Create a private Kubernetes cluster on AWS EKS
HTML-код
- Опубликовано: 29 июл 2024
- In this video, we will learn how to Create a private Kubernetes cluster on AWS EKS.
#aws #kubernetes #eks
▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬
00:00 | Intro
00:18 | Provision VPC & other resources
01:55 | Provision private EKS cluster
04:56 | Provision worker nodes
08:40 | Provision jump servers
11:05 | Install kubectl, configure aws
13:23 | Update kubeconfig
14:26 | Jump to EKS connectivity
15:50 | Access EKS cluster via IAM role
▬▬▬▬▬▬ Important links❗️ ▬▬▬▬▬▬
► Install kubectl - docs.aws.amazon.com/eks/lates...
► Update kubeconfig - docs.aws.amazon.com/cli/lates...
► Enabling IAM principal access to your cluster -
docs.aws.amazon.com/eks/lates...
▬▬▬▬▬▬ My Videos 📹 ▬▬▬▬▬▬
Learn Terraform:
► 4 ways to structure your terraform projects - • 4 ways to structure yo...
► Three-tier architecture in AWS using Terraform - • Three-tier architectur...
► Terraform backend using S3 and Dynamodb with state locking | DevOps | Infrastructure as code - • Terraform backend usin...
CI CD Tutorials:-
► Jenkins Tutorial - Java CI/CD Pipeline with GitHub, Maven & Tomcat - • Jenkins Tutorial - Jav...
Learn AWS:-
► Access Private EC2 & RDS Instances Over The Internet Via Jump Server - • Access Private EC2 & R...
► 3 real-life scenarios to kick-start your AWS journey now!
- • 3 real-life scenarios ...
► Demo - Delegate access across AWS accounts using IAM roles - • Demo - Delegate access...
Learn Kubernetes:-
► Configure Kubernetes master-worker node using kubeadm on Amazon Linux - • Kubernetes master-work...
► Kubernetes namespaces explained - demo and use-cases - • Kubernetes namespaces ...
Learn Jenkins:-
► Scale Jenkins using EC2 plugin - • Scale jenkins slave us...
► Jenkins role based authorisation strategy | Manage and assign roles | DevOps - • Jenkins role based aut...
Learn DevOps:-
► Become a DevOps Engineer in 2021 | DevOp Engineer roadmap - • Become a DevOps Engine...
► Top 5 DevOps Certifications in 2021 | Learn DevOps - • Top 5 DevOps Certifica...
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
► Connect with me on LinkedIn: / ajitinamdar
Disclaimer: Opinions expressed in this video are my own!
This is an absolute gem!!! Amazing work Ajit, Thank you!
Thanks Selva for your feedback!
fantastic demo
Thanks, glad you liked it!
So elegant, you are a gem brother 💯
Thanks, I'm glad the video helped!
great information ..... so many k8s concepts also covered like editing configmap ..... keep up the good work Ajit, may God bless you!
Great tutorial, thank you!
Thanks for your feedback! Glad it was helpful for you.
This is great video thank you so much. This very help full.🤩
Hello.
Thank you so much for your feedback, glad you liked it!
superb sir.......❤
Thank you Naresh, glad it was helpful for you!
Amazing Content Can you please make an entire deep dive video into EKS from scratch with real-time production use cases
Hi Ruchita,
I’m glad it was useful for you. I have certainly planned more videos on EKS in the coming future. Please stay tuned.
@@ajitinamdartech Hey Ajit,
Any plans for the production grade EKS setup along with complete VPC, subnets, NAT and Route Tables?
Hi @bhupenpal,
I have planned an entire series on EKS. Please stay tuned.
Excellent
Thanks Subhadip!
Thanks!!!!!
U r the boss
Thanks, glad it was helpful for you!
It's amazing tutorial
Can you let me know what poets do I need to open while creating private eks using Terraform but here I am using ssm not jump server
Thanks for informative video I am following the same steps for setting up my cluster and i am able to access it. But the issue is when i am deploying nginx-controller in my cluster, nginx-controller pods are in pending state due to below reason
0/2 nodes are available: 1 node(s) didn't have free ports for the requested pod ports. preemption: 0/2 nodes are available: 2 No preemption victims found for incoming pod
because 443 port is used for jump server access. I have tried all possible solutions from google but not able to make up my nginx-controller pods.
please help me in this
Hello,
I didn’t understand how 443 port comes into picture here. Port 443 is on the EKS cluster. Can you please elaborate. Can you try with some other port.
Very very helpful video.
What if I use AWS Load balancer controller for private cluster. will it provision ALB NLB??
Hello,
We can provision both NLB as well as ALB. More details here - kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/service/nlb/
great video. Is it possible to create another video on setting up eks cluster through aws ci/cd and then deploy a docker container application on that cluster using pipeline.
