Kubernets on AWS — EC2, EKS and VPCs your first cluster set up steps
This blog focuses on creating Pods in AWS using EKS Clusters and Linux terminals
And is a initial guide to spin up VMs and configure Kubernetes on AWS
Cautiously optimistic and Self-reliant methods to save our time as Advocates/Architects on the Cloud for initial commits and setups
Here is my live demo video and help guide for AWS EKS
Core concepts to be aware about are
To get started with Amazon EKS ,you need to create an Amazon EKS cluster and then launch worker nodes into your cluster. You can do this using the AWS Management Console, AWS CLI, or programmatically using AWS SDKs or Infrastructure as Code (IaC) tools like Terraform and CloudFormation. Once your cluster is up and running, you can use standard Kubernetes tools and APIs to deploy and manage your applications.
EC2 offers users persistent storage and elastic IP addresses while being fault-tolerant thanks to Amazon’s engineering of Availability Zones insulated from other availability zones. There are multiple ways to pay for EC2 instances such as On-Demand, Savings Plans, Reserved Instances, and Spot Instances based on each use-case and budget.
VPC service provides users with the option to assign IP addresses of their choosing from one or more subnets, giving them granular control over security by choosing which AWS resources are public facing or not. VPC allows users to connect to the internet, a user’s corporate data center, and other users’ VPCs. The security of AWS VPC is ensured through the use of security groups as a firewall to control traffic at the instance level, and network access control lists as a firewall to control traffic at the subnet level.
With IAM, you can create and manage AWS users and groups, set permissions for resources, control access to AWS services, and manage multiple users and their level of access to AWS resources from a single AWS account. IAM provides various features, such as multi-factor authentication, password policies, and permissions boundaries, to help you manage access securely.
Prerequisites for AWS EKS on your Linux PC or Server include
- AWS CLI
- AWS Free account for initial setup
These are steps followed by me on AWS Console for AWS EKS using Linux OS terminal
Install AWS CLI on your computer or server via CLI
Run the command
Refer here for more information
This is to find which distro of Linux is available on your system. And to check if aws cli will work with the Ubuntu/RedHat/Debian OS kernels
Next run the command
This will display the CPU type of your machine
The command uname -m prints the machine hardware name. On Linux, this field comes from the machine member of struct utsname, as populated by the uname(2) system call. The possible values for the “machine” field can vary depending on the architecture and sub-architectures of the system. On most Linux systems, the output of uname -m will be one of the following:
- x86_64: 64-bit Intel/AMD (most modern desktops and laptops)
- i686: 32-bit Intel/AMD (older desktops and laptops)
- aarch64: 64-bit ARM (most modern mobile devices)
- armv7l: 32-bit ARM (older mobile devices)
To check what machine hardware name is printed on your specific system, you can run the command uname -m in your terminal.
For more information go to “Installing or updating the latest version of the AWS CLI”
Finally run the snap package command
Snap install aws-cli –classic
To install aws-cli to your machine
To verify installation was successful
You should be able to see help docs in your terminal on success
Shift+q to come back to your commandline
And proceed with installing kubectl.
Installing kubectl via CLI
Go to the official doc.aws titled “Install and Set Up kubectl on Linux”
And under — other package management section. You will find instructions to install kubectl using snap packages
Run the command
snap install kubectl — classic
To check if kubectl installation was successful
You should be able to see help page of kubectl on your terminal
Next, move to installation of eksctl.
Installing eksctl via CLI
Refer to official documentation on aws.docs i.e “Installing or updating eksctl”
Click the link for git instructions in the page. You should be directed to “eksctl — The official CLI for Amazon EKS”
For Linux use Unix installation code snippets, be sure to use them line by line in your terminal.
Refer to my video instruction in case you are stuck.
To make sure it was properly installed
You should be able to see Help page for eksctl on your terminal
Make favourites on AWS Console and create UserGroup for permissions to CLI
Search and Favourite the following Services from AWS
- VPC — virtual private cloud
- EC2 — elastic compute cloud
- EKS — elastic kubernetes service
- IAM — identity and access management
Step 4 a:
Set up User Groups in AWS IAM
Click User groups under the Access Management menu on the left plane.
Then click on “Create group” button
Enter the group name in “User group name” textbox eks-admin
Scroll down and click “Create group”
Next lets set up access permissions to access the user group via CLI
Go into the eks-admin group which you have created
Under the permissions tab click drop-down — “Add permissions”
Select — Attach Policies
In the search bar that appears ; search and select “administratoraccess”
Click checkbox to select and then click Add permissions at the bottom of the Tab
Set up User in AWS IAM
On the left menu pane under Access Management click Users.
On the Users page click on the “Add users” button
Type in a username (For Ex. eks-[yourname])in the textbox.
In the Permissions options tab select
“Add user to group”
Select checkbox for “eks-admin” and click Next
Add tags to your user i.e Name:Value as appropriate (For Ex. project:aws-eks)
Finish up by clicking on Create User
Copy the “User arn” value and paste in notepad for future reference. — this is shown in the video
Set up AccesskeyID and Accesskey for your User
Click on “Security credentials” tab and scroll down to access keys section
Create access key
Select the CLI option
And follow the steps
Download .csv file and keep it for reference to set up your access to AWS Console from your pc or server via CLI
Set up region in AWS to operate and user credentials generated previously to link to your pc or server
Make the decision on region selection by going through the available region Service endpoints in this link
Choose a region closest to you for minimal costs
Make a note of the region you have decided on. — Refer the video
Configure your CLI to connect to AWS Console
Open your terminal on your PC or Server
Run the command
Enter the AWS Access key ID from the downloaded csv
Enter the Secret Access key from the downloaded csv
Enter the Default region name from the previous step
Leave the Default output format as it is and click Enter
To verify all the above setup is working
Check your HOME directory
It should have a folder name “.aws”
Check files for your configuration and credentials as well.
Refer the Video for more information on how
Create an EKS cluster with eksctl
We will be using YAML manifest to Infrastructure as Code (IaC) for initial basic set up
Sample file available in github here
Refer to the video for Line-by-Line instructions
The .yaml file will set up 3 nodes as m5.large instances on the pod or pods depending on Traffic needed or load balancing in your region.
Run the command
Eksctl create cluster -f cluster.yaml
The spin-up will take 30 mins or more
Check the AWS Console by clicking your favorites AWS EKS and see the cluster you created running on your region.
Run kubectl on your CLI to see how the cluster is functioning
On your PC or Server run the below command
kubectl config get-contexts
This should display the namespace(s) of your node(s)
To view the Pods running
Run the command
Kubectl get pods -A
This should display a list of all the pods running in the cluster
To view the nodes run the command
Kubectl get nodes
This should display the list of nodes
Note: name column indicates the IP in your Virtual Private Network for these nodes.
Version column should display the version of Kubernetes
So we are done with our AWS-EKS cluster creation within few minutes
Will be posting more cloud configuration contents in the coming blogs