Create EKS Cluster with Terraform EKS Blueprints

Рет қаралды 13,012

Күн бұрын

🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
👉 [UPDATED] AWS EKS Kubernetes Tutorial [NEW]: • AWS EKS Kubernetes Tut...
▬▬▬▬▬ Experience & Location 💼 ▬▬▬▬▬
► I’m a Senior Software Engineer at Juniper Networks (12+ years of experience)
► Located in San Francisco Bay Area, CA (US citizen)
▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
► LinkedIn: / anton-putra
► Twitter/X: / antonvputra
► GitHub: github.com/antonputra
► Email: me@antonputra.com
▬▬▬▬▬▬ Related videos 👨‍🏫 ▬▬▬▬▬▬
👉 [Playlist] Kubernetes Tutorials: • Kubernetes Tutorials
👉 [Playlist] Terraform Tutorials: • Terraform Tutorials fo...
👉 [Playlist] Network Tutorials: • Network Tutorials
👉 [Playlist] Apache Kafka Tutorials: • Apache Kafka Tutorials
👉 [Playlist] Performance Benchmarks: • Performance Benchmarks
👉 [Playlist] Database Tutorials: • Database Tutorials
▬▬▬▬▬▬▬ Timestamps ⏰ ▬▬▬▬▬▬▬
0:00 Intro
1:23 Create VPC using Terraform
3:53 Create EKS using Terraform
5:44 EBS CSI Driver
7:51 EFS CSI Driver
12:25 AWS Load Balancer Controller
14:30 Metrics server, Cert-manager and Cluster Autoscaler
15:54 Karpenter
18:04 EKS Fargate Profile
19:11 Add IAM Role to EKS
▬▬▬▬▬▬▬ Source Code 📚 ▬▬▬▬▬▬▬
► GitHub: github.com/antonputra/tutoria...
#kubernetes #eks #aws

Пікірлер: 58

@AntonPutra Жыл бұрын

🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com 👉 [UPDATED] AWS EKS Kubernetes Tutorial [NEW]: kzbin.info/aero/PLiMWaCMwGJXnKY6XmeifEpjIfkWRo9v2l&si=wc6LIC5V2tD-Tzwl

@prashlovessamosa Жыл бұрын

Your videos are very informative thanks for sharing knowledge sir.

@omkarchavan7750 Жыл бұрын

Bro, really needed this video regarding the eks addon using the terraform, please make more videos on terraform sub-modules like reloader, external-DNS, kubecost etc. Thanks a lot!

@AntonPutra Жыл бұрын

Thanks Omkar, will do

@aarus6 7 ай бұрын

You are a gift to the IT community. You are the best!

@AntonPutra 7 ай бұрын

❤️

@aarus6 7 ай бұрын

@@AntonPutra I'm able to learn Karpenter from this code. It looks like the new node can get provisioned only on private subnets. May be best practices from the eks blueprint?

@sperformance.96 Жыл бұрын

Nice content bro really helpful 👏

@AntonPutra Жыл бұрын

Thank you 🙌

@rritsoftwaresolutions9566 Жыл бұрын

hi putra , nice videos

@AntonPutra Жыл бұрын

Thanks!

@MaxDevil1989 10 ай бұрын

Hi Anton, Great video. Although the EKS blueprints makes it super simple to deploy production grade EKS cluster, one of the biggest challenges I see is how to upgrade such cluster (deployed via blueprints). Do you have any thoughts/advise on it ? Thanks Btw I went through all the EKS video on your channel. Clearly one of the best resources on KZbin on k8s.

@AntonPutra 10 ай бұрын

Thanks, Sami! Yes, it's hard to maintain, especially after they removed the v4 modules, lol. I would suggest using those "blueprints" only for consulting jobs and not if you need to maintain your clusters yourself.

