Create AWS EKS Fargate Using Terraform (EFS, HPA, Ingress, ALB, IRSA, Kubernetes, Helm, Tutorial)
HTML-код
- Опубликовано: 12 июл 2024
- 🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
👉 [UPDATED] AWS EKS Kubernetes Tutorial [NEW]: • AWS EKS Kubernetes Tut...
▬▬▬▬▬ Experience & Location 💼 ▬▬▬▬▬
► I’m a Senior Software Engineer at Juniper Networks (12+ years of experience)
► Located in San Francisco Bay Area, CA (US citizen)
▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
► LinkedIn: / anton-putra
► Twitter/X: / antonvputra
► GitHub: github.com/antonputra
► Email: me@antonputra.com
▬▬▬▬▬▬ Related videos 👨🏫 ▬▬▬▬▬▬
👉 [Playlist] Kubernetes Tutorials: • Kubernetes Tutorials
👉 [Playlist] Terraform Tutorials: • Terraform Tutorials fo...
👉 [Playlist] Network Tutorials: • Network Tutorials
👉 [Playlist] Apache Kafka Tutorials: • Apache Kafka Tutorials
👉 [Playlist] Performance Benchmarks: • Performance Benchmarks
👉 [Playlist] Database Tutorials: • Database Tutorials
=========
⏱️TIMESTAMPS⏱️
0:00 Intro
1:18 Create AWS VPC Using Terraform
3:22 Create AWS EKS Fargate Using Terraform
4:44 Update CoreDNS to run on AWS Fargate
8:00 Deploy App to AWS Fargate
9:19 Deploy Metrics Server to AWS Fargate
10:28 Auto Scale with HPA Based on CPU and Memory
12:00 Improve Stability with Pod Disruption Budget
12:40 Create IAM OIDC provider Using Terraform
13:11 Deploy AWS Load Balancer Controller Using Terraform
15:04 Create Simple Ingress
16:28 Secure Ingress with SSL/TLS
18:03 Create Network Loadbalancer
18:41 Integrate Amazon EFS with AWS Fargate
=========
Source Code
📚 - Tutorial: antonputra.com/amazon/create-...
#EKS #AWS #DevOps Наука
🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
👉 [UPDATED] AWS EKS Kubernetes Tutorial [NEW]: ruclips.net/p/PLiMWaCMwGJXnKY6XmeifEpjIfkWRo9v2l&si=wc6LIC5V2tD-Tzwl
You are amazing man
Thanks :)
Thanks buddy for useful video 👍
Thanks Ambrish!
🔴UPDATED🔴 How to create EKS Cluster using Terraform MODULES (AWS Load Balancer Controller + Autoscaler + IRSA) - ruclips.net/video/kRKmcYC71J4/видео.html
Great video!
Thanks!
🟢 [New] Terragrunt Tutorial: Create VPC, EKS from Scratch! (Step-by-Step) - ruclips.net/video/yduHaOj3XMg/видео.html
👉 How to Manage Secrets in Terraform - ruclips.net/video/3N0tGKwvBdA/видео.html
👉 Terraform Tips & Tricks - ruclips.net/video/7S94oUTy2z4/видео.html
👉 ArgoCD Tutorial - ruclips.net/video/zGndgdGa1Tc/видео.html
Great work. Just wanted to suggest to keep Graphical explanation about services and connectivity between different tools before jumping into practical. but still I must say well done.
Thanks, noted.
Get Full-Length High-Quality DevOps Tutorials for Free - Subscribe Now! - ruclips.net/user/AntonPutra
Based. Thanks
my pleasure!
Great video! I have i question Anton, where you read the information for the aws-load-balancer-controller Helm chart? To know the variables to override for example? I trying to integrate the fluent-bit Helm chart but i coulnt find it.
You can use helm show command, example "helm show values karpenter/karpenter"
Hi can you share the steps for production because i think EKS should not be in public subnet. Very clean explanation thanks!
you only create public subnets for "public" load balancer, all your nodes located in private subnets with NAT gateway.
Public subnets are optional, you can remove them
Hello, just to be sure, now on recent version the annotation for core dns is gone? And we need to create the profile for the core dns pod to be able to launcnh ? Thank you for the content ❤
Thanks, it's possible, but I don't use Fargate in production and only review it when I refresh the tutorial.
great work Anton. I am trying to build the fargate container with EKS 1.26, but after follow the steps at 7:00 Min, I started getting the error you saw on first terminal at 07:06
Warning LoggingDisabled 15s fargate-scheduler Disabled logging because aws-logging configmap was not found. configmap "aws-logging" not found
CoreDNS POD never comes up and stays in pending state. I am going to try on EKS1.22 to see if this does not happen, but have you see this issue?
