If you’re a developer, you’d typically want to deploy containerized applications to Kubernetes. But the question is, how? Why not give AWS EKS CLI a try?
In this tutorial, you’ll learn how to set up AWS EKS CLI to create a Kubernetes cluster, so you can focus on your code instead of managing infrastructure.
Read on and start creating your cluster today!
Table of Contents
This tutorial will be a hands-on demonstration. If you’d like to follow along, be sure you have a PC and an AWS account. If you don’t have an AWS account, a free tier account is available.
Creating an Admin User
Before creating a Kubernetes cluster, you’ll create an admin user. An admin user lets you log in to the AWS console to configure your cluster. Kick off this tutorial by creating a user with administrator permissions via the AWS Console.
1. Log into your AWS Console, and navigate to your IAM dashboard.
Click on Users (left panel) —> Add Users (top-right) shown below to initialize adding users.
2. Next, provide a username in the User name field, here K8-Admin is used, check the Access key – Programmatic access option, and click Next: Permissions.
You’re selecting the Access key – Programmatic access option as it’s programmatically accessible. As a result, can use an application to communicate directly to AWS on what actions to take.
3. Click the Attach existing policies directly option, check the AdministratorAccess policy, and click Next: Tags.
The AdministratorAccess policy gives the user (K8-Admin) full access to AWS, and more as follow:
- Allows the user to use CloudFormation
- Create EC2 instances and CloudWatch logs
- Configure elastic load balancers.
4. Click Next: Review to skip adding tags.
5. Finally, review the user details and click Create user to finalize creating the admin user.
Once the admin user creation is complete, you will get a Success message at the top of the screen, like the one below. Note the Access key ID and Secret access key as you will use these keys to log in later.
Launching an EC2 Instance
Now that you’ve created the K8-Admin, you can now create your first EC2 instance. You’ll use this instance as your master node, where you run your commands to create the cluster.
1. Navigate to your EC2 dashboard, click on EC2, then Launch Instances at the right-most part of the page. Doing so redirects your browser to a page where you can choose an Amazon Machine Image (AMI) (step two).
2. Next, click on Select beside (right-most) the Amazon Linux 2 AMI (HVM) from the list, as shown below.
Amazon Linux 2 AMI (HVM) provides Linux kernel 5.10 tuned for optimal performance of the latest generation of hardware. This AMI also has many features required by production-level Kubernetes clusters.
3. Keep the default (t2.micro) for the instance type and click Next: Configure Instance Details to configure the instance.
4. Enable the Auto-assign Public IP option and Next: Add Storage. This option ensures each of your containers can access the public IP of your Kubernetes master node and your EC2 instances.
5. Keep the default (Root) in the Add Storage page and click Next: Add tags. The Root volume is required to read and write data from within the instance.
6. Skip adding tags and click on Next: Configure Security Group.
7. Keep the defaults on the security group, like shown below, and click on Review and Launch.
8. Review the instance launch details and click Launch to launch the instance. A pop-up will appear where you can choose to select an existing key pair or create a new one (step nine).
9. In the dialog pop-up, configure the key pair with the following:
- Select Create a new key pair in the dropdown box.
- Choose RSA as the Key pair type.
- Provide your preferred Key pair name. But for this tutorial, the key pair name is set to my-nvkp.
- Click on Download Key Pair, then Launch Instances.
Your instance may take a minute or two to launch completely. Once your instance is running, you’ll see it listed in your EC2 dashboard, as shown below.
Configuring the AWS CLI Tool
Now that your instance is running, it’s time to configure the command line (CLI) tools. Using the CLI tools in conjunction with your AWS account is essential in creating your Kubernetes cluster.
1. From your EC2 dashboard, check the box to select the instance, as shown below. Click on Connect to initialize connecting to the instance.
2. Next, click on the Connect button to connect to the instance you previously selected in step one.
Once you’ve connected to your EC2 instance, your browser redirects to the interactive terminal shown below as your temporary SSH session with your EC2 instance.
The interactive terminal lets you connect to the command line and run administrative commands to your new instance.