@piravitchenpittaya4548 11 ай бұрын

Thanks for sharing. I am new to terraform but I wonder at the intro “in long run, using this module can become a nightmare because for blueprint are wrapper of other modules” what is actually mean? it would be hard to customize? so we should not use it or else?

@AntonPutra 10 ай бұрын

Even now, I would say that EKS blueprints are dead. They've deprecated v4 modules already, so it's impossible to maintain the infrastructure that you've already created. Use blueprints for consulting jobs, but build your own for internal use. That's my opinion.

@georgelza Жыл бұрын

@ the 3:30 mar you tie your VPC to public, private subnets, from what I can determine those are like reserved words. if I want to use module vac, but have a public, web, app, database and management subnets, how would I do this with a vpc based on a module? thank you for this video, love how you show example of using resources and modules interchangeable... working through video.code trying to map it to my requirements, my old 1.20 scripts that I had very badly broke with some of the newer EKS Blueprint changes, have you tried this script against EKS 1.27 and the newest Tf stack ? they seem to be changing things very fast on the back end. happy to share my code as example... for someone to use if we can modify it to get it working again,.

@AntonPutra Жыл бұрын

in vpc module you have 2 output variables github.com/antonputra/tutorials/blob/main/lessons/156/terraform/7-blueprints.tf#L31 module.vpc.private_subnets & module.vpc.public_subnets

@georgelza Жыл бұрын

@@AntonPutra I'm aware there are others like elastic, redshift... would have been great if it was more free form. not a form of this strigent set...

@2mahender Жыл бұрын

nice videos, can i use ACM instead of certmanager?

@AntonPutra Жыл бұрын

Sure, create cert and use annotation with arn

@georgelza Жыл бұрын

Anton, any chance you can on purpose build a 1.22 cluster and then cover how to upgrade it... ie via the console or via Tf. G

@AntonPutra Жыл бұрын

I can, but what the issue there?

@georgelza Жыл бұрын

@@AntonPutra the process, do i do it via was console... or via tf, just bump the version there, as it seems was console is also implying there are new AMi's for some of the node group nodes.

@juandavidmarin230 11 ай бұрын

thanks for sharing these awesome videos and code in github as well!, I tried following your steps but when running terraform init I got Error: Failed to expand subdir globs │ │ subdir "modules/kubernetes-addons/helm-addon" not found is there any fix for it maybe ?, thanks in advance

@AntonPutra 11 ай бұрын

I would advise against using EKS blueprints anymore.

@georgelza Жыл бұрын

Anton, you have a module based vpc 6-vpc... and 1-vpc based on resources, how did it know which to execute ? thinking... as you linked the module to the elks it created dependency preference ?, if we used the resource based option and resource based subnets then the module would have been ignored ?

@AntonPutra Жыл бұрын

In the video I explain how to use both. Here is the example to link to raw vpc terraform github.com/antonputra/tutorials/blob/main/lessons/156/terraform/7-blueprints.tf#L27-L30 Here to link to vpc module - github.com/antonputra/tutorials/blob/main/lessons/156/terraform/7-blueprints.tf#L31

@georgelza Жыл бұрын

@@AntonPutra just curious, have you tried this with elks 1.27 stack, they seem to have made major changes recently, things that always worked now does not. trying to copy your examples into my Tf scripts. if it works will share via email with you.

@AntonPutra Жыл бұрын

@@georgelza there is a huge breaking changes related to cgroups v2 and applications that use master slave proces architecture. I’ll update soon

@georgelza Жыл бұрын

@@AntonPutra I got my EKS cluster created... having problems with the add ons. will email you the git repo link...

@luisswimer Жыл бұрын

How to attach gp3 volumes to worker nodes?? what are the attributes for "managed_node_groups" ?

