Task2: Create an EKS cluster using Terraform and deploy an Nginx application on the K8s cluster and access it via the Internet
We are using AWS as our cloud provider for this taks.
Manifest files used to achieve this task:
Once we do a terraform apply on these files, an EKS cluster, a Node group with 2 instance and a Bastion host gets created.
Lets look at the EKS cluster and Node group:
EKS is a Managed service by AWS and we do not have any control over this component, AWS has compelete control over it.
We have to create a Master Role and Node group Role and attach some policies for each role.
Policies assigned to Master Role:
AmazonEKSClusterPolicy
AmazonEKSServicePolicy
AmazonEKSVPCResourceController
Policies assigned to Node Role:
AmazonEKSWorkerNodePolicy
AmazonEKS_CNI_Policy
AmazonSSMManagedInstanceCore
AmazonEC2ContainerRegistryReadOnly
s3
EKS cluster is dependent on the Master Role with above mentioned polices and Node group is dependent on the Worker Node Role with above mentioned policies attached.
We can see the EKS cluster name is EKS-DEMO and status is Active.
Now we have Node Group, which is considered as Data plane and we have control over it. Actual workloads run on these machines.
We have two machines in the our Node group
Node1:
Node2:
Once the cluster gets created login to Bastion, we have already installed AWS CLI and kubectl using script.
Now we need to fetch the kubeconfig file using the below command:
Now the kubeconfig file is downloaded using which we can access the API server.
kubeconfig file has all the details of the cluster, certificates and secret token to authenticate to cluster.
Using kubectl we can deploy our application on to the k8s cluster.
We have two deployment files, one for nginx deployment and one for nginx service.
The files are as follows:
Once we apply these files, Nginx deployment with 2 replicas and Nginx service of type Load Balancer gets created.
We can access our Nginx pod using the dns name of the Load Balancer.