Thanks! check this
You created the CoreDNS pods with a default annotation that maps them to the Amazon Elastic Compute Cloud (Amazon EC2) compute type. To schedule them on a Fargate node, remove the Amazon EC2 compute type.
repost.aws/knowledge-center/eks-resolve-pending-fargate-pods
and
github.com/terraform-aws-modules/terraform-aws-eks/issues/2069
I am trying to add deployment with efs however its not working giving below error as Pod not supported on Fargate: volumes not supported: host is of an unsupported volume Type
could you do a tutorial for AWS ECS with FARGATE, and ECR as well please
Well, maybe in the future, but it's not as common as EKS.
@@AntonPutra Thank you, it will be just useful to see how you handle multiple container definitions for ECS task definition, all other solutions out there are badly explained and complex to understand.
I have a question sir where did you store the terraform state file?
For the demo locally, for production use i store it in S3 with dynamoDB lock. Some in terraform cloud such as IAM policies.
Вы используете CoreDNS Addon? Не совсем понятно откуда он начинает деплоиться
I did not explicitly use the CoreDNS managed EKS add-on. As far as I remember, I had to remove taints or do something else (patch), but the process for new EKS 1.27 and higher may be different.
@@AntonPutra thanks
Great work Anton. One quick question can we run both Fargate and EC2 together ?
Can you combine a Fargate profile with traditional node groups?' Yes, you can. Fargate only affects the selected namespaces, so it's possible.
@@AntonPutra : So in that case how would DNS works, you changed the type to fatgate from ec2.. Should we leave that to default
@@rohitnarula7038 If you use ec2, just keep dns as is.
Getting Error: (Kubernetes cluster unreachable:: with helm_release.metrics-server,
│ on 9-metrics-server.tf line 13, in resource "helm_release" "metrics-server":
│ 13: resource "helm_release" "metrics-server") after deploying terraform with helm_release resource. Any idea to fix?
try to rerun, if error persist check version and use terraform lock file. Are you able to connect to eks cluster from the terminal?
aws eks update-kubeconfig
@@AntonPutra Yes thats right, Anton. I am able to connect to cluster. When you say check version, is that helm version? I have not installed helm package on my linux instance. I remember in the video you said you dont need to install extra package. Should I ? Thanks.
I have the same issue Anton, what will be the fix for this issue?
I solved adding token argument to helm provider, like so:
data "aws_eks_cluster_auth" "cluster-auth" {
depends_on = [aws_eks_cluster.cluster]
name = aws_eks_cluster.cluster.name
}
provider "helm" {
kubernetes {
host = aws_eks_cluster.cluster.endpoint
cluster_ca_certificate = base64decode(aws_eks_cluster.cluster.certificate_authority[0].data)
token = data.aws_eks_cluster_auth.cluster-auth.token
exec {
api_version = "client.authentication.k8s.io/v1beta1"
args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.cluster.id]
command = "aws"
}
}
}│
Great video!
How to create more namespaces in eks fargate via terraform?
Thanks, just add more fo these - github.com/antonputra/tutorials/blob/main/lessons/113/terraform/7-kube-system-profile.tf#L21-L36
Ebs is supported
"You can't mount Amazon EBS volumes to Fargate Pods."
AWS Fargate considerations - docs.aws.amazon.com/eks/latest/userguide/fargate.html
I was trying to undestand what is Rafael and only later realised it's 'a profile' lol
:)
hey, I'm following the tutorial but having trouble after the "aws eks update-kubeconfig --name demo --region us-east-1" command. I changed it to matching my cluster and region, it created the config file. But when I try to get pods I get the following error:
E1001 11:58:54.188249 182883 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials
error: You must be logged in to the server (the server has asked for the client to provide credentials)
And on the aws web interface I see the following message:
Your current IAM principal doesn’t have access to Kubernetes objects on this cluster.
This may be due to the current user or role not having Kubernetes RBAC permissions to describe cluster resources or not having an entry in the cluster’s auth config map
Any idea what would be wrong?
Most likely you used different user to create EKS. By default only user that created a cluster gets access. You need to create new local profile with the same credentials and authenticate with EKS again. Example - aws eks update-kubeconfig --name dev-demo --region us-east-2 --profile crossplane
@@AntonPutra hi, thank you for your reply. I created the EKS with terraform and terraform authenticates aws with OIDC. I'm not sure how to authenticate that as a user. It's confusing :)
I followed the AWS Official Doc and It didn't work, thank you for this video.
Welcome, they focus on eksctl which is not most of the people use =)
@@AntonPutra yeah, I haven't used Helm until now too but the way you walked through the steps was good enough to get it.
I believe the problem could be the missing elb tags in subnets and some annotations I'm preety sure I didn't read in the doc... It was quite frustrating follow step by step the owner doc and the whole thing just doesn't work. Thanks again