top of page

Understand AWS EKS (Part 1)

Updated: Jan 8


You should understand the basic knowledge about container (Docker)

  • What is the container?

  • How does it work?

Kubernetes Overview


The name Kubernetes originates from Greek, meaning helmsman or pilot. K8S as an abbreviation results from counting the eight letters between the "K" and the "s".

Kubernetes is a production-ready, open-source platform designed with Google's accumulated container orchestration experience, combined with the community's best-of-breed ideas from 2014

What can Kubernetes do for you?

With modern web services, users expect applications to be available 24/7, and developers expect to deploy new versions of those applications several times a day.

Containerization (For ex: Docker) helps package software to serve these goals, enabling applications to be released and updated without downtime.

Kubernetes helps you ensure those containerized applications run where and when you want and helps them find the resources and tools they need.

Kubernetes provides you with:

  • Service discovery and load balancing: Kubernetes can expose a container using the DNS name or using their own IP address. If traffic to a container is high, Kubernetes is able to load balance and distribute the network traffic so that the deployment is stable.

  • Automated rollouts and rollbacks You can describe the desired state for your deployed containers using Kubernetes, and it can change the actual state to the desired state at a controlled rate. For example, you can automate Kubernetes to create new containers for your deployment, remove existing containers and adopt all their resources to the new container. (Same with AWS ECS function, ECS has desired count and running count)

  • Automatic bin packing You provide Kubernetes with a cluster of nodes that it can use to run containerized tasks. You tell Kubernetes how much CPU and memory (RAM) each container needs. Kubernetes can fit containers onto your nodes to make the best use of your resources.

  • Self-healing Kubernetes restarts containers that fail, replaces containers, kills containers that don't respond to your user-defined health check, and don't advertise them to clients until they are ready to serve.

  • For example, the K8S cluster has Node A and Node B. Node A is shutdown → All containers in Node A will be deployed again to Node B automatically

  • Secret and configuration management Kubernetes lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys. You can deploy and update secrets and application configuration without rebuilding your container images, and without exposing secrets in your stack configuration.

Architecture Overview


There are two types of nodes:

  • A Master-node type, which makes up the Control Plane, acts as the “brains” of the cluster.

  • One or More API Servers: Entry point for REST / kubectl

  • etcd: Distributed key/value store

  • Controller-manager: Always evaluating current vs the desired state

  • Scheduler: Manage and control the pods in worker nodes

  • A Worker-node type, which makes up the Data Plane, runs the actual container images (via pods).

  • Made up of worker nodes

  • kubelet: Acts as a pipe between the API server and the node

  • kube-proxy: Manages IP translation and routing, exposes for the internet users


  • A thin wrapper around one or more containers


  • A DaemonSet ensures that all (or some) Nodes run a copy of a Pod. As nodes are added to the cluster, Pods are added to them. As nodes are removed from the cluster, those Pods are garbage collected. Deleting a DaemonSet will clean up the Pods it created.


  • A ReplicaSet's purpose is to maintain a stable set of replica Pods running at any given time. As such, it is often used to guarantee the availability of a specified number of identical Pods.


  • Makes it easier for updating your pods to a newer version.


  • An abstract way to expose an application running on a set of Pods as a network service

AWS EKS Overview


Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane (master node)

  • Runs and scales the Kubernetes control plane across multiple AWS Availability Zones to ensure high availability.

  • Automatically scales control plane instances based on load, detects and replaces unhealthy control plane instances, and provides automated version updates and patches for them.

  • Is integrated with many AWS services to provide scalability and security for your applications, including the following capabilities:

  • Amazon ECR for container images

  • Elastic Load Balancing for load distribution

  • IAM for authentication

  • Amazon VPC for isolation





Setup K8S Tools

Install eksctl and kubectl

curl --silent --location "<$>(uname -s)_amd64.tar.gz" | tar xz -C /tmp   sudo mv -v /tmp/eksctl /usr/local/bineksctl completion bash >> ~/.bash_completion . /etc/profile.d/ . ~/.bash_completion 
sudo curl --silent --location -o /usr/local/bin/kubectl \\ <> sudo chmod +x /usr/local/bin/kubectl 

