Elastic kubernetes service(EKS) setup

Kubernetes (also known as k8s or “kube”) is an open source container orchestration platform that automates many of the manual processes involved in deploying, managing, and scaling containerized applications.

In other words, you can cluster together groups of hosts running Linux containers, and Kubernetes helps you easily and efficiently manage those clusters.

Kubernetes clusters can span hosts across on-premise, public, private, or hybrid clouds. For this reason, Kubernetes is an ideal platform for hosting cloud-native applications that require rapid scaling, like real-time data streaming through Apache Kafka.

Kubernetes was originally developed and designed by engineers at Google. Google was one of the early contributors to Linux container technology and has talked publicly about how everything at Google runs in containers. (This is the technology behind Google’s cloud services.)

Google generates more than 2 billion container deployments a week, all powered by its internal platform, Borg. Borg was the predecessor to Kubernetes, and the lessons learned from developing Borg over the years became the primary influence behind much of Kubernetes technology.

WHAT IS EKS??

Amazon Elastic Kubernetes Service (EKS) is a managed Kubernetes service that makes it easy for you to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane. Amazon EKS is certified Kubernetes conformant, so existing applications running on upstream Kubernetes are compatible with Amazon EKS.

Amazon EKS automatically manages the availability and scalability of the Kubernetes control plane nodes that are responsible for starting and stopping containers, scheduling containers on virtual machines, storing cluster data, and other tasks. Amazon EKS automatically detects and replaces unhealthy control plane nodes for each cluster.

You can choose to run your EKS clusters using AWS Fargate, which is serverless compute for containers. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design.

With Amazon EKS, you can take advantage of all the performance, scale, reliability, and availability of the AWS platform, as well as integrations with AWS networking and security services, such as Application Load Balancers for load distribution, Identity Access Manager (IAM) for role based access control, and Virtual Private Cloud (VPC) for pod networking.

Advantages of using EKS by AWS

• MANAGED CONTROL PLANE
• MANAGED WORKER NODES
• SERVICE DISCOVERY
• VPC SUPPORT
• LOAD BALANCING
• MANAGED CLUSTER UPDATES

Now,we will directly jump to the setup of EKS clusters and all.

AWS CONFIGURATION

Here,we will do the things usind aws cli so we need to download the aws cli and also we need to download eksctl and kubectl.Here we will use eksctl for eks and kubectl is the local k8s command which we will use to check our nods,pods,clusters,etc.And make sure that eksctk,k8s,aws are present in environment path variables.

Here,I will use my root account to configure aws ,we can also choose an IAM account but we will have to create an IAM set permission.

As soon as we will run all these and provide our access key and secret key,our aws will be configured with our aws account and we can start using the services from our aws cli

Setting up the kubernetes cluster

Now we will create a cluster,to create a cluster we will have to write a code in .yml format.

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig


metadata:
  name: lwcluster
  region: ap-south-1


nodeGroups:
   - name: ng1
     desiredCapacity: 2
     instanceType: t2.micro
     ssh:
        publicKeyName: os1key
   - name: ng2
     desiredCapacity: 1
     instanceType: t2.small
     ssh:
        publicKeyName: os1key
   - name: ng-mixed
     minSize: 2
     maxSize: 5
     instancesDistribution:
       maxPrice: 0.017
       instanceTypes: ["t3.small", "t3.medium"] # At least one instance type should be specified
       onDemandBaseCapacity: 0
       onDemandPercentageAboveBaseCapacity: 50
       spotInstancePools: 2     
     ssh:
         publicKeyName: os1key

We have to save this code in .yml format , i have saved this file as cluster.yml and then we will run this code using the command:

>>eksctl create cluster -f cluster.yml

As soon as we will run this command , our cluster setup process will start and it will take around 20mins for the whole setup to complete successfully.

After the cluster setup is ready , we can check the cluster using the command:

>> eksctl get cluster

We can also verify the cluster from the webUI:

Updating kubectl config file

Update config file to allow kubectl to send instructions to master node and work with our eks nodes.

command to update kubectl config file:

>> aws eks update-kubeconfig --name lwcluster

We can also check the things using webUI:

We can also verify the the cluster creation ,check for your node-groups in CloudFormation :

Now we willcheck whether the instances are running or not using webUI:

Creation of namespace and pvc:

Now,We will create a separate workspace by creating a new name space which will makes thing easier to manage:

>> kubectl create namespace lwns1

This comand will create a new namespace named lwns1

Now,we create a pvc we will write a code :

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: lwpvc1
spec:
  storageClassName: lwsc1
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

This code will create a new pvc named lwpvc1

we will run this code using the command:

>> kubectl create -f pvc.yml

As soon as we will run this command a new pvc will be created:

Creating a EFS file storage:

We will create a EFS file storage which provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources.

