EKS (Elastic Kubernetes Service)
- Amazon specific features
- Managed control plane
- Managed node groups
- EKS Auto mode
- AWS Fargate
- EKS Pod identity and IRSA style service account based IAM access
- VPC CNI
- AWS Loadbalancer controller
- Cloudwatch observability add-ons
- Security groups for Pods
- Extended K8s Version support
- Cluster insights
- Outposts, Local Zones and Hybrid Nodes
- AWS EKS Deployment models
- Standard EKS + managed Node groups
- EKS + Fargate
- EKS Auto mode
Create an eks cluster
- To create eks cluster we need
- We need IAM Permissions to create VPC, EKS, EC2, IAM roles and related resources
You are an expert in AWS and I want you list out the steps to create a standard EKS Cluster with nodegroups. Ensure you give me steps from setting up IAM with right permission, installing tools required. I want to create EKS cluster using eksctl and yaml.
- Create a eksctl yaml file and Refer Here for schema
- eks-cluster.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: my-eks-cluster
region: us-west-2 # Change to your region
version: "1.35" # Kubernetes version
tags:
Environment: development
Team: platform
# Optional: Use existing VPC or let eksctl create one
# vpc:
# id: "vpc-xxxxxxxx"
# subnets:
# private:
# us-west-2a: { id: subnet-xxxxxxxx }
# us-west-2b: { id: subnet-yyyyyyyy }
# public:
# us-west-2a: { id: subnet-zzzzzzzz }
# us-west-2b: { id: subnet-wwwwwwww }
# IAM OIDC provider (required for IRSA - IAM Roles for Service Accounts)
iam:
withOIDC: true
# CloudWatch logging for control plane
cloudWatch:
clusterLogging:
enableTypes:
- api
- audit
- authenticator
- controllerManager
- scheduler
# Node Groups
managedNodeGroups:
# General purpose node group
- name: ng-general
instanceType: t3.medium
minSize: 2
maxSize: 5
desiredCapacity: 2
volumeSize: 50
volumeType: gp3
amiFamily: AmazonLinux2
privateNetworking: true # Nodes in private subnets
availabilityZones:
- us-west-2a
- us-west-2b
labels:
role: general
environment: development
tags:
NodeGroup: general
k8s.io/cluster-autoscaler/enabled: "true"
k8s.io/cluster-autoscaler/my-eks-cluster: "owned"
iam:
attachPolicyARNs:
- arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
- arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
withAddonPolicies:
autoScaler: true
cloudWatch: true
albIngress: true
ebs: true
ssh:
enableSsm: true # Use SSM instead of SSH keys (more secure)
# Add-ons
addons:
- name: vpc-cni
version: latest
- name: coredns
version: latest
- name: kube-proxy
version: latest
- name: aws-ebs-csi-driver
version: latest
wellKnownPolicies:
ebsCSIController: true
-
when we create an eks cluster
- eks cluster control plane (0.1 $ per hour)
- vpc and subnets
- a managed node group
- security groups
- IAM Roles
- we also get vpc-cni, coredns, kube-proxy
-
We need to mention annoations for creating different types of loadbalancers
Give me annoation list to create different types of loadbalancers in
EKS in a tabular format
- Storage: AWS has different types of storages, We can install CSI Drivers and implement any type of storage for Pods.
Give me steps to install efs and s3 csi and storage classes into eks cluster
Like this:
Like Loading...