Install AWS cli

curl "[<>](<>)" -o "" unzip sudo ./aws/install 

Install jq, envsubst (from GNU gettext utilities) and bash-completion

sudo yum -y install jq gettext bash-completion moreutils 

Install yq for yaml processing

echo 'yq() {   docker run --rm -i -v "${PWD}":/workdir mikefarah/yq "$@" }' | tee -a ~/.bashrc && source ~/.bashrc 

Verify the binaries are in the path and executable

for command in kubectl jq envsubst aws 
    which $command &>/dev/null && echo "$command in path" || echo "$command NOT FOUND" 

Set the AWS Load Balancer Controller version

echo 'export LBC_VERSION="v2.4.1"' >>  ~/.bash_profile echo 'export LBC_CHART_VERSION="1.4.1"' >>  ~/.bash_profile .  ~/.bash_profile 

Enable kubectl bash_completion

kubectl completion bash >>  ~/.bash_completion . /etc/profile.d/ . ~/.bash_completion 

Make sure the your environment has AWS Credentials with Admin permission

Launching EKS Cluster via EKSCTL

Create EKS Cluster

eksctl create cluster -f eksworkshop.yaml

After run the create command, you can view the status of creation via Cloudformation Console

Add User's permission to view the EKS Console

rolearn=arn:aws:iam::AWS_ACCOUNT_ID:user/AWS_USER_NAME eksctl create iamidentitymapping --cluster eksworkshop-eksctl --arn ${rolearn} --group system:masters --username admin

View the Permission again

kubectl describe configmap -n kube-system aws-auth


Deploy the K8S Dashboard

Deploy the official K8S Dashboard

export DASHBOARD_VERSION="v2.6.0" kubectl apply -f${DASHBOARD_VERSION}/aio/deploy/recommended.yaml

Expose the Dashboard to be accessible via Proxy

Since this is deployed to our private cluster, we need to access it via a proxy. kube-proxy is available to proxy our requests to the dashboard service. In your workspace, run the following command:

kubectl proxy --port=8080 --address= --disable-filter=true &

Access the dashboard

In your Cloud9 environment, click Tools / Preview / Preview Running Application

Scroll to the end of the URL and append


The Cloud9 Preview browser doesn’t appear to support the token authentication, so once you have the login screen in the cloud9 preview browser tab, press the Pop Out button to open the login screen in a regular browser tab

Get a Dashboard login token by running this command

aws eks get-token --cluster-name eksworkshop-eksctl | jq -r '.status.token'

Copy the output of this command and then click the radio button next to Token then in the text field below paste the output from the last command.


Deploy Applications to EKS

Clone the Application Git Repo

cd ~/environment git clone git clone git clone

Deploy Backend NodeJS

Apply Deployment

cd ~/environment/ecsdemo-nodejs kubectl apply -f kubernetes/deployment.yaml

Apply Service

cd ~/environment/ecsdemo-nodejs kubectl apply -f kubernetes/service.yaml

Ensure your deployments and services are created successfully

kubectl get deployments -A
kubectl get services -A

Deploy FrontEnd

Apply Deployment

cd ~/environment/ecsdemo-frontend kubectl apply -f kubernetes/deployment.yaml

Apply Service

cd ~/environment/ecsdemo-frontend kubectl apply -f kubernetes/service.yaml

Ensure your deployments and services are created successfully

kubectl get deployments -A
kubectl get services -A

Scale the Applications

Scale the Backend

kubectl scale deployment ecsdemo-nodejs --replicas=2

Scale the Frontend

kubectl scale deployment ecsdemo-frontend --replicas=2



cd ~/environment/ecsdemo-frontend kubectl delete -f kubernetes/service.yaml kubectl delete -f kubernetes/deployment.yaml   
cd ~/environment/ecsdemo-nodejs kubectl delete -f kubernetes/service.yaml kubectl delete -f kubernetes/deployment.yaml   
export DASHBOARD_VERSION="v2.6.0" 
kubectl delete -f${DASHBOARD_VERSION}/aio/deploy/recommended.yaml unset DASHBOARD_VERSION


59 views0 comments
bottom of page