Containerization has revolutionized the way applications are deployed, offering increased portability and scalability. At the forefront of container management, Kubernetes has emerged as a dominant open-source platform.
Derived from the Greek word for helmsman or pilot, Kubernetes aptly serves as a pilot, skillfully managing workloads while you set the course for your applications.
In kubernetes series article, we will explore Kubernetes’ essential features, its role in managing containerized workloads, and its extensibility options, empowering developers to harness its full potential.
-
An Introduction to Kubernetes (3) Publish Application to Amazon Elastic Kubernetes Service
-
An Introduction to Kubernetes (4) Troubleshooting & References
In this section, will introduction about environment preparation in linux and Mac.
Install kubectl
Install (or update) kubectl (Kubernetes )
mac
curl -O https://s3.us-west-2.amazonaws.com/amazon-eks/1.27.1/2023-04-19/bin/darwin/amd64/kubectl
chmod +x ./kubectl
mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$HOME/bin:$PATH
echo 'export PATH=$HOME/bin:$PATH' >> ~/.bash_profile
kubectl version --short --client
Linux
sudo -i
curl -O https://s3.us-west-2.amazonaws.com/amazon-eks/1.27.1/2023-04-19/bin/linux/amd64/kubectl
chmod +x ./kubectl
mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$HOME/bin:$PATH
echo 'export PATH=$HOME/bin:$PATH' >> ~/.bashrc
kubectl version --short --client
Install EKSCtl
https://github.com/eksctl-io/eksctl/blob/main/README.md#installation
Mac (Not Recommended)
brew tap weaveworks/tap
brew install weaveworks/tap/eksctl
Linux
# for ARM systems, set ARCH to: `arm64`, `armv6` or `armv7`
ARCH=amd64
PLATFORM=$(uname -s)_$ARCH
curl -sLO "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$PLATFORM.tar.gz"
# (Optional) Verify checksum
curl -sL "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_checksums.txt" | grep $PLATFORM | sha256sum --check
tar -xzf eksctl_$PLATFORM.tar.gz -C /tmp && rm eksctl_$PLATFORM.tar.gz
sudo mv /tmp/eksctl $HOME/bin/eksctl && export PATH=$HOME/bin:$PATH
echo 'export PATH=$HOME/bin:$PATH' >> ~/.bashrc
eksctl version
Install AWS CLI
Mac
Please reference https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
Linux
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version
If you found the aws version still 1.x, can execute the upgrade command
pip3 install --upgrade --user awscli
./aws/install --bin-dir /bin --install-dir /aws-cli --updates
prepare environment variable
export EKS_CLUSTER_NAME=demo-version
export AWS_REGION=ap-northeast-1
Prepare AWS Credentials
setting credentials
mkdir ~/.aws
echo "[backyard]
aws_access_key_id={your access key}
aws_secret_access_key={your secret key}
aws_session_token={your session token}" > ~/.aws/credentials
Setting config region
[backyard]
region=ap-northeast-1
output=json
checkout crediential
$ aws --profile backyard configure list
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key ****************xxxx shared-credentials-file
secret_key ****************xxxx shared-credentials-file
region ap-northeast-1 config-file ~/.aws/config
Install AWS IAM Authenticator
Mac
brew install aws-iam-authenticator
aws-iam-authenticator help
Linux
curl -Lo aws-iam-authenticator https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/download/v0.5.9/aws-iam-authenticator_0.5.9_linux_amd64
chmod +x ./aws-iam-authenticator
mkdir -p $HOME/bin && cp ./aws-iam-authenticator $HOME/bin/aws-iam-authenticator && export PATH=$HOME/bin:$PATH
echo 'export PATH=$HOME/bin:$PATH' >> ~/.bashrc
aws-iam-authenticator help
AWS IAM Authenticator get the EKS cluster authentication
aws-iam-authenticator token --cluster-name $EKS_CLUSTER_NAME --region $AWS_REGION
aws eks get-token --cluster-name $EKS_CLUSTER_NAME --region $AWS_REGION
Confirm your AWS IAM verfication for Kubernetes:
aws --profile backyard sts get-caller-identity
Create a kubeconfig
aws --profile backyard eks update-kubeconfig --region $AWS_REGION --name $EKS_CLUSTER_NAME
Create IAM Role json
cat >eks-cluster-role-trust-policy.json <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "eks.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
EOF
Create IAM Role
aws iam --profile backyard create-role \
--role-name adamAmazonEKSClusterRole \
--assume-role-policy-document file://"eks-cluster-role-trust-policy.json"
Attach role policy
aws --profile backyard iam attach-role-policy \
--policy-arn arn:aws:iam::aws:policy/AmazonEKSClusterPolicy \
--role-name adamAmazonEKSClusterRole