This script is designed to help automate creation and deletion of an EKS cluster. The script utilizes a parameter file to specify user required values. Please see the Parameters section for a detailed overview of all parameters.
This script does not automate any IAM related tasks and as such requires the following to be established prior to execution of this script.
- AWS CLI installed
- AWS Account with necessary permissions to run Cloudformation and EKS commands
- AWS ARN entry for an IAM role with Allows Amazon EKS to manage your clusters on your behalf and/or the policies AmazonEKSClusterPolicy and AmazonEKSServicePolicy
- An AWS EC2 Keypair
This script can be executed as follows:
python create_eks_script.py steps|delete|install [start step]
python create_eks_script.py steps
This will list the usage and steps that can be run by this scrip
python create_eks_script.py delete [start step]
This will delete any existing EKS cluster starting from an optional starting step number. If no starting step number is provided this will start from step 0
python create_eks_script.py install [start step]
This will install the EKS cluster starting from an optionally supplied starting step number. If no starting step number is provided this will start from step 0
python create_eks_script.py steps|delete|install [start step] [--profile aws_profile_name]
version: 1.0.1
--profile = Specify the aws profile to use for deployment
Install Steps:
0. Create VPC
1. Create EKS Cluster
2. Configure kubectl
3. Create worker nodes
4. Pull aws-auth ConfigMap
5. Update aws-auth and add nodes to cluster
6. Patch aws-auth to grant secondary user access to EKS cluster
Delete Steps:
0. Delete Worker Node Stack
1. Delete EKS Cluster
2. Delete VPC Stack
The following parameters are used by this script in addition to values generated by AWS which this script automatically captures and utilizes such as SubnetId's, VpcIds and ARNs.
Parameter | Description |
---|---|
ATTEMPTS | The amount of attempts the script should make to validate that the aws resource was created succesfully |
WAIT_SEC | The time in seconds that the script should wait between attempt |
VPC_STACK_NAME | The name to assign to the VPC Stack |
VPC_TEMPLATE | The template to use to create the VPC Stack |
EKS_CLUSTER_NAME | The name of the EKS Cluster to create |
EKS_ROLE_ARN | The ARN for the IAM Role mentioned in the prerequisite section above |
EKS_NODES_TEMPLATE | The template to create the worker nodes for the EKS Cluster |
EKS_NODES_STACK_NAME | The name of the EKS Worker Nodes Stack |
EKS_NODE_GROUP_NAME | The name of the Autoscaling group for the EKS Worker Nodes |
EKS_NODE_AS_GROUP_MIN | The minimum number of worker nodes |
EKS_NODE_AS_GROUP_MAX | The maximum number of worker nodes |
EKS_NODE_AS_GROUP_DESIRED | The desired size of the worker node autoscale group |
EKS_NODE_INSTANCE_TYPE | The instance type to use as a worker node, for example m4.4xlarge |
EKS_IMAGE_ID | The AMI to use, this depends on the region where you are standing up the EKS cluster. See https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html step 3 for more information |
EKS_KEY_NAME | The name of a registered EC2 Key to use |
EKS_NODE_VOLUME_SIZE | The size of the instance disk |
AWS_SECOND_USER_ARN | An optional second user/service account can be added to the aws-auth ConfigMap to allow access to the cluster. This is the ARN for IAM User to be added |
AWS_SECOND_USER_NAME | The user name for the optional secondary user/service account ARN from AWS_SECOND_USER_ARN |