eksctl-io/eksctlPublic

NotificationsYou must be signed in to change notification settings
Fork1.5k
Star5.1k

The official CLI for Amazon EKS

License

View license

5.1k stars 1.5k forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 8,371 Commits
.github		.github
build		build
cmd		cmd
docs		docs
examples		examples
integration		integration
logo		logo
pkg		pkg
userdocs		userdocs
.dockerignore		.dockerignore
.editorconfig		.editorconfig
.gitignore		.gitignore
.golangci.yml		.golangci.yml
.mockery.yaml		.mockery.yaml
.requirements		.requirements
ATTRIBUTIONS.md		ATTRIBUTIONS.md
CNAME		CNAME
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
COMMUNITY.md		COMMUNITY.md
CONTRIBUTING.md		CONTRIBUTING.md
DCO		DCO
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
Makefile.common		Makefile.common
Makefile.docker		Makefile.docker
Makefile.docs		Makefile.docs
README.md		README.md
SECURITY.md		SECURITY.md
go.mod		go.mod
go.sum		go.sum
netlify.toml		netlify.toml
tools.go		tools.go

Repository files navigation

`eksctl` - The official CLI for Amazon EKS !

eksctl is a simple CLI tool for creating clusters on EKS - Amazon's new managed Kubernetes service for EC2. It is written in Go, and uses CloudFormation.

You can create a cluster in minutes with just one command –eksctl create cluster!

Need help? JoinEksctl Slack.

New: EKS Auto Mode Support

eksctl now supports EKS Auto Mode! EKS Auto Mode automates routine tasks for cluster compute, storage, and networking.

Learn how tocreate an EKS Auto Mode Cluster with eksctl.
Review theeksctl docs for EKS Auto Mode.

Version 0.195.0 or greater is required.

New: EKS Hybrid Nodes Support

eksctl now supports EKS Hybrid Nodes! Hybrid Nodes enables you to run on-premises and edge applications on customer-managed infrastructure with the same AWS EKS clusters, features, and tools you use in the AWS Cloud.

For more information, seeAmazon EKS Hybrid Nodes overview in the EKS User Guide.
Review theeksctl docs for EKS Hybrid Nodes.

Version 0.195.0 or greater is required.

Installation

eksctl is available to install from official releases as described below. We recommend that you installeksctl from only the official GitHub releases. You may opt to use a third-party installer, but please be advised that AWS does not maintain nor support these methods of installation. Use them at your own discretion.

Prerequisite

You will need to have AWS API credentials configured. What works for AWS CLI or any other tools (kops, Terraform, etc.) should be sufficient. You can use~/.aws/credentials fileorenvironment variables. For more information readAWS documentation.

You will also needAWS IAM Authenticator for Kubernetes command (eitheraws-iam-authenticator oraws eks get-token (available in version 1.16.156 or greater of AWS CLI) in yourPATH.

The IAM account used for EKS cluster creation should have these minimal access levels.

AWS Service	Access Level
CloudFormation	Full Access
EC2	Full: TaggingLimited: List, Read, Write
EC2 Auto Scaling	Limited: List, Write
EKS	Full Access
IAM	Limited: List, Read, Write, Permissions Management
Systems Manager	Limited: List, Read

The inline policy json is listed inMinimal IAM Policies.

For Unix

To download the latest release, run:

# for ARM systems, set ARCH to: `arm64`, `armv6` or `armv7`ARCH=amd64PLATFORM=$(uname -s)_$ARCHcurl -sLO"https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$PLATFORM.tar.gz"# (Optional) Verify checksumcurl -sL"https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_checksums.txt"| grep$PLATFORM| sha256sum --checktar -xzf eksctl_$PLATFORM.tar.gz -C /tmp&& rm eksctl_$PLATFORM.tar.gzsudo install -m 0755 /tmp/eksctl /usr/local/bin&& rm /tmp/eksctl

For Windows

Direct download (latest release):AMD64/x86_64 -ARMv6 -ARMv7 -ARM64

Make sure to unzip the archive to a folder in thePATH variable.

Optionally, verify the checksum:

Download the checksum file:latest
Use Command Prompt to manually compareCertUtil's output to the checksum file downloaded.

REM Replace amd64 with armv6, armv7 or arm64CertUtil -hashfile eksctl_Windows_amd64.zip SHA256

Using PowerShell to automate the verification using the-eq operator to get aTrue orFalse result:

# Replace amd64 with armv6, armv7 or arm64 (Get-FileHash-Algorithm SHA256 .\eksctl_Windows_amd64.zip).Hash-eq ((Get-Content .\eksctl_checksums.txt)-match'eksctl_Windows_amd64.zip'-split'')[0]

Using Git Bash

# for ARM systems, set ARCH to: `arm64`, `armv6` or `armv7`ARCH=amd64PLATFORM=windows_$ARCHcurl -sLO"https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$PLATFORM.zip"# (Optional) Verify checksumcurl -sL"https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_checksums.txt"| grep$PLATFORM| sha256sum --checkunzip eksctl_$PLATFORM.zip -d$HOME/binrm eksctl_$PLATFORM.zip

Theeksctl executable is placed in$HOME/bin, which is in$PATH from Git Bash.

