Migrate Containerized Application Workloads to the World's Dominant and Secure AWS EKS Platform

Preparation of Kubernetes based containers and clusters can be done in many ways, either by managed Kubernetes platform or by using traditional self managed private Kubernetes environment through Kops and kubeadm. The creation of clusters by traditional methods limits the flexibility in the deployment platforms. This limitation can be overridden by adopting managed Kubernetes platform. Creating the clusters on Amazon EKS is simple and performance effective. This also removes a significant operational burden for running Kubernetes and allows you to focus on building applications instead of managing Kubernetes infrastructure to the foremost.

Creation of EKS Cluster:

The clusters can be created by 3 methods:

  1. Eksctl

  2. AWS management console

  3. AWS CLI

This document explains the cluster creation with eksctl.

Creating a cluster with eksctl:

It is a simple command-line utility for creating and managing Kubernetes clusters on Amazon EKS. This is the fastest and simplest way to get started with Amazon EKS. A cluster named “cluster” in the region us-west-2 is created on eksctl with worker nodes.

The command to create a cluster:

eksctl create cluster \

--name cluster \

--version 1.14 \

--region us-west-2 \

--nodegroup-name standard\

--node-type t3.medium \

--nodes 3 \

--nodes-min 1 \

--nodes-max 4 \

--managed

Create a security group and separate VPC for each EKS cluster to provide better network isolation.

The below screenshot represents the active cluster on EKS :

Deploy a Kubernetes Application with Amazon EKS:

This section explains about deploying a containerized cloud-native application on Amazon Elastic Kubernetes Service(Amazon EKS).

In this example the Jenkins application is deployed on EKS and it is installed via helm chart.

The command to install the jenkins:

$ helm install jenkins jenk/jenkins

Output

NAME: jenkins

LAST DEPLOYED: Tue Dec 24 17:00:59 2019

NAMESPACE: default

STATUS: deployed

REVISION: 1

NOTES:

1. Get your 'admin' user password by running:

printf $(kubectl get secret --namespace default jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo

2. Get the Jenkins URL to visit by running these commands in the same shell:

NOTE: It may take a few minutes for the LoadBalancer IP to be available.

You can watch the status of by running 'kubectl get svc --namespace default -w jenkins'

export SERVICE_IP=$(kubectl get svc --namespace default jenkins --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")

echo http://$SERVICE_IP:8080/login

3. Login with the password from step 1 and the username: admin

For more information on running Jenkins on Kubernetes, visit:

https://cloud.google.com/solutions/jenkins-on-container-engine

After the successful installation of the application, fetch the service IP and the application is exposed on the web browser.

Amazon ECR:

Amazon ECR hosts the containerized images in a highly available and scalable architecture and allows the reliable deployment of containers for the applications. Integration with AWS Identity and Access Management (IAM) provides resource-level control of each repository. In this example, the Jenkins image is wrapped inside the dockerfile and is stored in the ECR.

Amazon S3:

Amazon S3 is an object storage built to store and retrieve any amount of data. It is a simple storage service that offers an extremely durable, highly available, and infinitely scalable data storage infrastructure at very low costs. We have stored the helm chart of jenkins application on S3, which helps to pull the application directly to the workspace while installing the application.

Amazon EKS:

Amazon EKS works by provisioning and managing the Kubernetes control plane and worker nodes. This removes the indicative operational burden for running Kubernetes and allows you to focus on building applications instead of managing AWS infrastructure. In the earlier section we have explained about creating the cluster in EKS.

The above screenshot represents the general configuration of cluster.

Elastic Load Balancer:

After the successful installation of the application, fetch the load balancer IP (service IP) to expose the application on web browser. Here in the example, external-IP is the service IP which is managed by Load Balancer.

The command to fetch the service IP:

$ kubectl get svc --namespace default -w jenk-jenkins

Output:

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

jenk-jenkins LoadBalancer 10.100.119.149 a568c5dbc27bd... 8080:32031/TCP 118s

Auto Scaling:

  1. AWS Auto Scaling monitors the applications and automatically adjusts the capacity to maintain steady, predictable performance at the lowest possible cost.

  2. By combining Amazon EC2 Auto Scaling with AWS Autoscaling to scale additional resources for other AWS services.

  3. AWS Auto Scaling helps to maintain the right resources at the right time.

  4. When the clusters, nodes are down, or the memory resources are less the autoscaling helps to recover it as soon as possible by replacing the defective nodes or clusters with the new one.

  5. Amazon EKS is integrated with AWS CloudTrail to provide visibility and audit history of the cluster and user activity. CloudTrail can be used to view API calls to the Amazon EKS API.

  6. The Service health check dashboard allows you to check the status of active services. The Personal health dashboard helps to get a personalized view of AWS service health of every service.

  7. Check the Appendix section for the troubleshooting commands.

Appendix:

  1. Command to configure the aws-cli

You can get the security credentials in:

Account → My Security Credentials → Access Keys

$ aws configure

AWS Access Key ID :

AWS Secret Access Key :

Default region name :

Default output format :

  1. To install eksctl

$ curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/latest_release/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp

$ sudo mv /tmp/eksctl /usr/local/bin

  1. To check the status of the cluster

$ aws eks --region us-west-2 describe-cluster --name prod --query "cluster.status"

  1. To connect cluster into aws-cli

$ aws eks --region us-west-2 update-kubeconfig --name prod

Featured Posts
Recent Posts
Archive
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square