aws-eks

Create an EKS Cluster

$ aws eks create-cluster --name [cluster_name] --role-arn [eks_service_role_arn] --resources-vpc-config subnetIds=[subnet_ids],securityGroupIds=[security_group_ids]

$ aws eks update-kubeconfig --name [cluster_name]

$ aws eks list-clusters

$ aws eks describe-cluster --name [cluster_name]

$ aws eks delete-cluster --name [cluster_name]

$ aws eks list-nodegroups --cluster-name [cluster_name]

$ aws eks describe-nodegroup --cluster-name [cluster_name] --nodegroup-name [nodegroup_name]

aws eks <subcommand> [options]

Examples of common EKS subcommands:
    aws eks create-cluster --name <cluster-name> --version <k8s-version> --role-arn <iam-role-arn> --resources-vpc-config 'subnetIds=[...],securityGroupIds=[...]'
    aws eks describe-cluster --name <cluster-name>
    aws eks list-clusters
    aws eks update-kubeconfig --name <cluster-name> --region <aws-region> --alias <context-alias>

--region <value>
    Specifies the AWS region to operate in. Overrides environment variables or configured profiles.

--profile <value>
    Uses a specific named profile from your credential file (~/.aws/credentials) to authenticate.

--output <value>
    Defines the output format: json, text, or table.

--name <value>
    (Common for EKS subcommands) Specifies the unique name of the EKS cluster or related resource.

--cluster-name <value>
    (Common for EKS subcommands) Specifies the name of the EKS cluster a resource (e.g., nodegroup, addon) belongs to.

--version <value>
    (For create-cluster) Specifies the Kubernetes version for the cluster (e.g., '1.28').

--role-arn <value>
    (For create-cluster, create-nodegroup) The Amazon Resource Name (ARN) of the IAM role to associate with the cluster or nodegroup.

--tags <key=value,key=value...>
    A list of key-value pairs to apply as tags to the EKS resource.

--instance-types <value> [<value>...]
    (For create-nodegroup) A list of EC2 instance types to use for the node group.

--resources-vpc-config <json-string>
    (For create-cluster) Configuration details for the cluster's VPC, including subnet IDs and security group IDs.

The aws eks command is a crucial part of the AWS Command Line Interface (CLI), specifically designed for interacting with and managing AWS Elastic Kubernetes Service (EKS). EKS is a managed service that makes it easy for you to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane.

The aws eks command allows users to perform a wide range of operations related to EKS resources, including:
Creating and deleting EKS clusters
Managing node groups (EC2 instances that act as worker nodes)
Configuring Fargate profiles for serverless Kubernetes pods
Managing EKS Add-ons (e.g., VPC CNI, CoreDNS)
Updating Kubernetes versions for clusters
Describing existing clusters and other EKS resources

It provides a programmatic interface to the EKS API, enabling automation, scripting, and direct control over your Kubernetes infrastructure hosted on AWS.

Prerequisites: Requires the AWS CLI to be installed and configured with appropriate IAM credentials.
IAM Permissions: Operations require specific AWS Identity and Access Management (IAM) permissions for EKS, EC2, VPC, S3, and other related services. Incorrect permissions will lead to 'Access Denied' errors.
Time-Consuming Operations: Creating or deleting an EKS cluster, or updating its Kubernetes version, can take 10-20 minutes or longer.
Cost Implications: Running EKS clusters incurs costs for the EKS control plane, EC2 instances (for worker nodes), EBS volumes, network traffic, and other AWS services.
Networking Complexity: Proper VPC, subnet, and security group configuration is critical for EKS clusters to function correctly and securely.
Eventual Consistency: Like many AWS services, EKS API calls may exhibit eventual consistency, meaning changes might not be immediately reflected across all systems.

Before using aws eks, ensure your AWS CLI is configured using aws configure. This sets up your default region and credentials, which the aws eks commands will use by default unless overridden by command-line options.

While aws eks manages the EKS infrastructure, interacting with the Kubernetes cluster itself (e.g., deploying applications, checking pod status) requires kubectl. The aws eks update-kubeconfig command is essential for configuring kubectl to connect to your EKS cluster.

Understanding EKS involves knowing its main components: the Control Plane (managed by AWS), the Data Plane (your worker nodes, which can be EC2 instances in Node Groups or serverless Fargate pods), and EKS Add-ons (managed components for core Kubernetes functionalities like networking and DNS).

AWS Elastic Kubernetes Service (EKS) was first announced at re:Invent 2017 and became generally available in June 2018. The aws eks command has evolved alongside the service, adding support for new features like Fargate profiles (launched in 2019), EKS Add-ons (launched in 2020), and various improvements to node group management. It is a continuously developed part of the broader AWS CLI, which aims to provide consistent and comprehensive access to AWS services via the command line.

aws(1), kubectl(1), helm(1), terraform(1), jq(1)