Docker

For every release and RC a container image is pushed to ECR repositorypublic.ecr.aws/eksctl/eksctl. Learn more about the usage onECR Public Gallery - eksctl. For example,

docker run --rm -it public.ecr.aws/eksctl/eksctl version

Third-Party Installers (Not Recommended)

For MacOS

Homebrew

brew tap weaveworks/tapbrew install weaveworks/tap/eksctl

MacPorts

port install eksctl

For Windows

chocolatey

choco install eksctl

scoop

scoop install eksctl

Basic usage

To create a basic cluster, run:

eksctl create cluster

A cluster will be created with default parameters

exciting auto-generated name, e.g. "fabulous-mushroom-1527688624"
2xm5.large nodes (this instance type suits most common use-cases, and is good value for money)
use official AWS EKS AMI
us-west-2 region
dedicated VPC (check your quotas)

Once you have created a cluster, you will find that cluster credentials were added in~/.kube/config. If you havekubectl as well asaws-iam-authenticator commands in yourPATH, you should beable to usekubectl. You will need to make sure to use the same AWS API credentials for this also. CheckEKS docs for instructions.

Example output:

 $ eksctl create cluster[ℹ]  eksctl version 0.143.0[ℹ]  using region eu-west-2[ℹ]  setting availability zones to [eu-west-2a eu-west-2c eu-west-2b][ℹ]  subnetsfor eu-west-2a - public:192.168.0.0/19 private:192.168.96.0/19[ℹ]  subnetsfor eu-west-2c - public:192.168.32.0/19 private:192.168.128.0/19[ℹ]  subnetsfor eu-west-2b - public:192.168.64.0/19 private:192.168.160.0/19[ℹ]  nodegroup"ng-ac4c787c" will use"" [AmazonLinux2/1.25][ℹ]  using Kubernetes version 1.25[ℹ]  creating EKS cluster"attractive-sculpture-1685534556"in"eu-west-2" region with managed nodes[ℹ]  will create 2 separate CloudFormation stacksfor cluster itself and the initial managed nodegroup[ℹ]if you encounter any issues, check CloudFormation console or try'eksctl utils describe-stacks --region=eu-west-2 --cluster=attractive-sculpture-1685534556'[ℹ]  Kubernetes API endpoint access will use default of {publicAccess=true, privateAccess=false}forcluster"attractive-sculpture-1685534556"in"eu-west-2"[ℹ]  CloudWatch logging will not be enabledforcluster"attractive-sculpture-1685534556"in"eu-west-2"[ℹ]  you canenable it with'eksctl utils update-cluster-logging --enable-types={SPECIFY-YOUR-LOG-TYPES-HERE (e.g. all)} --region=eu-west-2 --cluster=attractive-sculpture-1685534556'[ℹ]2 sequential tasks: { create cluster control plane"attractive-sculpture-1685534556",    2 sequential sub-tasks: {waitfor control plane to become ready,        create managed nodegroup"ng-ac4c787c",    }}[ℹ]  building cluster stack"eksctl-attractive-sculpture-1685534556-cluster"[ℹ]  deploying stack"eksctl-attractive-sculpture-1685534556-cluster"[ℹ]  waitingfor CloudFormation stack"eksctl-attractive-sculpture-1685534556-cluster"[ℹ]  building managed nodegroup stack"eksctl-attractive-sculpture-1685534556-nodegroup-ng-ac4c787c"[ℹ]  deploying stack"eksctl-attractive-sculpture-1685534556-nodegroup-ng-ac4c787c"[ℹ]  waitingfor CloudFormation stack"eksctl-attractive-sculpture-1685534556-nodegroup-ng-ac4c787c"[ℹ]  waitingfor the control plane to become ready[✔]  all EKS cluster resourcesfor"attractive-sculpture-1685534556" have been created[ℹ]  nodegroup"ng-ac4c787c" has 2 node(s)[ℹ]  node"ip-192-168-20-235.eu-west-2.compute.internal" is ready[ℹ]  node"ip-192-168-80-49.eu-west-2.compute.internal" is ready[ℹ]  waitingforat least 2 node(s) to become readyin"ng-ac4c787c"[ℹ]  nodegroup"ng-ac4c787c" has 2 node(s)[ℹ]  node"ip-192-168-20-235.eu-west-2.compute.internal" is ready[ℹ]  node"ip-192-168-80-49.eu-west-2.compute.internal" is ready[ℹ]  kubectlcommand should work with".../.kube/config", try'kubectl get nodes'[✔]  EKS cluster"attractive-sculpture-1685534556"in"eu-west-2" region is ready$