Creating a Production grade EKS Cluster using EKSCTL

5 years ago   •   3 min read

By Anushka Arora

What Is EKSCTL?

EKSCTL almost automates much of our experience of creating EKS Cluster. EKSCTL is written in Go and makes use of AWS service, CloudFormation. It is the official CLI for Amazon EKS. The current version of eksctl allows you to create a number of clusters, list those, and delete them as well.

Amazon Production Grade EKS Cluster with One Command:

When we look at creating a Production grade EKS Cluster, we can create an EKS Cluster with the following command: eksctl create cluster

When you run the above command, following things happen:
  • Sets up the AWS Identity and Access Management(IAM ) Role for the master plane to connect to EKS.
  • Creates the Amazon VPC architecture, and the master control plane.
  • Brings up instances, and deploys the ConfigMap so nodes can join the cluster.
  • Provides access to the cluster with a pre-defined kubeconfig file.

Create Production Grade EKS CLuster: Using Config Files

You can create Production Grade EKS Cluster using the Config File. Following are the steps:

First, attach the following AWS Managed Policies for a role / user / group required for creating an EKS Cluster using EKSCTL

  1. AmazonEC2FullAccess
  2. IAMFullAccess
  3. AmazonVPCFullAccess
  4. AWSCloudFormationFullAccess

Second, Create a Cluster.yaml File

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: dt-prod-cluster
  region: ap-southeast-1
vpc:
  id: "vpc-1c174erf"
  cidr: "12.0.0.0/16"
  subnets:
    private:
      ap-southeast-1a:
          id: "subnet-06cc7"
          cidr: "12.0.112.0/24"
      ap-southeast-1b:
          id: "subnet-099e9"
          cidr: "12.0.111.0/24"
      ap-southeast-1c:
          id: "subnet-099e9"
          cidr: "12.0.111.0/24"
    public:
      prod-sg-pub-snet-1a:
          id: "subnet-02825"
          cidr: "12.0.32.128/25"
      prod-sg-pub-snet-1b:
          id: "subnet-0b065"
          cidr: "12.0.32.0/25"
      prod-sg-pub-snet-1c:
          id: "subnet-0b065"
          cidr: "12.0.32.0/25"
nodeGroups:
  - name: ng-1
    privateNetworking: true
    instanceType:
    desiredCapacity: 1
    minSize: 1
    maxSize: 5
    instancesDistribution:
      maxPrice: 0.05
      instanceTypes: ["r4.large", "r3.large"] # At least two instance types should be specified
      onDemandBaseCapacity: 0
      onDemandPercentageAboveBaseCapacity: 50
    iam:
      withAddonPolicies:
        autoScaler: true
      attachPolicyARNs:
        - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
        - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
        - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess
        - arn:aws:iam::aws:policy/AmazonS3FullAccess
    ssh:
      allow: true
      publicKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDpzpEdCL7RCLjgl8YDndRbIdy2Qp7AMZGcJ2//92rjt6dlfnrafqUEr+lsQwKxrUSUAHXFKM6M5RUSoeV5LIpAP0B7sAzvER9JgsukgQJVtEGFQrkpv7IMobscUIX3NfnwVw5V0ghjhjdskjhkskfgAqinQmt2FaZtZGd+0obA1l7AOOHJG1B/IGm2k81+0xMnwOzs1UyYVnA7v4FQDpnUqE03Eh//cASqfUxfq5zJJBuHBmEsPTc1dtrklnvdj5YKSdQEWF4q6uhZXVIIhvh08WPxa3je5U3n+iie65Mf"
Properties:

Properties:

OnDemandPercentageBaseCapacity: The minimum amount of the Auto Scaling group’s capacity that must be fulfilled by On-Demand Instances. The default value is 0, in this On-Demand Instances are launched as a percentage of the Auto Scaling group’s desired capacity as per onDemandPercentageAboveBaseCapacity setting.

OnDemandPercentageAboveBaseCapacity: Controls the percentages of On-Demand Instances and Spot Instances for your additional capacity beyond onDemandPercentageBaseCapacity. The range is 0–100. The default value is 100. Here, this property set to 50, the percentages are 50% for your additional capacity above base capacity.

vpc and subnets: If you don’t define these two properties, then AWS will automatically create vpc and subnets and assign them with their respective id’s.

attachPolicyARNs: Attaches the specified managed policy to the specified IAM role. Here, you will have to define custom policies along with managed policies because policies are explicitly defined, if you decide to leave it blank AWS will implicitly attach it’s own policies for creating an EKS Cluster.

Next, run this command to create EKS cluster using your yaml file: eksctl create cluster -f cluster.yaml

That’s it ! Your Production Grade EKS CLuster is ready. For eksctl documention, check the following link: https://eksctl.io/introduction/#getting-started/

To continue learning more about EKS, read this blog post on how to set up custom DNS routing on an EKS cluster.

Spread the word