetes (from the docker image paulbouwer/hello-kubernetes:1.5).

hello-k8s-deploy.yaml

Deploy the Pods

To deploy our pods using the Deployment controller run this command:

kubectl apply -f hello-k8s-deploy.yaml
kubectl get pods
Image for post
Image for post
Output of kubectl get pods

Create Service Manifest

In order to access your application, you need to define a Service resource. This will create a single endpoint to access any one of the three pods we created.

Deploy the Service

We can deploy the service with the following command:

kubectl apply -f hello-k8s-svc.yaml
kubectl get svc
Image for post
Image for post
Output of kubectl get svc

Connecting to the Application

Copy the long DNS name ending with us-west-2.elb.amazonaws.com under the EXTERNAL-IP field for hello-kubernetes and paste it into your browser (prefixed by http://).

Image for post
Image for post

Cleaning Up

You can delete your application as well as de-provision the associated ELB resource with the following command: :

kubectl delete -f hello-k8s-deploy.yaml
kubectl delete -f hello-k8s-svc.yaml
eksctl delete cluster --name=my-demo

Resources

Here are some articles I came across in the journey to create this article.

The eksctl tool

Kubectl Install

Creating EKS Cluster without eksctl

Support Code

Conclusion

I hope this can help get you started with Kubernetes right away, so that you can begin building and deploying applications (such as kubectl manifests and helm charts) as well as experimenting and adding features of EKS, such as, to name a few:

Written by

Linux NinjaPants Automation Engineering Mutant — exploring DevOps, Kubernetes, CNI, IAC

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store