Deploy your AWS EKS cluster with Terraform

If you are a regular reader of our blog, you may know how to deploy a cluster with Terraform on GCP. We will learn in this article how to set up an AWS account with a free trial and use it to deploy an EKS cluster with Terraform.

Reminder of Terraform

Terraform is an open-source Infrastructure as Code (IaC) software tool created by HashiCorp. It enables users to define and provision a data center infrastructure. You can download and set it here.

Terraform will execute all *.tf, so for this tutorial, I propose this architecture:

  • provider.tf
  • eks.tf
  • outputs.tf

Get an AWS free trial account

If you already have an AWS account, you can skip this section.

For this tutorial, you need to have an AWS account. But don’t worry, AWS offers you a free trial account to try what most services they propose.

First, you have to create your AWS account. You will have to enter your credit card but don’t worry, every component you will deploy will not incur fees.

Then you also have to install AWS CLI.

After these steps, you can log in to your account.

Purpose of this tutorial

The purpose of this tutorial is to create an EKS cluster with Terraform. Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service by AWS. To go deeper you can read this article which explains another way to deploy an EKS cluster with eksctl.

Step 1: Set up Terraform with AWS

The first thing to set up is your Terraform. We will create an AWS IAM users for Terraform.

In your AWS console, go to the IAM section and create a user named “FullAccess”. Then add your user to a group named “FullAccessGroup”. Attaches to this group the following rights:

  • AdministratorAccess
  • AmazonEKSClusterPolicy

After these steps, AWS will provide you a Secret Access Key and Access Key ID. Save them preciously because this will be the only time AWS gives it to you.

In your own console, create a ~/.aws/credentials file and put your credentials in it:

The last step is to create this file:

You are now able to run some Terraform.

Step 2: create provider.tf

We will start this tutorial by creating a provider.tf file. This file contains all the information about which provider you want to use with Terraform.

We specify here to Terraform that we want to use an AWS provider. You also have to precise in which region you will deploy it and which configuration you will use. See step 1 to set up your AWS configuration.

Step 3: create all resources you need

So we want to create an EKS cluster. This EKS will be deployed in the default VPC of your account. First, you need to check in your AWS console, the subnet of the default VPC.

Here Terraform will create an IAM role to EKS, with 2 policies, our EKS cluster and finally a node group with 3 policies. We defined that we want one pod.

Step 4: Add output.tf

You can create a file outputs.tf. It will show you everything you need to connect to your EKS cluster. Here we want the endpoint of EKS and his certificate.

Step 5: Deploy all your resources

Once you have finished declaring the resources you want to create, you can deploy it. With terraform it is possible with a simple command:

  • Terraform init: it is used to initialize a working directory containing Terraform configuration files.
  • Terraform apply: it is used to apply the changes required to reach the desired state of the configuration.

When you launch the “terraform apply” command, Terraform will describe every resource you will create:

Check if it is all good and then you can accept by writing “yes”.

After the complete creation, you can go to your AWS account to see your resources:

AWS account

You can also work with your EKS cluster with AWS CLI by using the command “aws eks update-kubeconfig --name <eks_cluster_name>”. This command constructs a configuration with prepopulated server and certificate authority data values the cluster you specified.

Step 6: Destroy everything

If you want to destroy your resources with Terraform, you just have to run this command:

terraform destroy

Terraform will show you every resource it will destroy and if you agree you can accept by writing “yes”.

 

Congratulations! You have just created your first EKS cluster.

Kimelyne Servais

Kimelyne Servais

Kimelyne is a Site Reliability Engineer (SRE) at Padok. She works with DevOps technologies such as Terraform, Docker, Gitlab CI, Kubernetes, and AWS.

What do you think? Leave your comments here !