How to Deploy AWS EKS with Terraform - The Simplest Guide to Get Up and Running
Vložit
- čas přidán 31. 05. 2023
- In this video, I go over the quickest and simplest way of getting AWS Elastic Kubernetes Service (EKS) up and running using Terraform for deployment. We go over the basic configuration options and end up with a fully functional working EKS cluster by the end of the video.
Code from the video can be found free on Github 🐙
github.com/ascode-com/wiki/tr...
Let me know what questions you have, content you'd like to see, and come check out the discord and twitter!
Relevant Links 🔗
Terraform Registry Page for EKS Module: registry.terraform.io/modules...
Terraform EKS Module Source Code: github.com/terraform-aws-modu...
Get in touch 🚀
Discord: / discord
LinkedIn: / jedidiahpark
Twitter: / jediascode
Website: ascode.com
I vote for the Terraform video. You explain very well.
thank you so much!
Mate, that's the easiest and most feature-packed k8s @ aws tutorial I've ever seen, huge thanks!!!!!!!
thanks! glad i could help out
This was awesome! Very well detailed & explained, Thanks for sharing 💪I am currently working on Cluster AutoScalers on EKS as well HPA's. I seem to have the Cluster Autoscaler on point, HPA's is my next ball game. Great to see you back in action!
hey good to see you again!! and that's sick, wishing you minimal errors and bugs!
I love the simplicity and I tried it and its running, bravo. Thanks. And I like your color gradient and your cap.
hi thanks so much!
thanks a lot for the video. i was asked for a task as a test to start my new carrier and this really helps with a huge part of it. keep going bro
getting started is the hardest part! you got this!
I stumbled two times into your clip. First time is in my preparation for CKA, second time is for a example to deploy a EKS cluster with terraform. Now I realize you have a total of six clips. I think you do great tutorials. You remind me of the python tutor Angela Yu who had 2 million students. Please keep doing more.
that's awsome haha and thank you so much!
Awesome work, clear explanations, very well done. You rock!
no you rock!
I just spent days trying to wrap my head around EKS with Terraform and trying to configure permissions. I even found the same module and the same example, but it's a massive file with no real explanation for what's going on in it. Thank you so much. And yes, I would like you to do a best practices video with all the goodness.
happy to help!
Dude! you came back, do more videos. Thanks.
9:05 context switch was lighting fast
thanks m8 :)
I will appreciate a Terraform Tutorial. This was helpful as well.
awesome, thanks for the input
I really love you! It has been a brutal support for a problem I had! Thx!!!
Great tutorial! I'm interested in the full terraform best practice guide you mentioned.
awesome, thanks!
Thank you. Please make more video about Terraform follow best practises. Hope see you soon!
popular request so i'm working on putting some things together! thanks :)
This video is excellent! Please, if you have the time, I would love to see a more "prod" like, it would be amazing!!! Thank you!!!
great suggestion, i'll keep it in mind for future stuff!
Terraform tutorial will be great!
heard, seems like a popular request so i'll keep that in mind for future vids! thanks
Good explanation, thank you :)
i complete the course and just leave it be, not realizing the node group still active and charge me for over 80$ for an empty cluster. thanks ascode :)
This helped me alot!!! thank you!
Fantastic tutorial. I appreciate you keeping it simple. If you do create another with fargate and a bit more "prod" worthy config, I would surely not complain. :)
oh man, eks with fargate is another beast entirely XD i wish you luck
Good video! Hope you’ll make more soon
thank you :) planning on it!
you mentioned terraform best practices... def keen on that, if you can cover the for_each loop also,
I've got 9 subnets, 3 groups of 3, across 3 AZ's. so allot of repitition that i'm sure can be done better.
thanks for easy to follow video.
thanks for the topic suggestions! here's some info to get you started:
one of the ways you can automate this kind of set up is to dynamically get the az's and use functions like cidrsubnet() to generate the subnets. here's a thorough example: github.com/terraform-aws-modules/terraform-aws-vpc/blob/master/examples/complete/main.tf
another way is to use for_each like you mentioned and will be the way to go if you strictly need to define which az's are being used and what subnets they receive. here's an example i've done in the past: github.com/kjpark/terraform-aws-eks-vpc-cni-custom-networking/blob/main/subnets.tf with vars defined like this: (also in that repo's readme)
secondary_cidr = "100.64.0.0/16"
secondary_subnets = {
us-east-1a = "100.64.0.0/18"
us-east-1b = "100.64.64.0/18"
us-east-1c = "100.64.128.0/18"
us-east-1d = "100.64.192.0/18"
}
personally i like the second option more as its more explicit.
