To create your Kubernetes cluster on AWS (Amazon Web Services), first, you will have to create a new account on this service (you can also use one that you might have available). Then, you will have to follow these instructions to install the AWS Command-Line Interface (CLI). Make sure you follow the instructions for your operating system.
After creating your account and installing the CLI tool, you will have to create an Amazon EKS Service Role and create an Amazon EKS Cluster VPC. To accomplish that, you can go through the steps shown in this AWS documentation.
Now, still on the Getting Started with Amazon EKS page, search for the section that teaches you "to install aws-iam-authenticator
for Amazon EKS", and follow the steps there. If you install this tool correctly, you will be able to execute the following command on a terminal:
aws-iam-authenticator help
Then, if you are using a new account and just installed the CLI provided by AWS, you will have to create a new user for this tool and configure it. To do so, follow these steps:
- Go to the Users section of the Identity and Access Management service of your AWS account
- Click on Add User
- Create a new user called "admin" (or similar) with the "programmatic access" access type
- Create a new group for this user (you can call it "admins")
- Add the "AdministratorAccess" policy to this group
- Finish the process to get an access key id and a secret access key
After that, you will have to run the following in your terminal:
aws configure
This command will ask for four things:
- The access key id (use the one created for your new AWS user)
- The secret access key (use the one created for your new AWS user)
- A default region
- Default output format
Note: At the time of writing, the EKS service is only available in four regions:
us-east-1
(N. Virginia),us-east-2
(Ohio),us-west-2
(Oregon), andeu-west-1
(Ireland). Choose the one that is the closest to you to answer the third question. The last question, regarding the output format, you can leave untouched.
After you finish this whole configuration process, you can create your Kubernetes cluster by issuing the following commands:
EKS_SERVICE_ROLE=arn:aws:iam::...:role/eksServiceRole
EKS_SUBNET=subnet-a8187fa2,subnet-50262839
EKS_SECURITY_GROUP_ID=sg-e5d24214
aws eks create-cluster --name devel \
--role-arn $EKS_SERVICE_ROLE \
--resources-vpc-config subnetIds=$EKS_SUBNET,securityGroupIds=$EKS_SECURITY_GROUP_ID
Note: You will have to replace the values passed to
EKS_SERVICE_ROLE
,EKS_SUBNET
, andEKS_SECURITY_GROUP_ID
with your own values.
If the last command works properly, the AWS CLI tool will send you back a JSON response with the status
equals to CREATING
. Having confirmed that, you can configure kubectl
to work with your new EKS cluster by issuing the following command:
aws eks update-kubeconfig --name devel
After that, you can issue the following command to check if kubectl
is indeed working:
kubectl get pods --all-namespaces
Running this command should output a table showing a single pod (you will learn what that is in a bit) called kube-dns-...
(where ...
stands for a random string) with a PENDING
status. If you don't do anything, no matter how long you wait, you will never get a READY
status for this element. The problem is that AWS did create your cluster for you, but it didn't add nodes on it (node is a server that is part of the cluster).
To create nodes to your AWS Kubernetes cluster, you will have to do two things:
- You will have to create a Key Pair (using Amazon EC2 is the easiest way).
- You will have to follow the "Step 3: Launch and Configure Amazon EKS Worker Nodes" section on this page.
After that, you will have finished creating your AWS EKS cluster. A bit laborous but not that hard, right?