The Ops Community ⚙️

Cover image for EKS: Guide to create Kubernetes clusters in AWS
Alexandru Dejanu
Alexandru Dejanu

Posted on • Originally published at

EKS: Guide to create Kubernetes clusters in AWS

Amazon Elastic Kubernetes Service (EKS) is a managed service within AWS, that allows you to run a Kubernetes cluster. Managed service translates into the fact that there's no need to install, or maintain the cluster's control or data plane.


You're going you need a user with the right policies for services like EKS, CloudFormation, EC2, IAM, and an access key for that user (guide here).



aws iam authenticator that allows you to use AWS IAM credentials to authenticate (installation guide here)

Configure AWS CLI: run the following command without arguments in order to get prompted for configuration values (e.g. AWS Access Key Id and your AWS Secret Access Key, AWS region).

aws configure
Enter fullscreen mode Exit fullscreen mode

IAM AWS CLI: for eksctl you will need to have AWS API credentials configured. Amazon EKS uses the IAM service to provide authentication to your Kubernetes cluster through the AWS IAM authenticator for Kubernetes.

Next you can verify if you're authenticated by running the following command:

aws iam get-user
Enter fullscreen mode Exit fullscreen mode

Creating Kubernetes cluster

First you can list if there are any existing clusters (normally you should not have them if this is a fresh setup).

eksctl get clusters
Enter fullscreen mode Exit fullscreen mode

To allow SSH access to nodes, eksctl imports by default the ssh public key from ~/.ssh/ , but if you want you can use another SSH public key by passing the absolute path to the key to --ssh-public-key flag.

EKS clusters run in a VPC, therefore you need an Amazon VPC with public and private subnets. The VPC must have a sufficient number of IP addresses available for the cluster, any nodes, and other Kubernetes resources that you want to create, and also it must have DNS hostname and DNS resolution support (otherwise nodes can't register to the cluster). You can't change which subnets you want to use after cluster creation.

The beauty of it, is that eksctl will do all the heavy lifting for you, and even more it allows to customize your Kubernetes cluster as needed (number of nodes, region, size of the nodes).

Example for 2 cluster node in the eu-west-1 region:

eksctl create cluster --name=demo_cluster --nodes=2 --region=eu-west-1
Enter fullscreen mode Exit fullscreen mode

Behind the scenes eksctl uses CloudFormation, you can see that in this case, it creates 2 CloudFormation stacks, one for cluster itself (control plane) and one for the initial managed nodegroup (woker nodes).

Furthermore you can use CloudFormation console to check the status of it.

Image description

After the cluster was created everything is set, you can verify that kubectl point to the correct cluster by running:

kubectl config current-context
Enter fullscreen mode Exit fullscreen mode

Leveraging eksctl you can deploy a Kubernetes cluster in AWS in a matter of minutes.

Image description

Top comments (1)

iziodev profile image
Romain Billot

Thanks for sharing this introduction, would love to learn deeper the subject, ideas:

  • EKS cluster maintenance, the GitOps way (IaC, ArgoCD,...?)
  • pod roles x iam roles: implicit grant explained
  • networking configuration for in-VPC communaction (RBAC, DNS, etc...)