k8s kubernetes on AWS AWSEKS
Terraform example1 https://www.padok.fr/en/blog/aws-eks-cluster-terraform
Terraform example2 https://github.com/hashicorp/terraform-provider-aws/tree/master/examples/eks-getting-started
- 202012 - worked, only changed region and setup aws credentials.
- Creates new VPC and 2 subnets for k8s deployment
- Took 11min for management node to deploy
- Creates new VPC and 2 subnets for k8s deployment
- 202012 - worked, only changed region and setup aws credentials.
aws eks --region <region-code> update-kubeconfig --name <cluster_name>
Recover admin login
- You need to know the IAM role/user that created the cluster. (Maybe look in your Terraform)
Can you see the cluster (check correct export AWS_PROFILE=)
aws eks list-clusters # or if installed $ eksctl get cluster
Make sure current role does not work by retrieving kubectl config
aws eks update-kubeconfig --region ap-southeast-2 --name "eks-cluster-name" --role-arn "arn:aws:iam::123456789:role/myk8srole" kubectl get svc
error: You must be logged in to the server (Unauthorized)
- This error indicates that the role you used, is not in system:management, thus not the one that created the cluster.
AWS doc for Unauthorized or access denied (kubectl)
- Have to assume the original admin account/role
- How to find the admin account / role ?
install eksctl AWStool https://docs.aws.amazon.com/eks/latest/userguide/eksctl.html
retrieve accounts
- How to find the admin account / role ?