super-eks is a CDK construct that provides a preconfigured EKS installation with batteries included. Even when using best practices for your EKS cluster, picking the right setup can be overwhelming. super-eks solves this problem by making a few choices for you as outlined below.
- β DNS management with external-dns
- β Forwarding logs to CloudWatch Logs with fluent-bit
- β Ingress management with the AWS Load Balancer Controller
- β Isolated node groups, one for the shipped components, the other one for your workloads
- β Hardened node setup, deny nodes altering the VPC setup.
- β Default to managed cluster add-ons where possible.
- π οΈ Monitoring with Prometheus and CloudWatch
- π οΈ Backup solution for cluster recovery
- π οΈ Authentication/authorization for workloads with Amazon Cognito
- π οΈ Standalone one click Cloudformation installer without CDK
- π οΈ Autoscaling for pods and cluster
The quick start shows you how to setup a super-eks cluster.
Prerequisites
- A working
awsCLI installation with access to an account and administrator privileges - You'll need a recent NodeJS installation
- kubectl to interact with your fresh cluster
- An editor of your choice
- Roughly 30 minutes of your time and a β, π΅ or π§
To get going you'll need a CDK project. For details please refer to the detailed guide for CDK.
Create an empty directory on your system.
mkdir super-eks-setup && cd super-eks-setup
Bootstrap your CDK project, we will use TypeScript, but you can switch to any other supported language.
npx cdk init sample-app --language typescript
npx cdk bootstrap # Has to be done once for your AWS account
Now install the super-eks library.
npm i @superluminar-io/super-eks
You need to provide a Route53 Hosted zone and super-eks will take care of the rest.
npm i @aws-cdk/aws-route53
Paste the snippet into lib/super-eks-setup-stack.ts.
import * as cdk from '@aws-cdk/core';
import {HostedZone} from '@aws-cdk/aws-route53'
import {SuperEks} from '@superluminar-io/super-eks'
export class SuperEksSetupStack extends cdk.Stack {
constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// Assumes you already have a Route53 zone in your account
const hostedZone = HostedZone.fromLookup(this, 'MyZone', {
domainName: 'example.com' // Your domain goes here
});
// Setup super-eks
const superEks = new SuperEks(this, 'hello-eks', {
hostedZone: hostedZone,
});
// Add nginx installation for testing
superEks.cluster.addHelmChart("nginx", {
createNamespace: true,
namespace: "nginx",
repository: "https://charts.bitnami.com/bitnami",
chart: "nginx",
release: "nginx",
version: "8.5.2",
values: {
ingress: {
enabled: true,
hostname: `nginx.${hostedZone.zoneName}`,
annotations: {
"kubernetes.io/ingress.class": "alb",
"alb.ingress.kubernetes.io/scheme": "internet-facing",
"alb.ingress.kubernetes.io/target-type": "ip",
},
},
},
})
}
}Now deploy the stack.
npx cdk deploy
If everything works, you should see some output.
β
IntegrationTestsStack
Outputs:
IntegrationTestsStack.EksClusterConfigCommandAEB22784 = aws eks update-kubeconfig --name EksCluster3394B24C-86f946f02a67416c80413e123d58b628 --region eu-central-1 --role-arn arn:aws:iam::123456789012:role/IntegrationTestsStack-EksClusterMastersRoleA746276-GNW143CGOXG7
IntegrationTestsStack.EksClusterGetTokenCommand53BD6035 = aws eks get-token --cluster-name EksCluster3394B24C-86f946f02a67416c80413e123d58b628 --region eu-central-1 --role-arn arn:aws:iam::123456789012:role/IntegrationTestsStack-EksClusterMastersRoleA746276-GNW143CGOXG7
Stack ARN:
arn:aws:cloudformation:eu-central-1:123456789012:stack/IntegrationTestsStack/06273460-660e-11eb-b4d9-06da4ef2f41a
β¨ Done in 1757.52s.
β¨ Done in 1757.79s.
Paste the aws eks update-kubeconfig command into your shell. This will update your kubeconfig.
aws eks update-kubeconfig --name EksCluster3394B24C-86f946f02a67416c80413e123d58b628 --region eu-central-1 --role-arn arn:aws:iam::123456789012:role/IntegrationTestsStack-EksClusterMastersRoleA746276-GNW143CGOXG7
Added new context arn:aws:eks:eu-central-1:123456789012:cluster/EksCluster3394B24C-86f946f02a67416c80413e123d58b628 to /home/super-eks/.kube/config
Now let's see if it works.
NAMESPACE NAME READY STATUS RESTARTS AGE
dns external-dns-7d4d69545d-r5w68 1/1 Running 0 14m
logging aws-for-fluent-bit-qwhwb 1/1 Running 0 14m
logging aws-for-fluent-bit-s7wnj 1/1 Running 0 14m
ingress aws-load-balancer-controller-5b9cbc5497-smfrt 1/1 Running 0 14m
kube-system aws-node-lscgc 1/1 Running 0 18m
kube-system aws-node-zfcdl 1/1 Running 0 18m
kube-system coredns-59b69b4849-9gstn 1/1 Running 0 25m
kube-system coredns-59b69b4849-bssnr 1/1 Running 0 25m
kube-system kube-proxy-9sgtt 1/1 Running 0 18m
kube-system kube-proxy-r4gzg 1/1 Running 0 18m
nginx nginx-67cb444d48-lqzkg 1/1 Running 0 14m
Voila! π You now have a super EKS cluster with batteries included!
See the API documentation for details.
- We use architecture decision records. See here for the decisions made so far.
- We use the AWS Cloud Development Kit (CDK).
- We use projen β€οΈ. Don't edit package.json etc. Always make changes in .projenrc.js.
Frequently asked questions are answered here.
Batteries included is a term that comes from the philosophy behind the Python programming language. It means, that super-eks ships with all necessary parts. You don't need additional things, like in this case Helm charts, manifests etc. apart from the workload you want to run on Kubernetes.
We try to include components, that are seen as community standards. On the other hand we choose components, that work best in combination with AWS.
super-eks makes some decisions for you. If you want an expert setup maybe super-eks isn't for you. If you believe core functionality is missing please open a GitHub issue.
We are planning to release a standalone one click Cloudformation installer in the future.
super-eks is distributed under the Apache License, Version 2.0.
See LICENSE for more information.