Back2Basics: Setting Up an Amazon EKS Cluster

Romar Cablao - Jun 12 - - Dev Community

Overview

This blog post kicks off a three-part series exploring Amazon Elastic Kubernetes Service (EKS) and how builders like ourselves can deploy workloads and harness the power of Kubernetes.

Back2Basics: A Series

Throughout this series, we'll delve into the fundamentals of Amazon EKS. We'll walk through the process of cluster provisioning, workload deployment, and monitoring. We'll leverage various solutions along the way, including Karpenter and Grafana.

As mentioned, this series aims to empower fellow builders to explore the exciting world of containerization.

Kubernetes And It's Components

Before we dive into provisioning our first cluster, let's take a quick look at Kubernetes and its components.

Control Plane Components

  • kube-apiserver - the central API endpoint for Kubernetes, handling requests for cluster management.
  • etcd - a consistent and highly-available key value store used as Kubernetes' backing store for all cluster data.
  • kube-scheduler - the automated scheduler responsible for assigning pods to available nodes in the cluster.
  • kube-controller-manager - component that runs controller processes (e.g. Node controller, Job controller, etc.)
  • cloud-controller-manager - component that embeds cloud-specific control logic.

Node Components

  • kubelet - an agent that runs on each node in the cluster that makes sure that containers are running in a Pod.
  • kube-proxy - is a network proxy that runs on each node in the cluster, implementing part of the Kubernetes service concept.
  • Container runtime - is responsible for managing the execution and lifecycle of containers within Kubernetes.

That's a quick recap of Kubernetes components. We will talk more about the different things that make up Kubernetes, like pods and services, later on in this series.

Worth noting – this month marks a significant milestone! June 2024 marks the 10th anniversary of Kubernetes🥳🎂. Over the past decade, it has established itself as the go-to platform for container orchestration. This widespread adoption is evident in its integration with major cloud providers like AWS.

Amazon Elastic Kubernetes Service (EKS)

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service to run Kubernetes in the AWS cloud and on-premises data centers. In the cloud, Amazon EKS automatically manages the availability and scalability of the Kubernetes control plane nodes responsible for scheduling containers, managing application availability, storing cluster data, and other key tasks. Read more: https://aws.amazon.com/eks/

There are several ways to provision an EKS cluster in AWS:

  1. AWS Management Console - provides a user-friendly interface for creating and managing clusters.
  2. Using eksctl - a simple command-line tool for creating and managing clusters on EKS.
  3. Infrastructure as Code (IaC) tools - tools like CloudFormation, Terraform and OpenTofu.

In this series will use OpenTofu to provision an EKS cluster along with all the necessary resources to create a platform ready for workload deployment. So if you already know Terraform, learning OpenTofu will be easy as it is an open-source, community-driven fork of Terraform managed by the Linux Foundation. It offers similar functionalities while being actively developed and maintained by the open-source community.

Let's Get Our Hands Dirty!

Our first goal is to setup a cluster. For this activity, we will be using this repository:

GitHub logo romarcablao / back2basics-working-with-amazon-eks

Back2Basics: Working With Amazon Elastic Kubernetes Service (EKS)

Back2Basics: Working With Amazon Elastic Kubernetes Service (EKS)

Back2Basics: Working With Amazon EKS

Read the series here: Back2Basics: Amazon EKS

Installation

Depending on your OS, select the installation method here: https://opentofu.org/docs/intro/install/

Provision the infrastructure

  1. Make necessary adjustment on the variables.
  2. Run tofu init to initialize the modules and other necessary resources.
  3. Run tofu plan to check what will be created/deleted.
  4. Run tofu apply to apply the changes. Type yes when asked to proceed.

Fetch kubeconfig to access the cluster

aws eks update-kubeconfig --region $REGION --name $CLUSTER_NAME
Enter fullscreen mode Exit fullscreen mode

Check what's inside the cluster

# List all pods in all namespaces
kubectl get pods -A

# List all deployments in kube-system
kubectl get deployment -n kube-system

# List all daemonsets in kube-system
kubectl get daemonset -n kube-system

# List all nodes
kubectl get nodes
Enter fullscreen mode Exit fullscreen mode

Let's try to deploy a simple app

# Create a deployment
kubectl create deployment my-app --image nginx
# Scale the replicas of my-app deployment
Enter fullscreen mode Exit fullscreen mode

Prerequisite
Make sure you have OpenTofu installed. If not, head over to the OpenTofu Docs for a quick installation guide.

