EKS a.k.a Elastic Kubernetes Service as we all know (or for those who don't know yet) is the managed kubernetes(K8S) cluster service provider by AWS. It consists of two major sections: The Cluster & The Node Group.
The cluster is the K8S control panel which consists of all the cluster management components such as api-server, etcd etc. The Node Group is the feature that manages all the worker nodes that are part of the cluster.
Apart from managing worker/node creation & registration or deletion & de-registration, node groups also help manage following node configuration:
- Instance specs such as cpu, memory, storage etc of worker instances.
- Node auto-scaling range that defines the maximum, minimum and desired number of worker nodes to scale out, scale down, or create.
- User data to be applied to the instances during initialisation such as some base user/file/folder creation, software installation needed post bootup.
- Remote access configuration to the worker nodes over ssh.
Once the EKS cluster is up and running node groups help launch and register the worker instances to the EKS cluster.
There are 3 ways in which EKS node groups can be used to launch the cluster nodes or works:
- Managed Node Groups: Where everything starting from amis, creation, registration to autoscaling and accessing nodes is managed entirely by the EKS services.
- Managed Node Groups with Self-Managed Nodes: Here the node autoscaling is managed by the EKS managed node-groups while using custom or self managed amis managed by launch templates. Remote access to these nodes, however, should be managed either within managed node groups or within the launch template.
- Self Managed Nodes with Auto Scaling Groups: In this case everything related to the nodes as mentioned in the first paragraph, are self managed using EC2 Auto Scaling Groups and launch templates or launch configurations.
So which one of the above three configurations should we use. Before I give you the solution here are some important notes:
- If we use self managed node groups the custom image has to be built with EKS bootstrap script so that it auto registers the nodes to the cluster on creation.
- When we create self managed nodes with auto scaling groups, the nodes are not visible under the EKS dashboard. The dashboard shows only managed node group details.
- This makes it difficult to to monitor and troubleshoot any issues related to the nodes, it could be done only using the kubernetes command line tools.
- The fact that nodes registered under EC2 Auto Scaling Groups (as described in option 3) do not appear under the EKS Node Group dashboard was actually a big turn off for me. It felt completely blind sided on what was happening during the infrastructure provisioning.
- This can also lead to issues during node registration during scaling out and scaling down. To find out whether the nodes registered properly, we needed to call the api server and check. Imagine doing that for every scaling out and down, that's another reason to go with managed Node groups.
The Final Verdict:
Keeping these points in mind, my solution is to go with the 2nd option, i.e, Managed Node Groups with self managed nodes using custom launch templates and here’s why:
- There is no doubt that managed node groups service takes a lot of operation overhead away such as auto registering nodes whenever a new one comes up during scale out and deregistering the same when it scales down.
- Managed node groups are absolutely fine as long as you do not require any customisation on the instances such as custom hardening, user data configuration or a custom ami which you might have built inline with your organisation’s compliance requirement. In such a case, my preference is to use a launch template to self-manage the node instances.
- Hence I prefer managed Node groups with launch templates for self managed nodes. This allows us to utilise the benefits of managed service with customisation on demand.
This is a codified solution bundle with 12 Terraform source and provisioner modules, that will deploy a production grade EKS cluster environment for you in less than an hour. Includes a step wise deployment guide and a demo video to help with the entire process.
In my journey of working with AWS EKS clusters, I noticed that existing resources be it documentation or IAC modules often provided standard installations but fell short in addressing real-world challenges
This can take you weeks, if not days to even start with a standard development environment, not to mention the additional time required to meet production requirements.
These challenges inspired me to create a solution that would not only simplify the process but also comprehensively address the real-world challenges and complexities I faced.
Feel free to reach out if you have any questions or need further information. I'm here to assist you. I look forward to hearing your thoughts on this exciting new release!