3. Run the
aws command below to check your CLI version.
As you can see from the output below, you are running version 1.18.147 on your Amazon Linux 2 instance, which is out of date. You need to download and install AWS CLI version 2+ to ensure you can access all of the Kubernetes features (step three).
4. Now, run the
curl command below to download the CLI tool v2+ and save it in a zip file named
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
5. Run the following commands to unzip the downloaded file and determine where the outdated AWS CLI is installed.
unzip awscliv2.zip which aws
As you can see from the output below, the outdated AWS CLI is installed at /usr/bin/aws. You need to update this path with the updated version.
6. Run the command below to perform the following and –update the AWS CLI’s install path on your instance:
- Install the updated AWS CLI tools on your Amazon Linux 2 instance (
- Set the directory (
--install-dir /usr/bin/aws-cli) where to install the CLI tools. Doing so lets you transfer the updated AWS CLI to other instances without reinstalling the CLI tools.
- Update (
--update) your current shell environment with the new path for AWS CLI tools if there’s one in your current environment.
sudo ./aws/install --bin-dir /usr/bin --install-dir /usr/bin/aws-cli --update
7. Rerun the
aws --version command below to check that the updated AWS CLI is installed correctly.
The AWS CLI version installed is 2.4.7, as shown below, which is the latest AWS CLI version is 2.4.7 at the time of writing.
8. Next, run the
aws configure command to configure your instance with the new AWS CLI tools.
Enter the appropriate values in the prompts as per below:
- AWS Access Key ID [None] – Enter the Access Key ID you noted in the previous “Creating Your Admin User” section.
- AWS Secret Access Key [None] – Enter the Secret Access Key you noted in the previous “Creating Your Admin User” section.
- Default region name [None] – Select a supported region, like us-east-1.
- Default output format [None] – Enter json, since JSON format is the preferred standard for use with Kubernetes.
Configuring Amazon EKS Command-Line Tool (eksctl)
Since your goal is to create a Kubernetes cluster with AWS EKS CLI, you’ll also configure Amazon EKS (eksctl) command-line tool. This tool lets you create and manage Kubernetes clusters on Amazon EKS.
2. Next, run the
curl command below to retrieve the latest
eksctl release from GitHub to your /tmp directory as a .tar.gz file, then extract the archive content into the /tmp directory.
Run the below commands to perform the following:
- Retrieve the latest
eksctlrelease from GitHub (
--location) as .tar.gz archive (
- Extract the archive’s content to the /tmp directory (
tar xz -C /tmp), while the
--silentflag suppresses the command’s progress output.
- Move (
sudo mv) the eksctl binary (
/tmp/eksctl) to the path where you installed the AWS CLI (
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp sudo mv /tmp/eksctl /usr/bin
3. Finally, run the command below to confirm you’ve successfully installed
The output below confirms that you’ve installed eksctl successfully.
If you’re new to
eksctl, you can run the command below to get a list of all of the supported
eksctl commands and their usage.
Provisioning your EKS Cluster
Now that you have configured eksctl, you can now provision your first EKS Cluster with
eksctl command below to create your first cluster and perform the following:
- Create a 3-node Kubernetes cluster named
devwith one node type as
t3.microand region as
- Define a minimum of one node (
--nodes-min 1) and a maximum of four-node (
--nodes-max 4) for this node group managed by EKS. The node group is named
- Create a node group with the name
standard-workersand select a machine type for the
eksctl create cluster --name dev --version 1.21 --region us-east-1 --nodegroup-name standard-workers --node-type t3.micro --nodes 3 --nodes-min 1 --nodes-max 4 --managed
As you can see below, an eksctl-dev-cluster CloudFormation stack is being created. This process might take 15 minutes or more to complete.
3. Now, navigate to your EKS dashboard, and you’ll see a cluster named dev provisioned. Click on the dev hyperlink to access dev’s EKS Cluster dashboard.
Below, you can see the dev’s EKS cluster details, like Node name, Instance type, Node Group, and Status.