Thanks, just in time for me.
happy to help!
loved your channell!
thank you!
Great video. I am looking to configure a basic cluster with existing VPCs and private subnets, I suppose it's as simple as filling in the blanks. Thanks!
yup! just change the basic vpc config i provided for your own and you should be all set
saved my day!
Hey Amazing and very insightful video can you please make such video more and if possible can you include cloud projects or devops projects that newbies can practice
hey great suggestion! i'll write that down future ideas
Subscribed.
Did you end up making a video for best practices in terraform? I would love to see it!!
may break it out into different videos - like the one i made on terraform plan/apply! czcams.com/video/gGEDqXNvVVQ/video.html
what a legend
Awesome content. Please if you can cover terraform best practice
thanks and noted!
Thats a good tutorial to kick start with EKS using Terraform. Can please advise how should we do the Cluster upgrade using Terraform ?
this probably deserves a video on its own... but check out these links out for now: aws-ia.github.io/terraform-aws-eks-blueprints/advanced/cluster-upgrades/ and maybe this for a more detailed upgrade aws-ia.github.io/terraform-aws-eks-blueprints/advanced/cluster-upgrades/
Very informative. I tried to create a GKE Auto Pilot cluster in GCP with a shared VPC private network through terraform, assigned necessary GKE service account permissions, and make sure the control plane, node, ranges IP range and the location are aligned correctly as per the GCP GKE documentation. But stuck with this exception again and again, 'Error: Error waiting for creating GKE cluster: All cluster resources were brought up, but: only 0 nodes out of 1 have registered; cluster may be unhealthy.' Pls share if there is any suggestions to troubleshoot this error ??
older versions of the gcp autopilot provider had a bug where you had to set an empty ip_allocation_policy github.com/hashicorp/terraform-provider-google/issues/10782 . Not sure if that's your exact issue without knowing more details.
Hey! Thanks for the video! How long have you been in DevOps? I'm currently a sysadmin and enjoy practicing devops workflows
around 2 years for devops things!
Have you ever run into where the "coreDNS" become degraded? I'm working on a project that trying to launch an EKS that hosts a Minecraft server and every time I run the terraform apply the coredns hangs and end up being degraded in the cluster section in the add-on tab.
not sure without knowing more but i’d check your plugin versions and terraform / k8s versions. I’d also look at the plugins installed via the console UI to make sure it’s installed properly
thankyou.
do you know of any resources on how I can use the fargate profiles? So far I have been able to do it with node group like in your video and that works great, but I want to try out serverless as well. From what I understand the problem is that the pods launched by default have an annotation in their yaml that forces them to use the node groups, do we update that? Or just leave those as is and only have our application run on the fargate nodes?
fargate nodes are pretty niche. i’d use them in tandem with regular nodes if you have to bc they have so many limitations. try using the complete example in the EKS terraform repo as a starter if you need to go down this path
just Excelent
thanks
its run perfect, the only thing that I had problem is about LB, when I create a service.yaml as type load balancer my status always stay as pedding, do you think that miss some module in terraform for it runing well? other thing is about SG...its looks creating more than 1 SG, that gave me problem with LB too....thanks for all man.
check `kubectl describe svc my-loadbalancer` for the reason. you may need to configure aws load balancer controller and/or add some annotations
hey, can you do a quick video on the latest release which is 20.0 which has a major change in configmap and auth section for eks.
interesting stuff. According to the 20.x upgrade notes... "This sub-module will be removed entirely in the next major release." Looks like major changes are still coming!
