Kubernetes is a scalable open-source tool that manages container orchestration extremely effectively, but does Kubernetes work in Cloud as well? Yes, it does work with the most widely used service AWS EKS which stands for Amazon Elastic Kubernetes.
Yes, you can manage Kubernetes in public clouds, such as GCP, AWS, etc to deploy and scale containerized applications.
In this tutorial, you will learn the basics of Kubernetes, Amazon EKS, or AWS EKS.
Table of Content
- What is Kubernetes?
- kubernetes architecture and kubernetes components
- What is AWS EKS (Amazon EKS) ?
- How does AWS EKS service work?
- Prerequisites
- AWS EKS Clusters components
- AWS EKS Control Pannel
- Workload nodes
- How to create aws eks cluster in AWS EKS
- AWS EKS cluster setup: Additional nodes on AWS EKS cluster
- Connecting AWS EKS Cluster using aws eks update kubeconfig
- How to Install Kubectl on Windows machines
- Install Kubectl on Ubuntu machine
- Conclusion
What is Kubernetes?
Kubernetes is an open-source container orchestration engine for automating deployments, scaling, and managing the container’s applications. Kubernetes is an open-source Google-based tool. It is also known as k8s. It can run on any platform, such as on-premises, hybrid, or public cloud. Some of the features of Kubernetes are:
- kubernetes cluster scales when needed and is load balanced.
- kubernetes cluster has the capability to self-heal and automatically provide rollbacks.
- kubernetes allows you to store configurations, secrets, or passwords.
- Kubernetes can be mounted with various stores such as EFS and local storage.
- Kubernetes works well with networking components such as NFS, locker, etc.
kubernetes architecture and kubernetes components
When you Install Kubernetes, you create a Kubernetes cluster that mainly contains two components master or the controller nodes and worker nodes. Nodes are the machines that contain their own Linux environment, which could be a virtual machine or either physical machine.
The application and services are deployed in the containers within the Pods inside the worker nodes. Pods contain one or more docker containers. When a Pod runs multiple containers, all the containers are considered a single entity and share the Node resources.
- Pod: Pods are groups of containers that have shared storage and network.
- Service: Services are used when you want to expose the application outside of your local environment.
- Ingress: Ingress helps in exposing http/https routes from the outside world to the services in your cluster.
- ConfigMap: Pod consumes configmap as environmental values or command-line arguments in the configuration file.
- Secrets: Secrets as the name suggest stores sensitive information such as password, OAuth tokens, SSH keys, etc.
- Volumes: These are persistent storage for containers.
- Deployment: Deployment is an additional layer that helps to define how Pod and containers should be created using yaml files.
What is AWS EKS (Amazon EKS) ?
Amazon provides an AWS managed service AWS EKS that allows hosting Kubernetes without needing you to install, operate, and maintain Kubernetes control plane or nodes, services, etc. Some of the features of AWS EKS are:
- AWS EKS expands and scales Kubernetes control plane across many availability zones so that there is always a high availability.
- It automatically scales and fix control plane instances if any instance is impacted or unhealthy node.
- It is integrated with various other AWS services such as IAM for authentication, VPC for Isolation , ECR for container images & ELB for load distribution etc.
- It is very secure service.
How does AWS EKS service work?
Previously you learned what is AWS EKS now; let’s learn how AWS EKS works. The first step in AWS EKS is to create an EKS cluster using AWS CLI or AWS Management console by specifying whether you need self-managed AWS EC2 instance or deploy workloads to AWS Fargate, which automatically manages everything.
Further, once the Kubernetes cluster is set up, connect to the cluster using kubectl commands and deploy applications.
Prerequisites
- You must have AWS account in order to setup cluster in AWS EKS with admin rights on AWS EKS and IAM. If you don’t have AWS account, please create a account from here AWS account.
- AWS CLI installed. If you don’t have it already install it from here.
- Ubuntu 16 or plus version machine.
- Windows 7 or plus machine.
AWS EKS Clusters components
Now that you have a basic idea of the AWS EKS cluster, it is important to know the components of AWS EKS Clusters. Let’s discuss each of them now.