Yes, absolutely. It’s planned. It will be out soon.
Eagerly waiting.tx again.
🙂
Hey, i have followed all the above steps,
Now i deployed an image of ECR repo, using the deployement.yaml and service.yaml file
But, i want to get a public IP address(to check the route present in the spring boot app image), to see if the images i properly deployed or not
How can i do that ?
I am using "kubectl get svc auth-service" to get the external IP, but that is not working
Hello,
Can you send me more details on my email id please?
Hey ajit,
I am still getting error saying
Unauthorized
Please help what to do
When enter sts user identity command
It gives details of iam user created
But not able to login
I open the port 443 for jump server as well
Then again tried attaching i am role as u mentioned to jump server but when we try to change access using role
I am not even able to cat on configmap yaml file
What to do
Hello,
Please reach out to me at ajitinamdar.tech@gmail.com. Send me the required screenshots, and I will try to help. Thanks
it was a super explanation . iam facing an issue , when ever iam trying to add nosed to cluster from GUI am getting health issue error on nodes and failed to add nodes to cluster ? do you have any idea about this error ? thanks in advance . i tried twice bt ended up with same error . pls help
Hello,
Can you send me more details on my email id please?
hi , thanks for the video , when i try im getting an error,
node creation failure : instance failed to join the kubernetes cluster
can yu help on this
Hello,
Have you followed the video step by step? This error usually occurs when there is no outgoing internet connectivity from your worker nodes. Please check if NAT is created and your subnet is able to route through the NAT.
Hi Ajit
Creating eks cluster in private subnet with Aws endpoint it failing and getting nodes unable to join cluster
Could you help me how to resolve issue
Hi Srini,
Are you following the video or trying something else?
Kindly provide steps to create a self managed nodes and how to make it visible in eks console. With custom Ami.
Sure, Antony. I’ll cover those in my upcoming videos.
If we don't use jump server , we want to use session manager to access eks cluster , what is process for that ?
Hi Rehan,
We can use cloud shell, I’m going to create a separate video on that. Please stay tuned.
Hi Ajit, Is there a video, where we can deploy the pods in a eks private subnet or any document
Hi,
What’s your exact requirement?
Yes you can deploy pods in a private subnet.
@@ajitinamdartech is there a way to access the eks other than jump server and deploying the pods in private subnet?
any videos that you can share
@@ajitinamdartech how can we provide access to another aws account and to users?
I have created cluster from root account and setup credentials using aws configure and able to access it but when i create iam role im getting error as error: You must be logged in to the server (Unauthorized)
Hi,
You have not performed all the steps as shown in the video.
I assume you have not configured your aws user on your jump server.
1. Have you configured aws user? aws configure?
2. Does your aws user have access to eks cluster?
Same issue I configured it still getting same error
Hi @ajith Can I skip aws configure use only I AM role access and access the eks cluster without that through ec2? @13.33
Hi Sangam,
If the cluster is created by your IAM user, you will need the configure step. Or else if it is created by an IAM role you don’t need the aws configure.
@@ajitinamdartech What I am doing is, I have created the eks cluster in the private mode and want to access through ec2 by attaching the I AM role of accessing eks ec2 is still in the same subnet with private ip as security group. but I am getting this issue You must be logged in to the server (Unauthorized)
Yes because the eks cluster was not created using that role. The first login to the eks cluster is possible only using the same user/role which was used to create the cluster.
Try creation the cluster using the same iam role which you want to use using the eksctl commands.
@@ajitinamdartech that's great it's what exactly happened, so is there a way we can fix it just change the I'm role attached to ec2 should attach with the eks cluster creation role? Can I do it
after deploy application. how we can access ?
It depends how to deploy it, can you elaborate on your question?
@@ajitinamdartech for example i deploy the application on a private cluster, how i can access publically
How does someone remember ALL of this ?
getting this error : You must be logged in to the server (the server has asked for the client to provide credentials) ....kindly reply
Hi Nikhil,
It seems you have missed some step. Can you watch the video again and see if anything you have missed?
@@ajitinamdartech sir i have seen your video 2 times but getting same error...i don't know why even though i have followed some other youtube video.....result is same
Are you trying to access the cluster from iam role or iam user?
@@ajitinamdartech after using root secret key and access keys i m able to access my cluster. to access cluster from jump server use root keys is only solution or we can do something else also ?
First of all you should never use root user for provisioning infrastructure.
Create the eks cluster using an iam user and configure its secret and access key on the jump server to access for the first time. Once you are able to access the cluster, setup iam role to access your cluster which is demonstrated in the video. Please watch the video till the end, you should get an idea.