4. Switch to your EC2 dashboard, and you’ll see four nodes are running, with three having the t3.micro role in your AWS account (three worker nodes and one master node).
5. Finally, run the command below to update your kubectl config (
update-kubeconfig) with your cluster endpoint, certificate, and credentials.
aws eks update-kubeconfig --name dev --region us-east-1
Deploying an Application on EKS Cluster
You’ve created your EKS cluster and confirmed it’s perfectly running. But right now, the EKS cluster is just sitting in the corner. For this demo, you’ll make use of the EKS cluster by deploying an NGINX application.
1. Run the
yum command below to
git while accepting all prompts automatically (
-y) during installation.
sudo yum install -y git
2. Next, run the
git clone command below to clone the configuration files from the GitHub repository to your current directory. You will use these files to create an NGINX deployment on your pods and create a load balancer (ELB).
git clone https://github.com/Adam-the-Automator/aws-eks-cli.git
3. Run the following commands to move into the
ata-elk directory, and create (
kubectl apply) a service for NGINX (
# Change directory to ata-elk cd ata-elk # Apply the configuration in ./nginx-svc.yaml to a pod kubectl apply -f ./nginx-svc.yaml
4. Next, run the
kubectl get service to check the status of your NGINX service.
kubectl get service
As you see below, the service type is a load balancer, and Kubernetes created a service (nginx-svc), which is your NGINX deployment. You can also see the external DNS hostname of the load balancer created by EKS under the EXTERNAL IP column.
Note down the external DNS hostname of the load balancer as you will need it later to test the load balancer.
5. Run the
kubectl command below to deploy the NGINX pods.
kubectl apply -f ./nginx-deployment.yaml
6. Run the following
kubectl get commands to check the status of your NGINX
deployment and your NGINX
kubectl get deployment kubectl get pod
As you can see in the output below, there are three pods of your deployment, and all are running.
7. Next, run the
kubectl get node command to check the status of your worker nodes.
kubectl get node
8. Now, run the
curl command below to test your load balancer. Replace
<LOAD_BALANCER_DNS_HOSTNAME> with the DNS name you previously noted (step five).
You will see the NGINX welcome page from the NGINX service created by EKS, as shown below. The below output confirms that your load balancer is working correctly and that you can access your NGINX pods.
9. Finally, for double-checking, copy and paste the DNS name of the load balancer into a new browser tab.
You will also get a welcome page from NGINX, which indicates your application is working.
Testing the Highly-available Kubernetes Control
Now that you have a cluster running, you’ll test if the Kubernetes control plane is highly available. Your application’s uptime depends on this feature. If the control plane does not work, your applications will be down and cannot serve users.
With the highly-available Kubernetes control feature, you increase the availability of your application. You’ll test this feature by stopping your EKS worker nodes and see if Kubernetes brings up new nodes to replace the failed ones.
1. In your EC2 dashboard, stop all of your EKS worker node instances, as shown below.
2. Next, run the following command to check the status of the worker node.
kubectl get node
You will get a mix of statuses, like Pending, Running, and Terminating. Why? Because as you try to stop all the worker nodes, Kubernetes detects the failure and quickly brings up another node.
3. Now run the
kubectl get pod command to test the highly-available Kubernetes control feature.
kubectl get pod
You can see in the output that there are three new pods (identified by age) in the Running state. These new pods indicate the highly-available Kubernetes control feature is working as intended.
4. Run the
kubectl get service command below to list all available services.
You can see below that Kubernetes has created a new service, and the DNS name of the load balancer is different now.
kubectl get service
kubectl get service
5. Finally, copy and paste the DNS name of the load balancer into your browser. You will get the welcome page from NGINX as you did in the last step of the “Deploying an Application on EKS Cluster” section.
Throughout this tutorial, you’ve learned how to create an EKS cluster, deploy an NGINX service from your container, and test the highly-available control plane functionality.
At this point, you should have a good understanding of how to create EKS clusters in your AWS environment.
What’s next for you? Perhaps learn how to deploy a NodeJS app using Docker and K8s on AWS?