Open in app

Sign in

Write

Sign in

The Simplest Way To Create An EKS Cluster Using Terraform

Nwokolo Emmanuel
5 min readApr 24, 2023

Welcome Back to another learning experience with me.

In this new blog post, you will be learning how to create an EKS cluster, a VPC, and subnets with Terraform.

At the end of the post, you will have achieved the following Goals:

  • How to create roles for Nodes and the EKS cluster.
  • How to set up an EKS cluster with the required roles on Terraform.
  • How to set up a VPC and subnets for your cluster.
  • How to create Node Groups.

To follow the tutorial below in creating your EKS cluster, here are the prerequisites:

  • An active AWS account
  • An Ubuntu Machine
  • Terraform installed on the machine
  • AWS CLI

If you do not already have any of these, follow the links below to set them up:

  1. Click HERE to learn how to create an AWS account.
  2. Follow HERE to install Terraform on your machine.
  3. And HERE to install and learn how to set up the AWS CLI.

Without further ado, let us jump right into the tutorial.

NOTE

You can learn a whole lot of Cloud tools, build projects and get your dream job on a platform called THE CLOUD TOP G MASTERMIND

you can click on the link HERE to learn more about it!

see you soon!

1. CREATING THE EKS PROVIDER BLOCK

This part of the project involves the creation of a provider’s block.

The Provider’s Block allows Terraform to interact with cloud providers and other APIs.

You will create a new file and call it `providers.tf`.

We will define our provider (AWS) in this file, and our specific region is us-east-1.

However, you can change the region to your preferred one.

2. CREATING THE VPC

In this section, we will be creating a VPC for our EKS cluster.

This VPC will have a name tag called “main” and a cidr_block of “10.0.0.0/16”.

3. CREATING AN INTERNET GATEWAY

The Internet Gateway enables resources in your public subnets (such as EC2 instances) to connect to the Internet if they have a public IPv4 or IPv6 address.

The internet gateway will use the VPC ID to attach itself to the VPC.

You also need a name tag for this resource, and I have chosen ‘igw’ for this project’s internet gateway.

You can rename it if you like.

4. CREATION OF SUBNETS

We will create two subnets in the VPC, public and private, and two availability zones will be attached to them.

5. NATGATEWAY AND ELASTIC IP

The next step is to create a NAT gateway and an elastic IP.

The elastic IP will be attached to the NAT gateway and also connected to a public subnet.

The NAT gateway requires the provisioning of an Internet Gateway first, and our name tag for the NAT gateway will be “nat” (You can change it if you like).

6. ROUTE TABLES

A route table contains a set of rules, called routes, that determine the direction of network traffic from your subnet or gateway.

We will create a routing table for both the public and private subnets.

The empty spaces are just a default, you can make changes to them if you want.

Our next step is the association of the route tables to each availability zone. We will then connect each Route Table to the VPC created above.

You can decide to change the name tags above too.

7. CREATING THE EKS CLUSTER WITH ROLES

Amazon EKS uses the service-linked role named AWSServiceRoleForAmazonEKS — The role allows Amazon EKS to manage clusters in your account.

The attached policies allow the role to manage the following resources: network interfaces, security groups, logs, and VPCs.

In this section, we will create an EKS cluster with a role.

However, we will first create an IAM role policy and connect it to the public and private subnets.

8. EKS NODE GROUP & OPENID

We will now create a node group for our EKS cluster.

This node group will need to be attached to three roles policies which are: nodes-AmazonEKSWorkerNodePolicy, nodes-AmazonEKS_CNI_Policy, and nodes-AmazonEC2ContainerRegistryReadOnly.

For this project, we are only creating private nodes, which means the nodes will be in the private subnet.

You can make changes to the code if you want the nodes to be public.

We are also creating autoscaling with a desired state of two, a maximum state of five, and a minimum state of zero.

OPENID

IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the OpenID Connect (OIDC) standard, such as Google or Salesforce.

You use an IAM OIDC identity provider when you want to establish trust between an OIDC-compatible IdP and your AWS account.

OPENID TEST

This test helps us attach a policy to our OpenID.

9. AUTOSCALER

In this section, we will be creating an autoscaling role for our EKS cluster

After creating all these files, you can run the commands below to create your EKS cluster:

terraform init

This command helps to initialize Terraform and download the required provider plugins which, in this case, is the AWS provider.

terraform apply -auto-approve

This command helps you to apply everything written to your AWS account. And when this runs successfully.

You should go to your AWS account to check if the cluster is running. Like below:

The image above shows the EKS cluster running, and we will also see the node groups we created.

Please note that you may have a different name for these resources if you changed them while setting them up in the files.

And here it is, in about 15 mins, you have created an EKS cluster! To connect to your cluster, use the command below:

$ aws eks --region example_region update-kubeconfig --name cluster_name

In the code above, you will replace example_region with the region your cluster is running in while cluster_name will be the name of the cluster you created.

You have finally created an eks cluster. Congratulations!!

Resources

NOTICE

There is a platform called `Mastermind` where you can learn more about becoming a Cloud Engineer, the tools you need to build your projects, and getting your dream job.

You can get more details by clicking this LINK.

NOTE: If you have any questions or want to add to this blog, you can send me an E-mail. And I reply faster to people that subscribe to my newsletter!!

Conclusion

If you loved this blog post, please, give it a like, comment, and don’t forget to click the follow button.

And if you would love to get an update on the two exciting blogs I will be posting this week, then you should sign up for my newsletter right here!!

AWS
Cloud Computing
Cloud
Terraform
Kubernetes

--

--

Nwokolo Emmanuel

Written by Nwokolo Emmanuel

247 Followers

I am a Cloud Engineer, I love sharing easy solutions to problems that I found difficult. Interested in Open Source | twitter: twitter.com/CloudTopG

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams