Shows how to setup AWS Elastic Kubernetes Service monitoring by installing Kubernetes Dashboard and EFK stack.

AWS EKS - Kubernetes Dashboard and EFK stack

# eksctl version
eksctl version
0.20.0

# kubectl/Kubernetes version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.3", GitCommit:"2e7996e3e2712684bc73f0dec0200d64eec7fe40", GitTreeState:"clean", BuildDate:"2020-05-21T14:51:23Z", GoVersion:"go1.14.3", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"16+", GitVersion:"v1.16.8-eks-e16311", GitCommit:"e163110a04dcb2f39c3325af96d019b4925419eb", GitTreeState:"clean", BuildDate:"2020-03-27T22:37:12Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}

# helm version
helm version
version.BuildInfo{Version:"v3.1.2", GitCommit:"d878d4d45863e42fd5cff6743294a11d28a9abce", GitTreeState:"clean", GoVersion:"go1.13.8"}

# cluster name and region
CLUSTER_NAME=lukaszbudniktest1
AWS_REGION=us-east-2

# create new cluster using managed node group as currently Kubernetes Dashboard does not work on Fargate
# we create node group of 3 servers
cat <<EOF > cluster.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: $CLUSTER_NAME
  region: $AWS_REGION

managedNodeGroups:
  - name: managed-ng-1
    instanceType: m5.xlarge
    minSize: 3
    maxSize: 10
    desiredCapacity: 3
    volumeSize: 20
    iam:
      withAddonPolicies:
        externalDNS: true
        certManager: true
        autoScaler: true
EOF
eksctl create cluster -f cluster.yaml

# install Kubernetes Dashboard

# deploy metrics-server
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.6/components.yaml
# check if running fine
kubectl get deployment metrics-server -n kube-system
# deploy the dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.1/aio/deploy/recommended.yaml
# create service account
cat <<EOF > eks-admin-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: eks-admin
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: eks-admin
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: eks-admin
  namespace: kube-system
EOF
kubectl apply -f eks-admin-service-account.yaml

# once all components are up you can proxy into dashboard
# first copy token from output
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep eks-admin | awk '{print $1}')
# start proxy
kubectl proxy
# open the below URL and use copied token to log in to dashboard
open http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#!/login

# install EFK stack

# install elasticsearch
helm repo add stable https://kubernetes-charts.storage.googleapis.com
helm install elasticsearch stable/elasticsearch

# install fluentd
helm repo add kiwigrid https://kiwigrid.github.io
helm install fluentd kiwigrid/fluentd-elasticsearch

# install Kibana
helm install kibana stable/kibana --set=env.ELASTICSEARCH_HOSTS=http://elasticsearch-client:9200

# connect to Kibana pod via port-forwarding
POD_NAME=$(kubectl get pods --namespace default -l "app=kibana,release=kibana" -o jsonpath="{.items[0].metadata.name}")
kubectl port-forward --namespace default $POD_NAME 5601:5601
# open Kibana
open http://localhost:5601/