Amazon EKS using AWS Management Console and AWS CLI

Amazon Elastic Kubernetes Service
This tutorial focuses on creating all of the required resources to get started with Amazon Elastic Kubernetes Service (Amazon EKS) using the AWS Management Console and the AWS CLI. 

 

Kubernetes is an open-source system that helps users automate containerised application’s deployment, management, and scaling. Amazon EKS (Amazon Elastic Kubernetes Service) is a managed service that users can use to run Kubernetes on Amazon Web Servers (AWS) without the need to install, maintain, and operate their own Kubernetes control panel or nodes. In this tutorial, we will learn the steps to create all of the required resources to get started with Amazon Elastic Kubernetes Service (Amazon EKS) using the AWS Management Console and the AWS command-line interface (CLI). 

 

Prerequisites 

Before creating the required resources, the users must install and configure the following resources and tools that they need to create and manage an Amazon EKS cluster. 

  • AWS Command-Line Interface: Install and configure a command-line tool for working with AWS services, including Amazon Elastic Kubernetes Service. This tutorial requires that the user use version 2.2.22 or later or 1.20.6 or later. After installing the AWS command-line interface, we recommend that the user also configure it.
  • kubectl: Install and configure the command-line tool for working with Kubernetes clusters. This tutorial requires that the user uses version 1.21 or later.
  • Required IAM permissions: The Identity Access Management (IAM) security principal that the user uses must have permissions to work with Amazon Elastic Kubernetes IAM roles and service-linked roles, AWS CloudFormation, and a Virtual Private Cloud (VPC) and related resources.

 

Step 1: Create the Amazon EKS Cluster 

To create the Amazon Elastic Kubernetes Service (EKS) Cluster, follow the below steps: 

1. First, create an Amazon VPC with private and public subnets that meet Amazon EKS requirements. Users need to replace example values with their own.

 

aws cloudformation create-stack \
  --region us-west-2 \
  --stack-name my-eks-vpc-stack \
  --template-url https://s3.us-west-2.amazonaws.com/amazon-eks/cloudformation/2020-10-29/amazon-eks-vpc-private-subnets.yaml

 

2. Next, create a Cluster Identity Access Management (IAM) role and attach the required Amazon EKS IAM managed policy to that role. Kubernetes Clusters managed by Amazon EKS make calls to other AWS services on users behalf to manage the resources they use with the services. For that:

a) First, copy the following contents to a file named cluster-role-trust-policy.json.

 

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "eks.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

 

b) Next, create the role. 

 

aws iam create-role \
  --role-name myAmazonEKSClusterRole \
  --assume-role-policy-document file://"cluster-role-trust-policy.json"

 

c) Finally, attach the Amazon EKS managed IAM policy to the created role. 

 

aws iam attach-role-policy \
  --policy-arn arn:aws:iam::aws:policy/AmazonEKSClusterPolicy \
  --role-name myAmazonEKSClusterRole

 

3. Then, open the Amazon EKS console using the below URL: 

 

https://console.aws.amazon.com/eks/home#/clusters

 

4. Make sure to select the region where the user wants to create their Kubernetes Cluster from the top-right corner drop-down. In this tutorial, we are going to select US West (Oregon) us-west-2

5. After the Region selection, click the Create cluster button. If the user doesn’t see this option, in the Create EKS cluster box, enter a name for the user’s Cluster, such as my-cluster, and click the Next step button.

6. On the Configure cluster page, enter a name for the user Cluster, such as my-cluster, and choose myAmazonEKSClusterRole for Cluster Service Role

7. After that, leave the remaining settings at their default values and click the Next button.

8. On the Specify networking page, select vpc-00x0000x000x0x000 | my-eks-vpc-stack-VPC from the VPC drop-down list. Leave the remaining settings at their default values and select the Next button.

9. After that, click the Next button on the Configure logging page.

10. Then, select the Create button on the Review and create page. The cluster status should change to Active before moving to the next step.

 

Step 2: Configure the System to Communicate with the Cluster 

To create a kubeconfig file for the Cluster and to enable Kubectl command-line interface to communicate with the Cluster, follow the below steps: 

 

1. First, create or update the kubeconfig file for the Cluster. If necessary, replace us-west-2 with the Region in which the user has created the Cluster. By default, the configuration file is created in ~/.kube, or the new Cluster’s configuration is added to an existing configuration file in ~/.kube.

 

aws eks update-kubeconfig \
  --region us-west-2 \
  --name my-cluster

 

2. After that, test the configuration by executing the following: 

 

kubectl get svc

 

Step 3: Create an IAM OpenID Connect (OIDC) provider

We need to create an Identity Access Management (IAM) OpenID Connect (OIDC) provider for the user’s Cluster so that the Kubernetes service accounts can access AWS resources. To do so, follow the below steps: 

1. First, select the Configuration tab.

2. In the Details section, copy the value for the OpenID Connect provider URL.

3. Then, open the IAM console using the below URL:

 

https://console.aws.amazon.com/iam/

 

4. Select Identity Providers in the navigation panel.

5. then, choose Add Provider.

6. For Provider Type, select OpenID Connect.

7. For Provider URL, paste the OIDC provider URL for the user’s Cluster from step two and then select the Get thumbprint option.

8. For Audience, enter sts.amazonaws.com and click the Add provider button.

 

Step 4: Create Nodes 

Users can create a cluster with one of the following node types. After the user’s Cluster is deployed, they can add other node types.

  •  Fargate – Linux: Select this type if the user wants to run Linux applications on AWS Fargate.
  • Managed nodes – Linux: Select this type if the user wants to run Amazon Linux applications on Amazon EC2 instances. 
  • Self-managed nodes- Windows: Select this type if the user wants to run Amazon Windows applications on Amazon EC2 instances. 
  • Bottlerocket nodes – Windows: Select this type if the user wants to run Amazon Windows applications on Amazon EC2 instances.

 

Note that a Kubernetes Cluster must contain at least one Linux node, even if all their workloads are Windows. To create Fargate or managed nodes, follow the steps mentioned in the “Create Linux Nodes on Amazon EKS Cluster” tutorial. 

 

Step 5: View Resources

To view the nodes and Kubernetes workloads, follow the below steps: 

1. Select Clusters from the left pane, and then select the Cluster name that we created from the list of Clusters, such as my-cluster.

2. On the Overview tab, users can see the list of Nodes that were deployed for the Cluster. Users can select the name of a node to see more about that node. 

3. On the Workloads tab of the Cluster, users can see a list of the workloads that are deployed by default to an Amazon EKS Cluster. Users can select the name of a workload to see more information about that workload. 

 

Conclusion 

This tutorial presents the steps to create all of the required resources to get started with Amazon Elastic Kubernetes Service (Amazon EKS) using the AWS Management Console and the AWS CLI. Hope this tutorial was helpful, and do reach out to us if you have any queries or suggestions.

Share this post

Share on facebook
Share on linkedin
Share on twitter
Share on whatsapp

Services to Explore

Stay up to date!

Stay up to date with the Web Hosting, Cloud and Server Management Industry News and Tutorials!

We will send you only the relevant emails, and we respect your privacy. Please review our privacy policy for more info.

Managed AWS Services

Focus on your business, and let us take care of your AWS Cloud Infrastructure!
From what you are reading, it seems you are interested in AWS Cloud and related technologies. If you have a moment to spare, please take a look at our Managed AWS Services, which might interest you even more!
Managed AWS Cloud

Value-Added Services

We have services that can help you run a successful business. With us, you don't have to worry about these areas because our experts will take care of it for you.

ServerHealers uses cookies.