What would happen if i left both self managed and managed node groups in there? Which would be created? Both?
yep! you'd create multiple node groups
I need to configure the release part of the specific users access to clsuter. Do you have any example? I speak here from Brazil :)
hi from the US! For user access, start by looking at the aws auth configmap section
Brilliant stuff !! But come on now drop the dotfiles 😂
it's not production-grade (one day!) but if you want 'em for reference here ya go :) github.com/kjpark/dotfiles
Hey, I have a question, how do i deploy an app and make it accessible over the internet to users with the same repo you have created. Thanks
You would have to deploy a load balancer and route it to a service for your pods. Typically you would use load balancer controller in aws to do this. Hope that's enough to help you get started!
@@ascode-com Thanks for your reply. Is it possible to do using terraform ? Do you have any example code to deploy the load balancer?
I tried to deploy eks exactly same way like you deployed. but pods are not be scheduled. whatever i wanted to create, status is pending
try checking the logs and describe for more info
After deploying service lb had an error:
Error syncing load balancer: failed to ensure load balancer: Multiple tagged security groups found for instance i-01d5b3aa46279a7c2; ensure only the k8s security group is tagged; the tagged groups were sg-0a3e3e24c0bc7840c(ascode-cluster-node-20230804045954383900000009) sg-0a4c75831ab5db090(eks-cluster-sg-ascode-cluster-1526614196)
Checked, really node instance has 2 sg attached. One sg for nodes, and one that automatically created by EKS.
Do you have ideas how to fix it in terraform initial config?
hey! replied in discord but linking the workaround here if anybody else has the same issue
github.com/terraform-aws-modules/terraform-aws-eks/issues/1810#issuecomment-1021202184
If I never use terraform for provisioning before, can I use terraform for create only EKS ?
yes you can. you'll just have to select (data resource or hardcode) your existing resources in
How to add your AWS credentials before running the terraform apply?
multiple ways to do this! easiest way is to configure your shell environment via awscli. you can make and use an access key. Here's general info: docs.aws.amazon.com/cli/v1/userguide/cli-chap-authentication.html
Can you please make videos about aks and gke via terraform as well
i'll consider it! thanks for the suggestion
Like for your great tutorial, please record tf best practices video
8:36 what is "upstream" VPC module?
upstream refers to the official AWS VPC module maintained by hashicorp registry.terraform.io/modules/terraform-aws-modules/vpc/aws/latest
It would be great if you could create a terraform tutorial. Thanks in advance.
awesome, thanks for the input
Do you recommend this over using the eks blueprint libraries. They look cool but docs lacking. Does this create a cloud stack or naw?
i agree, blueprints look cool but i would avoid bc they're not as popular or have as much support. if you're trying to stick with nodejs i'd take a look at pulumi for IaC. otherwise use terraform
@@ascode-com Thanks - I went with eksctl for now but will switch to terraform long term
@@hughesadam87 eksctl is a great option too!
I'm a total noob and therefore have a question. We now deployed EKS with Terraform, how do I proceed from here? Using Kubernetes to deploy my application, load balancer, subnets etc?
good questions! check my other video on getting a demo app running czcams.com/video/g9EqZiTWLGA/video.html
also join the discord if you want some support / discussion!
just confused ... how local.name is same as config in locals --- should it not be locals.name ?
hi, it's called locals when being declared, local.xyz is the syntax when referring to them. More here: developer.hashicorp.com/terraform/language/values/locals
make a tutorial with complete automated pipeline workflow deploying frontend + backend using
- terraform
- eks
- argocd
- jenkins
- sonarqube
- trivy
good topics to cover! i'll keep that noted thanks
Please help with Terraforj set up video 🙏🏾
noted m8. haven't had much time these days but it's still on the list
@@ascode-com thanks so much
did't have "complete" option in github
you're right it looks like they updated the examples. I think eks-managed or self-managed are still good places to start.
"Complete" is not one of the examples anymore. It is only self managed, or aws managed. I'm having a lot of trouble getting it to work without making the endpoint public
hi, no videos since 6 months, are you doing well?
haha yeah i'm alive, been wanting to get back into it but life's just so busy. channel is a side project of mine but def not abandoned!! thanks for asking
@@ascode-com good to hear and Take care
Personally I don’t like using remote modules . How would you deploy this cluster in different region ? Definitely I would go with my own module and call them from main module.
remote's probably the easiest but i hear ya. region is configurable in the locals.
most of video is about deleting code :)