Skip to main content

Getting Started in EKS

Tools Required

You need to setup the tools below in order to proceed with this guide.

  • eksctl cli [Install this tool either following offical guide or using asdf utility]
  • aws cli [Install this tool either following offical guide or using asdf utility]

Create EKS Cluster

If you do not have a cluster with the requirements below then proceed with the instruction from this guide.

  • EKS Cluster that is in ready state and has at least 2 m5_large nodes or larger
  • EBS CSI Driver should be installed, since Grafana Loki will use an EBS disk
  • The cluster's control plane should be publicly exposed so the CLI can reach it ( remember to check the cluster's security groups )

We are going to use eksctl and aws cli to provision the eks cluster.

Authenticate with AWS

Get the AWS credentials for programmatic access and run the commands below, then enter the credentials when prompted. Refer the AWS docs for other methods to authenticate with AWS.

$ aws configure
  AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
  AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
  Default region name [None]: us-west-2
  Default output format [None]: json
$ aws configure set aws_session_token fcZib3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZVERYLONGSTRINGEXAMPLE

Create EKS Cluster

Create the cluster using eksctl by running the commands below from your terminal. Note that those will provision a Kubernetes cluster with the default configuration. It will be a 2 node cluster and that by default allows all traffic to the nodes. Remember to set your default region code in the environment variables:

# Set the AWS deployment region
export AWS_DEFAULT_REGION=eu-north-1

# Create EKS Cluster using eksctl cli
eksctl create cluster

# Get Cluster name by running below command and grab the name for next command.
eksctl get clusters

# Set environemt variable for storing EKS Cluster name for further use.
export CLUSTER_NAME=unique-creature-1694101553

Create & Associate IAM OIDC Provider for our EKS cluster

This enables us to use AWS IAM Roles for Kubernetes service accounts on our EKS Cluster.

eksctl utils associate-iam-oidc-provider \
    --region ${AWS_DEFAULT_REGION}  \
    --cluster ${CLUSTER_NAME} \
    --approve

Install the EBS CSI driver add on

EBS CSI driver is used by the Grafana Loki service and we need to perform the steps below to install it as an addon to the cluster.

Create the EBS CSI Driver role

Create an IAM role and attach the required AWS managed policy with the following command. 

eksctl create iamserviceaccount \
    --name ebs-csi-controller-sa \
    --namespace kube-system \
    --cluster ${CLUSTER_NAME} \
    --role-name AmazonEKS_EBS_CSI_DriverRole \
    --role-only \
    --attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy \
    --approve

Adding the Amazon EBS CSI driver addon

Run the following command. Replace 012345678901 with your account ID.

eksctl create addon --name aws-ebs-csi-driver --cluster ${CLUSTER_NAME} --service-account-role-arn arn:aws:iam::012345678901:role/AmazonEKS_EBS_CSI_DriverRole --force

Last updated on