Tutorial: Running a Production-Ready Kubernetes Cluster on AWS EKS

P
@pilput
over 1 year ago0views

Running a production-ready Kubernetes cluster using Amazon Elastic Kubernetes Service (EKS) ensures scalability, reliability, and security. In this guide, we’ll walk you through the essential steps to deploy a production-ready EKS cluster.

1. Prerequisites

  1. AWS Account: Make sure you have an AWS account.

  2. IAM Permissions: Ensure your AWS account has permissions to create EKS, EC2, and related resources.

  3. CLI Tools Installed:

    • AWS CLI

    • kubectl

    • eksctl

  4. Kubernetes Application: Have your Kubernetes application manifests ready for deployment.

2. Setting Up the EKS Cluster

Step 1: Configure AWS CLI

Run the following command to configure your AWS credentials:

aws configure

Provide your AWS Access Key, Secret Key, default region, and output format.

Step 2: Create an EKS Cluster Using eksctl

eksctl is a simple CLI tool for creating and managing EKS clusters.

Install eksctl:

curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /usr/local/bin

Create a cluster:

eksctl create cluster \
  --name prod-cluster \
  --region us-east-1 \
  --nodes 3 \
  --nodes-min 2 \
  --nodes-max 5 \
  --node-type t3.medium \
  --managed

  • --name: Name of the cluster.

  • --nodes: Number of nodes.

  • --node-type: Instance type for the nodes.

Step 3: Verify the Cluster

To check that your cluster is running:

kubectl get nodes

If the nodes are listed, your cluster is successfully created.

3. Configure the EKS Cluster for Production

Step 1: Enable Cluster Auto-Scaling

Create an IAM policy for auto-scaling and attach it to your worker node group.

Step 2: Use a Managed Load Balancer

For exposing your application, use an AWS Application Load Balancer (ALB):

  1. Install the AWS Load Balancer Controller:

    kubectl apply -k github.com/aws/eks-charts/stable/aws-load-balancer-controller//crds
helm repo add eks https://aws.github.io/eks-charts
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
    --set clusterName=prod-cluster \
    --set serviceAccount.create=false \
    --set serviceAccount.name=aws-load-balancer-controller \
    --set region=us-east-1 \
    --namespace kube-system

Step 3: Configure Security with IAM Roles

Use AWS IAM roles for service accounts (IRSA) to securely manage permissions for your pods:

eksctl create iamserviceaccount \
  --cluster prod-cluster \
  --namespace default \
  --name your-service-account \
  --attach-policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess \
  --approve

Step 4: Set Up Monitoring and Logging

  1. Install Prometheus and Grafana for monitoring:

    kubectl apply -f https://github.com/prometheus-operator/prometheus-operator/blob/main/bundle.yaml

  2. Enable Amazon CloudWatch Logs integration for centralized logging:

    eksctl utils update-cluster-logging \
    --cluster prod-cluster \
    --enable-types all

Step 5: Apply Network Policies

Use Kubernetes Network Policies to restrict communication between pods.

Install Calico for advanced network policies:

kubectl apply -f https://docs.projectcalico.org/v3.14/manifests/calico.yaml

4. Deploy Your Application

Step 1: Create Namespaces

Organize your application by creating namespaces:

kubectl create namespace production

Step 2: Deploy Application Manifests

Apply your YAML files:

kubectl apply -f deployment.yaml -n production
kubectl apply -f service.yaml -n production

Step 3: Verify the Deployment

Check if your pods are running:

kubectl get pods -n production

5. Implement Best Practices

  1. Use Secrets for Sensitive Data: Store sensitive data like database credentials in Kubernetes Secrets.

    kubectl create secret generic db-credentials \
    --from-literal=username=admin \
    --from-literal=password=supersecret

  2. Set Resource Limits: Define resource requests and limits in your deployment:

    resources:
  requests:
    memory: "64Mi"
    cpu: "250m"
  limits:
    memory: "128Mi"
    cpu: "500m"

  3. Regular Backups: Enable Amazon EBS volume snapshots for your persistent volumes.

6. Scale the Cluster

To scale the number of nodes:

eksctl scale nodegroup --cluster prod-cluster --name <nodegroup-name> --nodes 5

For pod-level scaling, use a Horizontal Pod Autoscaler (HPA):

kubectl autoscale deployment your-app --cpu-percent=50 --min=2 --max=10

7. Clean Up Resources

To delete the cluster and avoid unnecessary charges:

eksctl delete cluster --name prod-cluster

Conclusion

By following this tutorial, you can set up and manage a production-ready Kubernetes cluster on AWS EKS. Ensure regular monitoring, scaling, and secure configurations to maintain a robust production environment.

Comments

Discussion

Share your thoughts and join the conversation

Loading comments...

Join the Discussion

Please log in to share your thoughts and engage with the community.

Log InSign Up