In this blog, we will do a real-time project based on EKS. But before deep dive into the project let's know about the EKS and its features.
What is EKS?
EKS, abbreviated as "Elastic Kubernetes Service", is an AWS service managed by the Amazon Web Service. Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications.
With Amazon EKS, we can easily run K8s on AWS without having to manage any underlying infrastructure. It simplifies the process of setting up, operating, and scaling a K8s cluster. We can easily deploy, manage, and scale the containerized applications using Kubernetes while taking advantage of AWS services.
The objective of the project: To install the 2048 game on the EKS cluster in AWS. The game will be deployed in the private subnet and will be accessed from the external world in the public subnet via the Application Load Balancer (ALB)
Prerequisites:
kubectl
use the link: https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/
eksctl
sudo wget -O /usr/local/bin/eksctl https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz sudo chmod +x /usr/local/bin/eksctl file /usr/local/bin/eksctl eksctl version
AWS CLI
sudo apt update sudo apt install -y awscli
Download these tools on your machine if they are not installed. We can look for the official documentation for the installation of these tools.
Configure the AWS credentials
Configure your account details then only we can access the AWS services and able to create the EKS cluster in AWS.
Once the credentials are successfully done then create the EKS cluster.
Create a cluster using Fargate
eksctl create cluster --name game-cluster --region us-east-1 --fargate
Be patient and wait for the cluster to be created. It takes around 8-10 minutes to create the cluster.
Our EKS cluster is ready now.
Update the kube-config file
We need to update the kubectl to work with our EKS cluster.
aws eks update-kubeconfig --name game-cluster --region us-east-1
The file is updated.
Let's create a deployment file for the 2048 game
First of all, let's create a fargate profile.
eksctl create fargateprofile \
--cluster demo-cluster \
--region us-east-1 \
--name alb-sample-app \
--namespace game-2048
We can verify in the compute section of the cluster whether the profile is created or not.
The Fargate profile is created successfully and the namespace is game-2048. We can create the instances on both the namespaces.
Deploy the Deployment, Service and Ingress
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.5.4/docs/examples/2048/2048_full.yaml
This is taken from the official documentation of AWS. If you want to learn from official click here.
We can see the pods are running and also the service is in a running state, we can see it is running on the node port but the external IP is not allocated. It means anybody within AWS VPC or having access to the VPC can communicate with the pod using the Node IP along with the port. But to access this game from the external world or by the customers we have deployed the ingress.
Ingress is created with the class alb and port 80 but not the address. Only with the address, the customers can access the game. The address is not allocated because the Ingress controller is not created.
So we will create an Ingress controller that will look after the Ingress resources and create and configure the entire load balancer.
Before creating the Ingress controller, configure the IAM OIDC provider.
eksctl utils associate-iam-oidc-provider --cluster $cluster_name --approve
#replace the cluster name
IAM OIDC is integrated successfully.
Every controller in Kubernetes is a pod. So we will install an ALB controller and grant this to access the AWS services such as ALB.
Download IAM policy
curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.5.4/docs/install/iam_policy.json
Create an IAM policy
aws iam create-policy \
--policy-name AWSLoadBalancerControllerIAMPolicy \
--policy-document file://iam_policy.json
Create IAM Role
eksctl create iamserviceaccount \
--cluster=<your-cluster-name> \
--namespace=kube-system \
--name=aws-load-balancer-controller \
--role-name AmazonEKSLoadBalancerControllerRole \
--attach-policy-arn=arn:aws:iam::<your-aws-account-id>:policy/AWSLoadBalancerControllerIAMPolicy \
--approve
#replace the cluster name and the AWS account ID in above code
The role is created successfully.
Deploy ALB controller
Add the Helm repo
helm repo add eks https://aws.github.io/eks-charts
Update the repo
helm repo update eks
Install the controller
helm install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system \
--set clusterName=<your-cluster-name> \
--set serviceAccount.create=false \
--set serviceAccount.name=aws-load-balancer-controller \
--set region=<region> \
--set vpcId=<your-vpc-id>
#replace cluster name, region, vpc-id
Load Balancer is installed perfectly without any errors.
Verify the Deployments
kubectl get deployment -n kube-system aws-load-balancer-controller
The load balancer controller is running with 2 replicas.
Let us see whether this load balancer controller has created an application load balancer or not.
We can see the load balancer was created by the load balancer controller just a few minutes ago.
Watching this ingress resource, the load balancer controller created the load balancer. Copy the address: k8s-game2048-ingress2-6d3ad9a3d9-1213836616.us-east-1.elb.amazonaws.com and access it on the web browser.
So our game is live and we can enjoy the game. Congratulations on completing the project smoothly.
Note: Delete all the resouces once the project is done.
We celebrate the successful deployment of the classic 2048 game on an Amazon EKS cluster, showcasing the power and simplicity of managing containerized applications on AWS. By carefully installing tools like kubectl, aws cli, and eksctl, configuring AWS credentials, and creating an EKS cluster with Fargate profiles, we laid the foundation for a smooth deployment.
Utilizing K8s resources and the AWS Load Balancer Controller, we ensured secure external access to the game through an Application Load Balancer. The journey concluded with the satisfaction of witnessing the game go live. In the future, we will bring many more projects based on Kubernetes. Stay updated and keep learning.
Happy Learning!!