Getting Started in EKS
Tools Required
You need to setup the tools below in order to proceed with this guide.
- eksctl cli [Install this tool either following offical guide or using
asdf
utility] - aws cli [Install this tool either following offical guide or using
asdf
utility]
Create EKS Cluster
If you do not have a cluster with the requirements below then proceed with the instruction from this guide.
- EKS Cluster that is in ready state and has at least 2
m5_large
nodes or larger - EBS CSI Driver should be installed, since Grafana Loki will use an EBS disk
- The cluster's control plane should be publicly exposed so the CLI can reach it ( remember to check the cluster's security groups )
We are going to use eksctl
and aws
cli to provision the eks cluster.
Authenticate with AWS
Get the AWS credentials for programmatic access and run the commands below, then enter the credentials when prompted. Refer the AWS docs for other methods to authenticate with AWS.
$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: json
$ aws configure set aws_session_token fcZib3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZVERYLONGSTRINGEXAMPLE
Create EKS Cluster
Create the cluster using eksctl by running the commands below from your terminal. Note that those will provision a Kubernetes cluster with the default configuration. It will be a 2 node cluster and that by default allows all traffic to the nodes. Remember to set your default region code in the environment variables:
# Set the AWS deployment region
export AWS_DEFAULT_REGION=eu-north-1
# Create EKS Cluster using eksctl cli
eksctl create cluster
# Get Cluster name by running below command and grab the name for next command.
eksctl get clusters
# Set environemt variable for storing EKS Cluster name for further use.
export CLUSTER_NAME=unique-creature-1694101553
Create & Associate IAM OIDC Provider for our EKS cluster
This enables us to use AWS IAM Roles for Kubernetes service accounts on our EKS Cluster.
eksctl utils associate-iam-oidc-provider \
--region ${AWS_DEFAULT_REGION} \
--cluster ${CLUSTER_NAME} \
--approve
Install the EBS CSI driver add on
EBS CSI driver is used by the Grafana Loki service and we need to perform the steps below to install it as an addon to the cluster.
Create the EBS CSI Driver role
Create an IAM role and attach the required AWS managed policy with the following command.
eksctl create iamserviceaccount \
--name ebs-csi-controller-sa \
--namespace kube-system \
--cluster ${CLUSTER_NAME} \
--role-name AmazonEKS_EBS_CSI_DriverRole \
--role-only \
--attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy \
--approve
Adding the Amazon EBS CSI driver addon
Run the following command. Replace 012345678901
with your account ID.
eksctl create addon --name aws-ebs-csi-driver --cluster ${CLUSTER_NAME} --service-account-role-arn arn:aws:iam::012345678901:role/AmazonEKS_EBS_CSI_DriverRole --force