Now we will copy the DNS id from the webUI and modify in the efs-provisioner code. This code will connect the EFS to PVC using the DNS id.

kind: Deployment
apiVersion: apps/v1
metadata:
  name: efs-provisioner
spec:
  selector:
    matchLabels:
      app: efs-provisioner
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: efs-provisioner
    spec:
      containers:
        - name: efs-provisioner
          image: quay.io/external_storage/efs-provisioner:v0.1.0
          env:
            - name: FILE_SYSTEM_ID
              value: fs-c060ea11
            - name: AWS_REGION
              value: ap-south-1
            - name: PROVISIONER_NAME
              value: lw-course/aws-efs
          volumeMounts:
            - name: pv-volume
              mountPath: /persistentvolumes
      volumes:
        - name: pv-volume
          nfs:
            server: fs-c060ea11.efs.ap-south-1.amazonaws.com
            path: /

Granting permission to RBAC :

Then we will provide RBAC permissions . ClusterRole can be used to grant the same permissions as a Role. It is one kind of a authorization mechanism which have the flexibility of giving permission to the resources without restarting the cluster.

The code for the same is:

---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: nfs-provisioner-role-binding
subjects:
  - kind: ServiceAccount
    name: default
    namespace: lwns
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

Creating storage class:

Now we will create a storage class which will be used by mysql and wordpress pods.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: aws-efs
provisioner: lw-course/aws-efs
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: efs-wordpress
  annotations:
    volume.beta.kubernetes.io/storage-class: "aws-efs"
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Gi
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: efs-mysql
  annotations:
    volume.beta.kubernetes.io/storage-class: "aws-efs"
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Gi

Creation of Mysql pod:

MySQL is a freely available open source Relational Database Management System (RDBMS) that uses Structured Query Language (SQL). SQL is the most popular language for adding, accessing and managing content in a database. It is most noted for its quick processing, proven reliability, ease and flexibility of use.It is is used by WordPress to store and retrieve all your blog information.

The code for the same is:

apiVersion: v1
kind: Service
metadata:
  name: wordpress-mysql
  labels:
    app: wordpress
spec:
  ports:
    - port: 3306
  selector:
    app: wordpress
    tier: mysql
  clusterIP: None
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
  name: wordpress-mysql
  labels:
    app: wordpress
spec:
  selector:
    matchLabels:
      app: wordpress
      tier: mysql
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress
        tier: mysql
    spec:
      containers:
      - image: mysql:5.6
        name: mysql
        env:
        - name: MYSQL_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-pass
              key: password
        ports:
        - containerPort: 3306
          name: mysql
        volumeMounts:
        - name: mysql-persistent-storage
          mountPath: /var/lib/mysql
      volumes:
      - name: mysql-persistent-storage
        persistentVolumeClaim:
          claimName: efs-mysql

Creation of wordpress pod:

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system, referred to within WordPress as Themes. It also stores all the data in mySQL so that later on it can collect from this for future use.

The code for the wordpress deployment is:

apiVersion: v1
kind: Service
metadata:
  name: wordpress
  labels:
    app: wordpress
spec:
  ports:
    - port: 80
  selector:
    app: wordpress
    tier: frontend
  type: LoadBalancer
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
  name: wordpress
  labels:
    app: wordpress
spec:
  selector:
    matchLabels:
      app: wordpress
      tier: frontend
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress
        tier: frontend
    spec:
      containers:
      - image: wordpress:4.8-apache
        name: wordpress
        env:
        - name: WORDPRESS_DB_HOST
          value: wordpress-mysql
        - name: WORDPRESS_DB_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-pass
              key: password
        ports:
        - containerPort: 80
          name: wordpress
        volumeMounts:
        - name: wordpress-persistent-storage
          mountPath: /var/www/html
      volumes:
      - name: wordpress-persistent-storage
        persistentVolumeClaim:
          claimName: efs-wordpress

Creation of a customized file:

To reduce the time and effort we will create a customized file so that we can run all the .yml file at once.It will create all the resources at a single click.

So we will create a file named "Kustomization.yml"

The code for the file is:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
secretGenerator:
- name: mysql-pass
  literals:
  - password=redhat
resources:
  - create-efs-provisioner.yaml
  - create-rbac.yaml
  - create-storage.yaml
  - deploy-mysql.yaml
  - deploy-wordpress.yaml

To run the above file,we will use the command:

>> kubectl create -k .

As soon as we run the kustomisation file,we will see that all the resources has been created for us.

To check the pods use the coomand:

>> kubectl get pods

Now,our required EKS setup is ready to use.

Now the next job is to launch wordpress and connect it to our sql database:

Connecting to wordpress:

We will launch wordpress and connect it to Mysql database:

Conclusion:

Succesfully completed the task of EKS provided by vimal daga sir .