The steps to achieve this
To create an Amazon Elastic Kubernetes Service (EKS) cluster using CloudFormation, you can follow these steps:
Create a CloudFormation template: Start by creating a CloudFormation template in YAML or JSON format. This template will define the resources required for your EKS cluster, including the cluster itself, worker nodes, and other necessary components.
Define the EKS cluster resource: Within your CloudFormation template, define an AWS::EKS::Cluster resource. Specify the desired configuration for your EKS cluster, such as the version, name, and role-based access control (RBAC) configuration.
Define the worker node resources: Next, define the worker node resources in your CloudFormation template. This can be done using AWS::AutoScaling::AutoScalingGroup and AWS::EC2::LaunchTemplate resources. Specify the desired instance type, AMI, and other configurations for your worker nodes.
Define the necessary IAM roles and policies: EKS requires several IAM roles and policies for its operation. In your CloudFormation template, define the necessary IAM roles and policies using AWS::IAM::Role and AWS::IAM::Policy resources. These roles will grant permissions to your EKS cluster and worker nodes to interact with other AWS services.
Add any additional resources or configurations: Depending on your specific requirements, you may need to include additional resources or configurations in your CloudFormation template. For example, you might want to provision a VPC, subnets, security groups, or configure networking settings.
Launch the CloudFormation stack: Once your CloudFormation template is ready, you can launch a CloudFormation stack using the AWS Management Console, AWS CLI, or AWS SDKs. Provide the CloudFormation template file, specify any required parameters, and initiate the stack creation process.
Monitor the stack creation: CloudFormation will create and provision the necessary resources according to your template. You can monitor the progress of the stack creation in the CloudFormation console or use the AWS CLI or SDKs to check the stack status.
Access your EKS cluster: After the CloudFormation stack creation is complete, you can access your EKS cluster using the AWS Management Console, AWS CLI, or Kubernetes command-line tools (kubectl). You will typically need the cluster name and appropriate credentials to authenticate and interact with the cluster.
By following these steps, you can create an EKS cluster using CloudFormation and define the necessary resources and configurations to meet your specific requirements.
The code to achieve this
Here’s an example CloudFormation template in YAML format that you can use to create an EKS cluster with worker nodes:
AWSTemplateFormatVersion: "2010-09-09"
Parameters:
ClusterName:
Type: String
Description: Name of the EKS cluster
WorkerNodeGroupName:
Type: String
Description: Name of the worker node group
VpcId:
Type: AWS::EC2::VPC::Id
Description: ID of the VPC where the cluster will be created
SubnetIds:
Type: List<AWS::EC2::Subnet::Id>
Description: List of subnet IDs in different availability zones
KeyName:
Type: AWS::EC2::KeyPair::KeyName
Description: Name of an existing EC2 key pair for SSH access to worker nodes
Resources:
EKSCluster:
Type: AWS::EKS::Cluster
Properties:
Name: !Ref ClusterName
ResourcesVpcConfig:
SecurityGroupIds:
- !Ref ClusterSecurityGroup
SubnetIds: !Ref SubnetIds
ClusterSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: EKS cluster security group
VpcId: !Ref VpcId
NodeInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Roles:
- !Ref NodeInstanceRole
NodeInstanceRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service: ec2.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
- arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
NodeAutoScalingGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
AutoScalingGroupName: !Ref WorkerNodeGroupName
VPCZoneIdentifier: !Ref SubnetIds
MinSize: 1
MaxSize: 3
DesiredCapacity: 2
LaunchConfigurationName: !Ref NodeLaunchConfig
Tags:
- Key: kubernetes.io/cluster/${ClusterName}
Value: "owned"
PropagateAtLaunch: true
NodeLaunchConfig:
Type: AWS::AutoScaling::LaunchConfiguration
Properties:
ImageId: ami-xxxxxxxxxxxxxx # Specify the appropriate worker node AMI ID for your region
InstanceType: t3.medium # Specify the desired worker node instance type
IamInstanceProfile: !Ref NodeInstanceProfile
SecurityGroups:
- !Ref NodeSecurityGroup
KeyName: !Ref KeyName
NodeSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: EKS worker node security group
VpcId: !Ref VpcId
Outputs:
ClusterName:
Description: EKS cluster name
Value: !Ref ClusterName
ClusterEndpoint:
Description: EKS cluster endpoint
Value: !GetAtt EKSCluster.Endpoint
WorkerNodeGroupName:
Description: EKS worker node group name
Value: !Ref WorkerNodeGroupName
In this template, you can replace ami-xxxxxxxxxxxxxx with the appropriate AMI ID for your region and specify the desired instance type (t3.medium in the example). Also, make sure to provide valid values for other parameters such as ClusterName, WorkerNodeGroupName, VpcId, SubnetIds, and KeyName.
This template will create an EKS cluster with the specified name and VPC configuration. It will also create a worker node group using an Auto Scaling Group and launch configuration. The worker nodes will be associated with the EKS cluster and will have the necessary IAM roles and security groups.
You can use this CloudFormation template to create a stack using the AWS Management Console, AWS CLI, or AWS SDKs.