Building an Amazon EKS Cluster Preconfigured to Run High Traffic Microservices
Deploy a preconfigured Amazon EKS cluster optimized for high-demand microservice applications using an eksctl "quickstart" template.
Olawale Olaleye
Amazon Employee
Published Aug 29, 2023
Last Modified Aug 21, 2024
The modern digital landscape thrives on high traffic platforms, such as bustling online marketplaces, media streaming services, and real-time data analytics applications. These platforms often face unpredictable surges in user activity, like a sudden influx of ticket sales due to a concert announcement or a streaming service being swamped during a much-anticipated series premiere. Such scenarios require an architecture that can dynamically scale and swiftly recover from failures. Microservices are key to meeting these demands, but the real challenge lies in their efficient orchestration. Amazon EKS stands out as a solution, offering streamlined deployment and scaling of services, allowing each one to independently handle spikes without affecting others. With the robust support of AWS's infrastructure, Amazon EKS ensures both performance and reliability.
This tutorial shows you how to create a managed node groups-based Amazon EKS cluster using an eksctl “quickstart” template. This use case-specific template creates and sets up a cluster preconfigured and ready to run your dynamic frontends, such as interactive web dashboards, and data-intensive backends, such as analytics engines or recommendation systems.
About | |
---|---|
✅ AWS experience | 200 - Intermediate |
⏱ Time to complete | 30 minutes |
🧩 Prerequisites | - AWS Account |
📢 Feedback | Any feedback, issues, or just a 👍 / 👎 ? |
⏰ Last Updated | 2023-08-29 |
Before you begin this tutorial, you need to:
- Install the latest version of kubectl. To check your version, run:
kubectl version --short
. - Install the latest version of eksctl. To check your version, run:
eksctl info
.
This tutorial is the first part of a series on managing high traffic microservices platforms using Amazon EKS, and it's dedicated to pre-configuring a cluster with the components it needs to run microservice applications with data-intensive workloads. Using the
eksctl
cluster template that follows, you'll build a robust, scalable, and secure Amazon EKS cluster with managed node groups. This template not only enables application workloads but also fortifies the cluster with an additional layer of security, fully aligned with best practices for production environments. It configures the following components:- Autoscaling: Managed node groups use an
m5.large
instance type, providing a balance of resources. With a minimum size of "2" and a maximum size of "5", node groups can dynamically scale. The volume size is set to "100", ensuring ample capacity, and required subnet tags allow the Kubernetes Cluster Autoscaler (CA) to dynamically scale your cluster. - Authentication: Necessary EKS Pod Identities mappings to enable communication between Kubernetes pods and AWS services. This includes the AWS Load Balancer Controller (LBC) used to expose applications, Amazon EFS CSI Driver for persistent data storage, Kubernetes External DNS to automatically manage DNS records, and Cert Manager to streamline management of SSL/TLS certificates. Additionally, an OpenID Connect (OIDC) endpoint enables seamless and secure communication.
- Add-ons: Latest versions of the following add-ons, including "vpc-cni" to enable the Amazon VPC Container Network Interface, "coredns" to facilitate DNS resolution, "kube-proxy" to maintain network rules on each Amazon EC2 node, and the EBS CSI Driver Add-On.
- Public/Private Networking: Managed node groups utilize private networking and a NAT gateway to bolster security by limiting direct internet access. The AWS Load Balancer Controller (LBC) manages and securely distributes all incoming web traffic to private subnets.
- Monitoring: An Amazon CloudWatch IAM policy is attached to the EKS Pod Identity, aiding optional components like CloudWatch Container Insights to collect and summarize metrics and logs.
Note that if you're still within your initial 12-month AWS Free Tier period, certain Amazon EC2 instances for managed node groups and additional AWS services may not be included in the Free Tier, and charges may apply based on your usage.
In this section, you will configure the Amazon EKS cluster to meet the specific demands of high-traffic microservice applications. By creating this
cluster-config.yaml
file, you'll define the settings for IAM roles, scalable resources, private networking, and monitoring. These configurations are essential for ensuring that the cluster is robust, scalable, and secure, with optimized performance for dynamic scalability and data persistence.- Create a
cluster-config.yaml
file and paste the following contents into it. Replace theregion
with your preferred region.
Now, we're ready to create our Amazon EKS cluster. This process takes several minutes to complete. If you'd like to monitor the status, see the AWS CloudFormation console.
- Create the EKS cluster using the
cluster-config.yaml
.
Upon completion, you should see the following response output:
When the previous command completes, verify that all of your nodes have reached the
Ready
state with the following command:The expected output should look like this:
Verify that the Amazon EBS CSI Driver was successfully installed with the following command:
The expected output should look like this:
Verify all the Pod Identity associations and how it maps a role to a service account in a namespace in the cluster with the following command:
Verify all the addons in the cluster with the following command:
The expected output should look like this:
Congratulations! You've successfully set up the foundational infrastructure of your Amazon EKS cluster, laying the essential groundwork for deploying high-traffic microservices workloads. This setup provides you with the groundwork needed to begin deploying applications, but keep in mind that additional configurations are required for a fully optimized, production-ready environment.
Now, we’re all set to launch a sample application and enable its accessibility on the internet through an Application Load Balancer (ALB). For step-by-step guidance, check out the tutorial at Exposing and Grouping Applications using the AWS Load Balancer Controller (LBC) on an EKS IPv4 Cluster. This tutorial will guide you through the required Ingress annotations for the AWS LBC, an essential mechanism for controlling external access to services within an EKS cluster. You’ll also explore Ingress Groupings, a sophisticated feature that amalgamates multiple Ingress resources into one ALB, enhancing both efficiency and ALB management.
To avoid incurring future charges, you should delete the resources created during this tutorial. You can delete the EKS cluster with the following command:
Upon completion, you should see the following response output:
In this tutorial, you've not only successfully set up an Amazon EKS cluster optimized for deploying microservice applications but also laid the foundation for a seamless integration between AWS and Kubernetes. By configuring the necessary EKS Pod Identities, node groups, and other essential components, you've established the infrastructure that ensures smooth communication with AWS services and drivers needed to run high-traffic microservices. To fully leverage your new setup, remember that the installation of the ExternalDNS, Cluster Autoscaler, Container Insights, and AWS Load Balancer Controller are still required. With these final installations, you'll have a robust, fully operational environment ready for your microservice application deployment, all while taking advantage of the unique strengths of both Amazon EKS and Kubernetes.
Any opinions in this post are those of the individual author and may not reflect the opinions of AWS.