AWS EKS Control Pannel
AWS EKS control plane is not shared between any AWS account or other EKS clusters. Control Panel contains at least two API servers exposed via Amazon EKS endpoint and three etcd instances associated with Amazon EBS volumes.
Amazon EKS automatically monitors the load on the control panel and removes unhealthy instances when needed. Amazon EKS uses Amazon VPC network policies to restrict traffic between control plane components within a single cluster.
AWS EKS nodes
Amazon EKS nodes are registered with the control plane via the API server endpoint and a certificate file created for your cluster. Your Amazon EKS cluster can schedule pods on AWS EKS nodes which may be self-managed, Amazon EKS Managed node groups, or AWS Fargate.
Self-managed nodes
Self-managed nodes are Windows and Linux machines that are managed by you. The nodes contain pods that share kernel runtime environments. Also, if the pod requires more resources than requested, then additional resources are aligned by you, such as memory or CPU, and you assign IP addresses from a different CIDR block than the IP address assigned to the node.
Amazon EKS Managed node groups
Previously you learned about self-managed nodes managed by you but in the case of AWS EKS managed node groups, you don’t need to provision or register Amazon EC2 instances. All the managed nodes are part of the Amazon EC2 auto-scaling group.
AWS takes care of everything starting from managing nodes, scaling, and aligning the resources such as IP address, CPU, memory. Although everything is managed by AWS still, you are allowed to SSH into the nodes. Like self-managed nodes, the nodes containing the pods share the same kernel.
You can add a managed node group to new or existing clusters using the Amazon EKS console, eksctl, AWS CLI, AWS API, or AWS Cloud Formation. Amazon EKS managed node groups can be launched in public and private subnets. You can create multiple managed node groups within a single cluster.
AWS Fargate
AWS Fargate is a serverless technology that you can use with Amazon ECS to run containers without managing servers or clusters of Amazon EC2 instances. With Fargate, you no longer have to provision, configure, or scale clusters of virtual machines to run containers. But with AWS Fargate, the pod has a dedicated kernel. As there are no nodes, you cannot SSH into the node.
Workload nodes
The workload is a node containing applications running on a Kubernetes cluster. Every workload controls pods. There are five types of workloads on a cluster.
- Deployment: Ensures that a specific number of pods run and includes logic to deploy changes. Deployments can be rolled back and stopped.
- ReplicaSet: Ensures that a specific number of pods run. Can be controlled by deployments. Replicasets cannot be rolled back and stopped.
- StatefulSet: Manages the deployment of stateful applications where you need persistant storage.
- DaemonSet Ensures that a copy of a pod runs on all (or some) nodes in the cluster
- Job: Creates one or more pods and ensures that a specified number of them run to completion
By default, Amazon EKS clusters have three workloads:
coredns: For name resolution for all pods in the cluster.aws-nodeTo provide VPC networking functionality to the pods and nodes in your cluster.kube-proxy:To manage network rules on nodes that enable networking communication to your pods.
How to create AWS EKS cluster in AWS EKS
Now that you have an idea about the AWS EKS cluster and its components. Let’s learn how to create an AWS EKS cluster and set up Amazon EKS using the Amazon management console, and AWS CLI commands.
- Make a note of VPC that you want to choose to create the AWS EKS cluster.
- Next on IAM page create a IAM policy with full EKS permissions.
- Click on Create policy and then click on choose service as EKS.
- Now provide the name to the policy and click create.
- Next, navigate to IAM role and create a role.
- Now in role choose AWS EKS service and then select EKS cluster as your use case:
- Further specify the name to role and then click on create role.
- Now attach a IAM policy that you created previously and EKSclusterpolicy to IAM role.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "*",
"Service": "eks.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
Now that you have the IAM role created for AWS EKS Cluster and IAM policy attachment. Let’s dive into the creation of the Kubernetes cluster.
- Now navigate to AWS EKS console and click on Create cluster
- Next, add all the configurations related to cluster as shown below.
- Furthe provide networking details such as VPC, subnets etc. You may skip subnets as of now.
- Keep hitting NEXT and finally click on Create cluster. It may take few minutes for cluster to come up.
- Lets verify if cluster is up and active. As you can see below
Now, the Kubernetes cluster on AWS EKS is successfully created. Now let’s initiate communication from the client we installed to the Kubernetes cluster.
AWS EKS cluster setup: Additional nodes on AWS EKS cluster
As discussed previously, the Amazon EKS cluster can schedule pods on any combination of self-managed nodes, Amazon EKS managed nodes, and AWS Fargate. In this section, let’s learn if you can add additional using the Amazon EKS Managed node group.
To create Managed node group using AWS Management Console.
- Navigate to the Amazon EKS page ➔ Configuration tab ➔ Compute tab ➔ Add Node Group and provide all the details such as name, node IAM role that you created previously.
Further specify Instance type, Capacity type, networking details such as VPC details, subnets, SSH Keys details, and click create. As you can see below, the nodes are added successfully by creating a new group.
- To find node details from your machine run the below commands.
aws eks update-kubeconfig --region us-east-2 --name "YOUR_CLUSTER_NAME"
kubectl get nodes --watch
To create Fargate(Linux) nodes you need to create a Fargate profile as when any pod gets deployed in Fargate it first matches the desired configuration from the profile then it gets deployed. The configuration contains permissions such as the ability of the pod to get the container’s image from ECR etc. To create a Fargate profile click here.
Connecting AWS EKS Cluster using aws eks update kubeconfig
You have created and set up the AWS EKS cluster successfully and learned how you can add additional nodes on the AWS EKS cluster, which is great. But do you know how to connect the AWS EKS cluster from your local machine? Let’s learn how to connect the AWS EKS cluster using eks update kubeconfig.
Make sure to configure AWS credentials on local machine to match with same IAM user or IAM role that you used while creating the AWS EKS cluster.
- Open Visual studio or GIT bash or command prompt.
- Now, configure kubeconfig to make communication from your local machine to Kubernetes cluster in AWS EKS
aws eks update-kubeconfig --region us-east-2 --name Myekscluster
- Finally test the communication between local machine and cluster after adding the configurations. Great you can see the connectivity from our local machine to Kubernetes cluster !!
kubectl get svc
How to Install Kubectl on Windows machines
Now that you have some basic idea of the What is EKS cluster, it is also managed by the kubectl tool. Although you can manage the AWS EKS cluster manually with the AWS management console but running kubectl is easy and straightforward. Let’s dive into how to install kubectl on a windows machine.
- Open PowerShell on your windows machine and run the below curl command the command on any folder of your choice. The below command will download the kubectl binary on windows machine.
curl -o kubectl.exe https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/windows/amd64/kubectl.exe
- Now verify in the C drive if binary file has been downloaded succesfully.
- Next run kubectl binary file i.e kubectl.exe.
- Verify if Kubectl is properly installed by running kubectl version command.
kubectl version --short --client
Install Kubectl on Ubuntu machine
Previously you learned how to install kubectl on a windows machine but let’s quickly check out the how-to install Kubectl on an Ubuntu machine.
- Login to the Ubuntu machine using SSH client.
- Download the kubectl binary using curl command on ubuntu machine under home directory ie. $HOME
curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/kubectl
- Next, after installing kubectl you will need to grant execute permissions to the binary to start it.
chmod +x ./kubectl
- Copy the binary to a folder in your PATH so that kubectl command can run from anywhere on your machine.
mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$PATH:$HOME/bin
- Verify the kubectl version on ubuntu machine again by running kubectl version.
kubectl version --short --client
Conclusion
In this tutorial, you learned Kubernetes, Amazon Elastic Kubernetes service, ie. AWS EKS, how to install Kubernetes client kubectl on Windows and Linux machine and finally created AWS EKS cluster and connected the same using kubectl client.
Now that you have a newly launched AWS EKS cluster setup, what do you plan to deploy on it?
DevOps Automateinfra Learning 
Pingback: How to create AWS EKS cluster using Terraform and connect Kubernetes cluster with ubuntu machine.