@AntonPutra Жыл бұрын

You can create launch template and use it for managed node group

@pier_x0 Жыл бұрын

Great Tutorial Anton, thanks you so much, you're becoming my reference :D Like and subscribe absolutely required!!!! I've understood it's not possible mix karpeneter with node autoscaler and now is clear why I can use node autoscaler with Fargate, as you explained, I think because Fargate uses a profile and it doesn't compete with the node autoscaler Can I use karpenter with Fargate? I think yes, because Fargate uses a profile as above

@AntonPutra Жыл бұрын

Yes, you can. If you select fargate nodes, karpenter won't do anything

@user-ge4zm6iw7v Жыл бұрын

Hi, by using this configuration, the architecture is not affected by the breaking changes in eks blueprints v5?

@AntonPutra Жыл бұрын

it will be affected

@user-ge4zm6iw7v Жыл бұрын

@@AntonPutra Are you planning to update this one? As dar as I understand what need to be updated is the main module right? from eks_blueprints to eks

@ingofoerster6398 10 ай бұрын

Great Video. But finaly while apply the terraform I get always unauthorized errors. Any idea?

@AntonPutra 10 ай бұрын

I think they removed the old EKS blueprint modules. The unauthorized error is most likely due to that.

@wkhatch 8 ай бұрын

the blueprint add ons module seems broken; trying to use it results in missing submodule errors. subdir "modules/kubernetes-addons/helm-addon" not found

@AntonPutra 8 ай бұрын

I know, don't use them

@trojanhorses4760 10 ай бұрын

Hey Anton, the modules from the blueprints repo was removed from v5, why would that be?

@AntonPutra 10 ай бұрын

EKS blueprints are already dead, lol.

@salimabdul4703 9 ай бұрын

Do you have a guide how to run EKS with autoscaler properly? I mean if EKS blueprints are dead then what should we use?@@AntonPutra

@AntonPutra 9 ай бұрын

@@salimabdul4703Yes, I have a lot of tutorials with cluster autoscaler or karpenter, here is an example - github.com/antonputra/tutorials/tree/main/lessons/160

@georgelza Жыл бұрын

Anton, to which lesson does this video link?

@AntonPutra Жыл бұрын

This is a source code for the video if that's the question - github.com/antonputra/tutorials/tree/main/lessons/156

@vimaximus1360 Жыл бұрын

didn't understand anything, but thats my problem 🤣 great vid anyway

@AntonPutra Жыл бұрын

thanks =)

@user-dv7rw4lu3e Жыл бұрын

kudos on great content Anton! A quick question : is it only me whose ingress resource doesn't get an external address?I've tried the blueprint more than a couple of times but failed so far

@AntonPutra Жыл бұрын

Thanks! You can check if the nginx ingress pod is created with publish service flag. But generally it's not necessary for ingress to work, you can get the nginx service and use it for your DNS. It's the same thing. Also you can describe the ingress, you may get an error

@youngolutosin1658 4 ай бұрын

Most likely is due to the cluster name variation

@agun21st Жыл бұрын

Sir you didnt show after enable Cert-manager=true on kubernetes addons how to get certificate by app ingress. I tried many way but still failed again and again for issue certificate with sub domain. Please help me. I have cert manager by enable true but after how to get certificate for an app?

@AntonPutra Жыл бұрын

I have couple of tutorials that can help you 1. Cert Manager Kubernetes Tutorial - kzbin.info/www/bejne/bZ6XkJ6QhLSVsNk 2. NGINX Ingress Controller for Kubernetes Tutorial - kzbin.info/www/bejne/b6SveaJ7rrekbtk

@agun21st Жыл бұрын

@@AntonPutra Thank you so much sir. I have done by Cert Manager Kubernetes Tutorial. :D😇

@AntonPutra Жыл бұрын

@@agun21st glad that it helped =)

@AntonPutra Жыл бұрын

🟢 [New] Terragrunt Tutorial: Create VPC, EKS from Scratch! (Step-by-Step) - kzbin.info/www/bejne/r5XYeZSFn5iLg8k

@AntonPutra Жыл бұрын

Get Full-Length High-Quality DevOps Tutorials for Free - Subscribe Now! - kzbin.info