AWS EKS Cluster Creating Lab

By /

Hands-on Lab: Provisioning Your First EKS Cluster with eksctl

Objective: Spin up a fully functional Amazon Elastic Kubernetes Service (EKS) cluster using eksctl, deploy a test workload to verify functionality, and tear it down to optimize costs.

Cost Warning: This lab requires an AWS account and will incur small charges. The EKS Control Plane costs ~$0.10 per hour, plus the cost of the EC2 instances (t3.medium instances are ~$0.04/hr each). Total lab cost should be well under $1.00 if torn down immediately after completion.

Step 1: The Prerequisites

Before building the cluster, you need the right tools installed on your local machine. These tools act as the bridge between your terminal and the AWS Cloud infrastructure.

  1. AWS CLI (Command Line Interface): Used to authenticate your terminal with your AWS account.
    • Install: choco install awscli -y
  2. kubectl: The standard Kubernetes command-line tool. It allows you to run commands against Kubernetes clusters to deploy applications, inspect resources, and view logs.
    • Install: choco install kubernetes-cli -y
  3. eksctl: The official CLI for Amazon EKS, originally created by Weaveworks and officially endorsed by AWS. It automates the heavy lifting of writing complex CloudFormation templates.
    • Install: choco install eksctl -y

Step 2: Authenticate with AWS

Your terminal needs to know who you are and what permissions you have before it can build infrastructure on your behalf.

  1. Generate an Access Key ID and Secret Access Key from the IAM (Identity and Access Management) console in your AWS account. Ensure this IAM user has Administrator access (or sufficient privileges to create VPCs, EC2 instances, IAM roles, and EKS clusters).
  2. Open your terminal and run: aws configure
  3. Input your credentials when prompted:
    • AWS Access Key ID: Paste your key here.
    • AWS Secret Access Key: Paste your secret here.
    • Default region name: us-east-1 (or your preferred region).
    • Default output format: json

Step 3: Create the Cluster Config File

While you can use a massive single-line command to build a cluster, Infrastructure as Code (IaC) is the industry standard. It makes your deployments repeatable, readable, and version-controllable.

Create a new directory for your project, navigate into it, and create a file named cluster.yaml:

YAML
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: devsecops-guru-cluster
  region: us-east-1
  version: "1.34" # Using a modern, supported Kubernetes version



managedNodeGroups:
  - name: standard-nodes
    instanceType: t3.medium
    minSize: 1
    maxSize: 2
    desiredCapacity: 1
    volumeSize: 20
    ssh:
      allow: true # Optional: Allows SSH access using AWS SSM if needed
    labels:
      role: "worker-node"
    tags:
      environment: "practice-lab"

Step 4: Launch the Cluster!

With your blueprint ready, it’s time to trigger the build. Run the following command in the same directory as your cluster.yaml file:

Bash
eksctl create cluster -f cluster.yaml

(EKS takes about 15-20 minutes to provision the VPC, Subnets, Control Plane, and Node Groups behind the scenes).

Step 5: Verify the Connection

Once the terminal outputs that the cluster is ready, eksctl will automatically update your local ~/.kube/config file. This file acts as your VIP pass, telling kubectl exactly where your cluster is and how to securely authenticate with it.

Check your nodes:

Bash
kubectl get nodes

You should see two t3.medium instances listed with a Ready status.

    Check the system pods:

    Bash
    kubectl get pods -n kube-system

    This will show you the critical internal components running, such as aws-node (the VPC CNI for networking), coredns (for internal service discovery), and kube-proxy.

    Step 6: Mini Project – Deploy a Test Application

    To truly validate your cluster, let’s deploy a simple web server and expose it to the internet.

    1: Create a Deployment:

      Bash
      kubectl create deployment nginx-demo --image=nginx:latest

      2: Expose the Deployment:

      Bash
      kubectl expose deployment nginx-demo --port=80 --type=LoadBalancer

      3: Find your Load Balancer URL:

      Bash
      kubectl get svc nginx-demo

      Look under the EXTERNAL-IP column. It will look like a long AWS DNS string (e.g., a1b2c3d4...us-east-1.elb.amazonaws.com).

      Note: It may take 2-3 minutes for the underlying AWS Load Balancer to provision. Once it does, paste that URL into your web browser to see the default NGINX welcome page!

      Step 7: The Clean Up (Crucial for Cost Optimization)

      The most important habit of a good cloud engineer is tearing down infrastructure when it is no longer needed. Do not skip this step, or you will continue to be billed for the Load Balancer, EC2 instances, and the EKS Control Plane.

      Ensure you are in the same directory as your cluster.yaml file, and run:

        Bash
        eksctl delete cluster -f cluster.yaml

        Verify the cluster is gone by running kubectl get nodes. You should receive an error stating the server could not be reached or the connection was refused.

        Leave a Comment

        Your email address will not be published. Required fields are marked *

        Scroll to Top