Completek8s Classroomnotes 07/Sep/2023

Elastic Kubernetes Services (EKS)


  • eksctl is a cli tool developed by Weaveworks & is easiest way to deploy all components needed to run EKS
  • Refer Here for official site of eksctl
  • eksctl defaults to creating a cluster with following default paramters
    • An autogenerated cluster name
    • Two m5.large worker nodes
    • Use of official AWS EKS AMI
    • us-west-2 defaul region
    • dedicated vpc
  • Network information
    • dedicated vpc with three private, three public subnets
    • NAT Gateway & Internet gateway to enable acess needed for container images & communication to AWS S3 and ECR API
    • Two security groups are setup for eks cluster
      • Ingress internode group SG: Allows nodes to communicate with each other on all ports
      • Control Plane security group: Allows communication between the control plane and worker node groups
  • One node group containing two m5.large nodes is default, but how many pods can that node run? AWS has a formula based on the node type and number of interfaces and Ip Adddresses it supports.
    ((Number of network interfaces for the instance type) * (Number of Ip Addresses per network interface -1)) + 2
  • m5 large can support a maximum of 29 pods


  • This is an open source implementation of CNI built for AWS
  • This includes native AWS Services like VPC Flow logs, VPC routing policies, security groups for network traffic isolation
  • Refer Here for VPC CNI
  • Two components of VPC CNI
    • CNI Plugin: responsible for host and pod’s network stack
    • ipamd: IPAM dameon responsible for maintaining warm pool of available IP addresses and assign and IP to pod
  • refer class room video for demonstration of the above

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner