In this article, we are going to learn about how to deploy a Kubernetes Cluster on AWS with Amazon EKS and how to install and configure AWS CLI and Kubectl to interact with the EKS cluster from commandline in Linux.
Before deploying Kubernetes cluster on AWS cloud using Amazon Elastic Kubernetes Service, make sure you have an AWS account. If you don't have an AWS account, check our Introduction to Amazon Web Services (AWS) article to know how to create one.
1. Setup EKS Cluster (Master Node)
To create an EKS cluster in AWS, you need to have an IAM role created in hand.
1.1. Create IAM role
Amazon EKS-managed Kubernetes clusters make calls on your behalf to other AWS services to manage the resources you utilize with the service.
You must first create an IAM role with the following IAM policy before you may construct Amazon EKS clusters:
Login to your AWS console and search for 'IAM'. Select the IAM service to get into IAM Console.
Choose Roles in the left side options and then click Create role.
Select AWS services and select 'EKS – Cluster' in the Use cases options. Once selected, click 'Next' to proceed.
Make sure 'AmazonEKSClusterPolicy' is added, by default it will be added as we selected EKS-Cluster in the use cases. Click Next to proceed further.
In the next step, set the role name. Here, we are naming the role as 'ostechnix_eks'. Review all the parameters and click 'create' at the end to create the role.
Here we don’t add any tags for this role. If we are dealing with multiple resources, it will be useful having tags to manage, identify and filter resources.
A new role named 'ostechnix_eks' has been just created.
1.2. Create EKS Cluster
Go to AWS Console and search with 'EKS'. Select the 'Elastic Kubernetes Service' to get into the EKS console.
From the 'Add cluster' drop down box, choose 'create' cluster option.
You will get the ‘Configure Cluster’ page where you can name the cluster, select the Kubernetes version and select the cluster service role that we created in the previous step.
Here, we named the cluster as 'ostechnix', and selected the Kubernetes version 1.21.
If you did not find the role, refresh the roles. Select the role and click 'next' to proceed.
In this ‘Specify Networking’, you need to configure the networking. Here we are proceeding with default options.
Select the existing VPC, VPC is Virtual Private Cloud where you can create AWS resources in the Virtual Network that you have defined. Proceed with the default subnets available in the default VPC.
Choose IPv4 as the Cluster IP address family. It is the default one.
Choose 'Public' for Cluster End Point access which enables only public access to your cluster. If you choose 'Private', it enables only private access to your cluster. Here, we are proceeding with Public which is the default one.
You can proceed with the default 'Networking Add-ons' and click 'Next'.
You will get 'Configure logging' page where you can select which log types that you want to enable. By default, all the types are disabled. Click 'Next' to proceed.
You will get 'Review and Create' page. Review all the details we configured and click 'Create' at the bottom.
Cluster creation will be in progress. It will take couple of minutes to get created.
A new EKS Cluster named 'ostechnix' is created. You can verify in AWS Console🡪Amazon EKS🡪Clusters.
Next, we need to install and configure AWS CLI and Kubectl to interact with the EKS cluster from commandline.
To configure AWS CLI credentials, you need to create security credentials in AWS IAM.
2. Create Security Credentials
Log into AWS console and search with IAM. Select IAM to get into the IAM console.
Select 'My security credentials' option available in the right to create and manage your security credentials.
Click on 'Access Keys' drop down box and click 'Create New Access Key' option.
Once you click the 'Create New Access Key' option, the key will be created. Download the key to configure AWS CLI in Linux machine. You can view the key by checking 'Show Access key'.
In this demonstration the key is,
- Access Key ID: AKIAV7XU2AIJBX4EYKUO
- Secret Access Key: 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
3. Install AWS CLI
AWS CLI is a command-line interface that brings all AWS services together in a single terminal, allowing you to operate numerous AWS services with a single tool.
Use the below
curl command to download the installation file. Here, we are using 'CentOS Stream' to install and configure AWS CLI.
[root@ostechnix ~]# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
Unzip the installer file using the below command.
[root@ostechnix ~]# unzip awscliv2.zip
Install AWS CLI using the below command.
[root@ostechnix ~]# ./aws/install
You can now run: /usr/local/bin/aws --version
Verify the version using the above mentioned command.
[root@ostechnix ~]# /usr/local/bin/aws --version
aws-cli/2.4.17 Python/3.8.8 Linux/4.18.0-358.el8.x86_64 exe/x86_64.centos.8 prompt/off
4. Configure AWS CLI
Use the below command to configure the AWS CLI. It will ask for the Access Key ID and Secret Access Key that we generated in section 2.
[root@ostechnix ~]# /usr/local/bin/aws configure AWS Access Key ID [None]: AKIAV7XU2AIJBX4EYKUO AWS Secret Access Key [None]: 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 Default region name [None]: Default output format [None]: [root@ostechnix ~]#
5. Install Kubectl
Kubernetes communicates with the cluster API server via the kubectl command line utility.
Use the below curl command to download Amazon EKS vended kubectl binary from Amazon S3.
[root@ostechnix ~]# curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/kubectl
Add execute permission to the binary using below command.
[root@ostechnix ~]# chmod +x ./kubectl
Copy this binary to the folder in your path and export the
[root@ostechnix ~]# mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$PATH:$HOME/bin
Export the PATH to
[root@ostechnix ~]# echo 'export PATH=$PATH:$HOME/bin' >> ~/.bashrc
Kubectl is installed, you can verify the version using the below command.
[root@ostechnix ~]# kubectl version --short --client
Client Version: v1.21.2-13+d2965f0db10712
6. Configure Kubectl
Right now kubectl does not know where the EKS Master node is located in AWS. We need to let kubectl know where the Master server is located by mentioning the region name and cluster name.
Use the below command to check the status of the EKS Cluster.
[root@ostechnix ~]# /usr/local/bin/aws eks --region ap-south-1 describe-cluster --name ostechnix --query cluster.status "ACTIVE"
Update the kubeconfig file to use kubectl to interact with the EKS cluster. It will fetch all the configurations from Master node to kubeconfig file.
[root@ostechnix ~]# /usr/local/bin/aws eks --region ap-south-1 update-kubeconfig --name ostechnix Added new context arn:aws:eks:ap-south-1:411756528146:cluster/ostechnix to /root/.kube/config
Verify the kubectl by checking the service using the below command. You can ensure the Kubectl is able to connect with the EKS cluster.
[root@ostechnix ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 105m
In this article, we have learned how to provision Amazon EKS cluster and how to setup AWS CLI and Kubectl for the EKS cluster in Linux platform.
I've successfully deployed Kubernetes cluster on AWS cloud, now what? You might wonder. Please check our next guide to know how to add Node Groups and configure the worker nodes in AWS EKS cluster.