🚀 Introduction to Amazon EKS
In this blog, we’ll take a simple, high-level look at how an Amazon EKS cluster works and the key components behind it. An EKS cluster is built on four main pieces: the control plane, worker nodes (node groups), Fargate profiles, and the VPC.
The control plane is fully managed by AWS—it runs the Kubernetes API server and controllers, and automatically handles availability and health. Your workloads run on worker nodes, which are EC2 instances grouped together as node groups, or on Fargate, where pods run serverlessly without managing any EC2 instances.
Finally, the VPC is what connects everything. Your subnets, routing, and security groups decide how your nodes communicate with the control plane and how securely your applications run.
In the next sections, we’ll break down each of these components step-by-step and see how they come together when you build an EKS cluster.
Let’s dive in! 🌟🌟
We will be running this on Windows machine, you can find similar steps for MacOS and Linux in AWS official documentation.
Step 1 - Install AWS CLI.
- Download Binary and install it. https://awscli.amazonaws.com/AWSCLIV2.msi
Step 2 - Install kubectl CLI.
- Install kubectl on Windows 10
mkdir kubectlbinary
cd kubectlbinary
curl -o kubectl.exe https://amazon-eks.s3.us-west-2.amazonaws.com/1.16.8/2020-04-16/bin/windows/amd64/kubectl.exe
- Update the system Path environment variable
C:\Users\bisma\Documents\kubectlbinary
- Verify the kubectl client version
kubectl version --short --client
kubectl version --client
Step 3 - Install eksctl CLI
- Install AMD64_x86/64 zip file from https://docs.aws.amazon.com/eks/latest/eksctl/installation.html.
- Make sure to unzip the archive to a folder in the PATH variable.
Amazon EKS is a paid service, and not included in free tier. There is a 0.10 USD per hour charge for the EKS cluster and 0.0416 USD per hour for EKS Worker nodes T3 Medium server in N.Virginia.
Next, lets create an EKS cluster using the command.
eksctl create cluster --name=eksdemo1 \
--region=us-east-1 \
--zones=us-east-1a,us-east-1b \
--without-nodegroup
eksctl get cluster
To follow best practices, we should create and associate an IAM OIDC identity provider, which allows your EKS cluster to securely use IAM roles for Kubernetes service accounts.
eksctl utils associate-iam-oidc-provider \
--region us-east-1 \
--cluster eksdemo1 \
--approve
Create a new EC2 Key Pair with name eks-demo. This key pair will help to the connect with EKS worker nodes from terminal.
Create Node Group with additional add-ons in Public Subnet.
# Create Public Node Group
eksctl create nodegroup --cluster=eksdemo1 \
--region=us-east-1 \
--name=eksdemo1-ng-public1 \
--node-type=t3.medium \
--nodes=2 \
--nodes-min=2 \
--nodes-max=4 \
--node-volume-size=20 \
--ssh-access \
--ssh-public-key=kube-demo \
--managed \
--asg-access \
--external-dns-access \
--full-ecr-access \
--appmesh-access \
--alb-ingress-access
Login to worker node using EC2 Key Pair.
# For MAC or Linux or Windows10
ssh -i kube-demo.pem ec2-user@<Public-IP-of-Worker-Node>
# For Windows 7
Use putty
Update worker nodes security group to allow all traffic.
Delete the cluster at the end of this exercise to make sure you dont incur additional charges.
Important: Revert security group rules prior to deleting the cluster.
# Delete Cluster
eksctl delete cluster eksdemo1
Thank you! 🌸
Top comments (0)