Steps
1. Clone the repository
First things first, let's grab a copy of the code:



git clone https://github.com/romarcablao/back2basics-working-with-amazon-eks.git


Enter fullscreen mode Exit fullscreen mode

2. Configure terraform.tfvars
Modify the terraform.tfvars depending on your need. As of now, it is set to use Kubernetes version 1.30 (the latest at the time of writing), but feel free to adjust this and the region based on your needs. Here's what you might want to change:



environment     = "demo"
cluster_name    = "awscb-cluster"
cluster_version = "1.30"
region          = "ap-southeast-1"
vpc_cidr        = "10.0.0.0/16"


Enter fullscreen mode Exit fullscreen mode

3. Initialize and install plugins (tofu init)
Once you've made your customizations, run tofu init to get everything set up and install any necessary plugins.
4. Preview the changes (tofu plan)
Before applying anything, let's see what OpenTofu is about to do with tofu plan. This will give you a preview of the changes that will be made.
5. Apply the changes (tofu apply)
Run tofu apply and when prompted, type yes to confirm the changes.

Looks familiar? You're not wrong! OpenTofu works very similarly as it shares a similar core setup with Terraform. And if you ever need to tear down the resources, just run tofu destroy.

Now, lets check the resources provisioned!

Once provisioning is done, we should be able to see a new cluster. But where can we find it? You can simply use the search box in AWS Management Console.
AWS Management Console

Click the cluster and you should be able to see something like this:
Amazon EKS Cluster

Do note that we enable a couple of addons in the template hence we should be able to see these three core addons.
Amazon EKS Addons

CoreDNS - this enable service discovery within the cluster.
Amazon VPC CNI - this enable pod networking within the cluster.
Amazon EKS Pod Identity Agent - an agent used for EKS Pod Identity to grant AWS IAM permissions to pods through Kubernetes service accounts.

Accessing the Cluster

Now that we have the cluster up and running, the next step is to check resources and manage them using kubectl.

By default, the cluster creator has full access to the cluster. First, we need to fetch thekubeconfig file by running:



aws eks update-kubeconfig --region $REGION --name $CLUSTER_NAME


Enter fullscreen mode Exit fullscreen mode

Now, let's list all pods in all namespaces



kubectl get pods -A


Enter fullscreen mode Exit fullscreen mode

Here's a sample output from the command above:



NAMESPACE     NAME                           READY   STATUS    RESTARTS   AGE
kube-system   aws-node-5kvd4                 2/2     Running   0          2m49s
kube-system   aws-node-n2dqb                 2/2     Running   0          2m51s
kube-system   coredns-5765b87748-l4mj5       1/1     Running   0          2m7s
kube-system   coredns-5765b87748-tpfnx       1/1     Running   0          2m7s
kube-system   eks-pod-identity-agent-f9hhb   1/1     Running   0          2m7s
kube-system   eks-pod-identity-agent-rdbzs   1/1     Running   0          2m7s
kube-system   kube-proxy-8khgq               1/1     Running   0          2m51s
kube-system   kube-proxy-p94w7               1/1     Running   0          2m49s


Enter fullscreen mode Exit fullscreen mode

Let's check a couple of objects and resources:



# List all deployments in kube-system
kubectl get deployment -n kube-system

# List all daemonsets in kube-system
kubectl get daemonset -n kube-system

# List all nodes
kubectl get nodes


Enter fullscreen mode Exit fullscreen mode

How about deploying a simple workload?



# Create a deployment
kubectl create deployment my-app --image nginx

# Scale the replicas of my-app deployment
kubectl scale deployment/my-app --replicas 2

# Check the pods
kubectl get pods

# Delete the deployment
kubectl delete deployment my-app

Enter fullscreen mode Exit fullscreen mode




What's Next?

Yay🎉, we're able to provision an EKS cluster, check resources and objects using kubectl and create a simple nginx deployment. Stay tuned for the next part in this series, where we'll dive into deployment, scaling and monitoring of workloads in Amazon EKS!

Back2Basics: Up Next

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .