Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

How to deploy on EKS

Amazon Elastic Kubernetes Service (EKS) is a popular, fully automated Kubernetes service. To access the EKS Web interface, go to console.aws.amazon.com/eks/home.

Summary


Install EKS and Juju tooling

Install Juju and the kubectl CLI tools (that will be used for managing the Kubernetes cluster) via snap:

sudo snap install juju --channel 3.5/stable
sudo snap install kubectl --classic

Follow the installation guides for:

  • eksctl - the Amazon EKS CLI
  • AWS CLI - the Amazon Web Services CLI

To check they are all correctly installed, you can run the commands below.

juju version
Sample output:
3.5.2-genericlinux-amd64
kubectl version --client
Sample output:
Client Version: v1.28.2
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
eksctl info
Sample output:
eksctl version: 0.159.0
kubectl version: v1.28.2
aws --version
Sample output:
aws-cli/2.13.25 Python/3.11.5 Linux/6.2.0-33-generic exe/x86_64.ubuntu.23 prompt/off

Authenticate

Create an IAM account (or use legacy access keys) and login to AWS:

> aws configure
AWS Access Key ID [None]: SECRET_ACCESS_KEY_ID
AWS Secret Access Key [None]: SECRET_ACCESS_KEY_VALUE
Default region name [None]: eu-west-3
Default output format [None]:

Verify that the CLI tool is correctly authenticating

aws sts get-caller-identity
Sample output:
{
    "UserId": "1234567890",
    "Account": "1234567890",
    "Arn": "arn:aws:iam::1234567890:root"
}

Create a new EKS cluster

Export the deployment name for further use:

export JUJU_NAME=eks-$USER-$RANDOM

This following examples in this guide will use the location eu-west-3 and K8s v.1.27 - feel free to change this for your own deployment.

Sample `cluster.yaml`:
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
    name: ${JUJU_NAME}
    region: eu-west-3
    version: "1.27"
iam:
  withOIDC: true

addons:
- name: aws-ebs-csi-driver
  wellKnownPolicies:
    ebsCSIController: true

nodeGroups:
    - name: ng-1
      minSize: 3
      maxSize: 5
      iam:
        attachPolicyARNs:
        - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
        - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
        - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
        - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
        - arn:aws:iam::aws:policy/AmazonS3FullAccess
      instancesDistribution:
        maxPrice: 0.15
        instanceTypes: ["m5.xlarge", "m5.2xlarge"] # At least two instance types should be specified
        onDemandBaseCapacity: 0
        onDemandPercentageAboveBaseCapacity: 50
        spotInstancePools: 2

Bootstrap EKS cluster with the following command:

eksctl create cluster -f cluster.yaml
Sample `cluster.yaml`:
...
2023-10-12 11:13:58 [ℹ]  using region eu-west-3
2023-10-12 11:13:59 [ℹ]  using Kubernetes version 1.27
...
2023-10-12 11:40:00 [✔]  EKS cluster "eks-taurus-27506" in "eu-west-3" region is ready

Bootstrap Juju on EKS

Add Juju K8s clouds:

juju add-k8s $JUJU_NAME

Bootstrap Juju controller:

juju bootstrap $JUJU_NAME

Deploy Charms

Create a new Juju model, if needed:

juju add-model <MODEL_NAME>

(Optional) Increase the debug level if you are troubleshooting charms:

juju model-config logging-config='<root>=INFO;unit=DEBUG'

Then, Charmed Apache Kafka can be deployed as usual:

juju deploy zookeeper-k8s -n3 --channel 3/stable
juju deploy kafka-k8s -n3 --channel 3/stable
juju integrate kafka-k8s zookeeper-k8s

We also recommend to deploy a Data Integrator for creating an admin user to manage the content of the Kafka cluster:

juju deploy data-integrator admin --channel edge \
  --config extra-user-roles=admin \
  --config topic-name=admin-topic

And integrate it with the Kafka application:

juju integrate kafka-k8s admin

For more information on Data Integrator and how to use it, please refer to the how-to manage applications user guide.

Display deployment information

Display information about the current deployments with the following commands:

kubectl cluster-info 
Sample output:
Kubernetes control plane is running at https://AAAAAAAAAAAAAAAAAAAAAAA.gr7.eu-west-3.eks.amazonaws.com
CoreDNS is running at https://AAAAAAAAAAAAAAAAAAAAAAA.gr7.eu-west-3.eks.amazonaws.com/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
eksctl get cluster -A
Sample output:
NAME            REGION      EKSCTL CREATED
eks-marc-9587	eu-west-3	True
kubectl get node
Sample output:
NAME                                           STATUS   ROLES    AGE     VERSION
ip-192-168-1-168.eu-west-3.compute.internal    Ready    <none>   5d22h   v1.27.16-eks-a737599
ip-192-168-45-234.eu-west-3.compute.internal   Ready    <none>   3h25m   v1.27.16-eks-a737599
ip-192-168-85-225.eu-west-3.compute.internal   Ready    <none>   5d22h   v1.27.16-eks-a737599

Clean up

Always clean EKS resources that are no longer necessary - they could be costly!

To clean the EKS cluster, resources and juju cloud, run the following commands:

juju destroy-controller $JUJU_NAME --yes --destroy-all-models --destroy-storage --force
juju remove-cloud $JUJU_NAME

List all services and then delete those that have an associated EXTERNAL-IP value (e.g. load balancers):

kubectl get svc --all-namespaces
kubectl delete svc <service-name> 

Next, delete the EKS cluster (As described on the Deleting an Amazon EKS cluster page):

eksctl get cluster -A
eksctl delete cluster <cluster_name> --region eu-west-3 --force --disable-nodegroup-eviction

Finally, remove AWS CLI user credentials (to avoid forgetting and getting exposed to a risk of leaking credentials):

rm -f ~/.aws/credentials

Last updated a month ago. Help improve this document in the forum.