High-Performance EKS: Launching Production-Ready Clusters

In this comprehensive guide, I'll walk you through launching your first Amazon Elastic Kubernetes Service (EKS) cluster, from initial setup to deploying a sample application.

Prerequisites

Before we begin, ensure you have:

• An AWS account with appropriate permissions

• Basic understanding of Kubernetes concepts

• Familiarity with AWS CLI and command line tools

First, let's understand what Amazon EKS is and its various functions before we deploy our cluster.

What is Amazon EKS?

Amazon Elastic Kubernetes Service (EKS) is a fully managed Kubernetes service that makes it easy to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane. It's AWS's solution for organizations that want to leverage Kubernetes' container orchestration capabilities without the operational overhead.

Key Functions & Core Capabilities

Managed Control Plane

• Automatic Updates: AWS handles Kubernetes control plane updates and patching

• High Availability: Multi-AZ deployment of control plane nodes

• Security: Managed etcd storage with encryption and regular backups

• Monitoring: Integrated with CloudWatch for logging and metrics

Kubernetes Compliance

• Certified Conformant: Guaranteed compatibility with upstream Kubernetes

• API Compatibility: Full support for standard Kubernetes APIs and tools

• Version Management: Seamless upgrades between Kubernetes versions

Networking & Security

• VPC Integration: Native AWS VPC networking for pods

• IAM Integration: Fine-grained access control using AWS IAM

• Security Groups: Network security at the pod level

• Load Balancer Integration: Automatic provisioning of ALB/NLB

Monitoring & Operations

• CloudWatch Integration: Centralized logging and monitoring

• Container Insights: Performance monitoring for containerized applications

• Auto-scaling: Integration with Cluster Autoscaler and Karpenter

Let's begin launching our EKS cluster :)

Step 1: IAM User Setup

First, let's create an IAM user with administrative permissions:

1. Navigate to IAM Console

   • Go to AWS Console → IAM → Users

   • Click "Create users"

     

     

2. Configure User Details

   • User name: K8S-User (or your preferred name)

   • Click "Next"

     

3. Set Permissions

   • Select "Attach policies directly"

   • Choose "AdministratorAccess" policy

   • Click "Next" → "Create user"

     

     

     

4. Getting your access and secret access key

   • Select the newly created user K8S-User.

   • Select the Security credentials tab.

     

   • Scroll down to Access keys and select Create access key.

     

   • Select Command Line Interface (CLI) and check-mark the acknowledgment at the bottom of the page.

     

   • Click Next.

   • Click Create access key.

     

   • Either copy both the access key and the secret access key and paste them into a local text file, or click Download .csv file. We will use the credentials when setting up the AWS CLI.

   • Click Done.

     

Step 2: Launch EC2 Instance as Jump Host

We'll use an EC2 instance as our management host:

1. Launch Instance

   • Go to EC2 → Instances → "Launch Instance"

     

   • AMI: Amazon Linux 2 AMI

   • Instance type: t2/t3.micro

   • Key pair: Create new key pair and download it

2. Configure Network

   • Expand "Network settings"

   • Ensure "Auto-assign Public IP" is set to Enable

   • Click "Launch Instance"

     

     

3. Connect to Instance

   • Wait for instance to reach "Running" state

     

   • Select instance → Click "Connect"

   • Choose "EC2 Instance Connect"

   • Click "Connect"

     

Step 3: Install and Configure Required Tools

In your EC2 instance terminal, install the necessary tools:

Update AWS CLI to Version 2

# Check current version
aws --version

# Download and install AWS CLI v2
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install --bin-dir /usr/bin --install-dir /usr/bin/aws-cli --update

# Verify installation
aws --version

Configure AWS CLI

aws configure

Enter the following when prompted:

• AWS Access Key ID: [Your access key from Step 1]

• AWS Secret Access Key: [Your secret key from Step 1]

• Default region name: us-east-1 use your region name; mine is “us-east-1”.

• Default output format: json

Install kubectl

bash

# Download kubectl
curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.16.8/2020-04-16/bin/linux/amd64/kubectl

# Make executable and move to PATH
chmod +x ./kubectl

# Copy the binary to a directory in your path:
mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$PATH:$HOME/bin

# Verify installation
kubectl version --short --client

Install eksctl

# Download and install eksctl
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp

# Move the extracted binary to /usr/bin
sudo mv /tmp/eksctl /usr/bin

# Verify installation
eksctl version

Step 4: Create Your EKS Cluster

Now, let's provision the EKS cluster:

Basic Cluster Creation

# Provision an EKS cluster with three worker nodes in us-east-1:
eksctl create cluster --name dev --region us-east-1 \
  --nodegroup-name standard-workers --node-type t3.medium \
  --nodes 3 --nodes-min 1 --nodes-max 4 --managed

Troubleshooting Tip: If you encounter capacity issues, specify availability zones:

eksctl create cluster --name dev --region us-east-1 \
  --zones us-east-1a,us-east-1b,us-east-1c,us-east-1d,us-east-1f \
  --nodegroup-name standard-workers --node-type t3.medium \
  --nodes 3 --nodes-min 1 --nodes-max 4 --managed

What's Happening?

This command will:

• Create EKS control plane (managed by AWS)

• Provision worker nodes in an Auto Scaling Group

• Set up VPC, subnets, and security groups

• Configure kubectl context automatically

• It will take 10–15 minutes since it's provisioning the control plane and worker nodes, attaching the worker nodes to the control plane, and creating the VPC, security group, and Auto Scaling group.

What To Do Next:

• In the AWS Management Console, navigate to Cloud Formation and take a look at what’s going on there.

• Select the “eksctl-dev-cluster” stack (this is our control plane).

  

• Click Events, so you can see all the resources that are being created.

• We should then see another new stack being created — this one is our node group.

  

• Once both stacks are complete, navigate to Elastic Kubernetes Service > Clusters.

• Click the listed cluster.

  

• If you see a “Your current user or role does not have access to Kubernetes objects on this EKS cluster” message just ignore it, as it won't impact the next steps of the activity.

• Click the Compute tab (under Configuration), and then click the listed node group. There, we'll see the Kubernetes version, instance type, status, etc.

  

  

• Click dev in the breadcrumb navigation link at the top of the screen.

• Click the Networking tab (under Configuration), where we'll see the VPC, subnets, etc.

• Click the Logging tab (under Configuration), where we'll see the control plane logging info.

  • The control plane is abstracted — we can only interact with it using the command line utilities or the console. It’s not an EC2 instance we can log into and start running Linux commands on.

• Navigate to EC2 > Instances, where you should see the instances have been launched.

  

• Close out of the existing CLI window, if you still have it open.

• Select the original t2/t3.micro instance, and click Connect at the top of the window.

  

  • In the Connect to your instance dialog, select EC2 Instance Connect.

  • Click Connect.

Verify Cluster Creation

# Configure kubectl
aws eks update-kubeconfig --name dev --region us-east-1

# Check nodes
kubectl get nodes

Step 5: Deploy a Sample Application

Let's deploy an Nginx web server to test our cluster:

Clone Sample Repository

bash

sudo yum install -y git
git clone https://github.com/ACloudGuru-Resources/Course_EKS-Basics
cd Course_EKS-Basics

Examine Deployment Files

# View deployment configuration
cat nginx-deployment.yaml

# View service configuration
cat nginx-svc.yaml

Deploy the Application

# Create the service (LoadBalancer)
kubectl apply -f ./nginx-svc.yaml

# Create the deployment
kubectl apply -f ./nginx-deployment.yaml

Verify Deployment

# Check service status
kubectl get service

# Check deployment status
kubectl get deployment

# Check pods
kubectl get pods

# Check replica sets
kubectl get rs

Test the Application

# Get the LoadBalancer external hostname
kubectl get service

# Access the application (replace with your actual hostname)
curl "your-load-balancer-hostname.us-east-1.elb.amazonaws.com"

• You should see the Nginx welcome page HTML!

• In a new browser tab, navigate to the same IP, where we should again see the Nginx web page.

In the CLI, delete everything:

eksctl delete cluster dev --region us-east-1

Congratulations! 🎉 You've successfully navigated the complete process of launching your Amazon EKS cluster. I hope this article provided valuable guidance for your container orchestration journey.