AWS Partner Network (APN) Blog

How to Easily Deploy an Amazon EKS Cluster with Pulumi

Pulumi logo-1
APN Advanced Technology Partner-2
Connect with Pulumi-1
Rate Pulumi-1

By Luke Hoban, CTO at Pulumi
By Ian Scofield, Partner Solutions Architect at AWS

Pulumi, an AWS Partner Network (APN) Advanced Technology Partner, is a cloud-native development platform for describing, deploying, and managing cloud infrastructure across Amazon Web Services (AWS), Kubernetes, and other cloud platforms.

Pulumi offers cloud configuration as software, not just via a declarative language like YAML or JSON, but instead using popular programming languages such as JavaScript/TypeScript and Python.

This allows the deployment requirements of an Amazon Elastic Container Service for Kubernetes (Amazon EKS) cluster, for example, to be described in code and versioned as a reusable software component.

Amazon EKS is a great way to deploy Kubernetes on AWS, combining the benefits of a standardized Kubernetes environment with the reliable and battle-tested foundations of AWS—a multi-Availability Zone (AZ) control plane, AWS Identity and Access Management (IAM) integration, Elastic Load Balancers, Amazon Elastic Block Store (Amazon EBS), Auto Scaling, and more.

In this post, we’ll show how Pulumi can be used to quickly provision an Amazon EKS cluster, and then extended to customize the AWS and Kubernetes environments for your cloud applications.

Pulumi allows you to mix management of Kubernetes resources, AWS infrastructure, and high-level managed AWS services within the same deployment.

You can describe Amazon Simple Storage Service (Amazon S3) buckets and Amazon Relational Database Service (Amazon RDS) databases that will be used by your Kubernetes application in the same Pulumi deployment. You can also describe the Kubernetes services and deployments that describe services within the cluster needed to bootstrap your own Kubernetes application environment.

Installing Amazon EKS with Pulumi

To get started, sign up at pulumi.com and download the Pulumi Command Line Interface (CLI). The Pulumi CLI requires AWS credentials to access your AWS account and provision resources. If you already have the AWS CLI installed and configured, you can proceed. Otherwise, check out the docs here to get set up.

Once installed and configured, you now have the ability to quickly deploy your Amazon EKS infrastructure with just a single command:

$ pulumi new https://github.com/pulumi/apps/tree/eks/eks

You’ll get a chance to configure a few settings such as the region you’d like to deploy into, the Amazon Elastic Compute Cloud (Amazon EC2) instance type to deploy into the cluster, and whether to install the Kubernetes Dashboard into your cluster automatically.

You’ll then be presented a preview of the AWS and Kubernetes resources that will be deployed to create the cluster. Once you have reviewed and selected “Yes,” the cluster will begin deploying. Figure 1 shows the terminal output of what this workflow looks like.

Pulumi EKS-1

Figure 1 – Pulumi Dashboard listing the various resources created in our Amazon EKS cluster, including deep links.

Once the deployment is complete, you can grab the kubeconfig.json needed to work with this cluster and connect to it with kubectl:

$ pulumi stack output kubeconfig > kubeconfig.json 
$ KUBECONFIG=./kubeconfig.json kubectl get nodes

Following these steps will provide a complete managed Amazon EKS cluster, configured similar to the steps outlined in the Amazon EKS Getting Started guide, including optional support for Amazon EBS-backed StorageClasses and access to the Kubernetes Dashboard.

Reusable Amazon EKS Component

This Amazon EKS installer is built on top of a reusable eks.Cluster component that is available with Pulumi. In fact, the installed Pulumi software is just:

import * as aws from "@pulumi/aws";
import * as awsinfra from "@pulumi/aws-infra";
import * as eks from "@pulumi/eks";


// Create a VPC for our cluster.
const network = new awsinfra.Network("eksNetwork");


// Create the EKS cluster
const cluster = new eks.Cluster("eksCluster", {
    vpcId: network.vpcId,
    subnetIds: network.subnetIds,
    instanceType: "t2.micro",
    desiredCapacity: 2,
    minSize: 1,
    maxSize: 2,
    storageClasses: "gp2",
    deployDashboard: true,

});


// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeconfig;

Users can extend or modify this program to change the details of their Amazon EKS cluster, or to install additional AWS or Kubernetes resources to associate with the cluster. For example, if applications running in the cluster need access to an Amazon S3 bucket, add:

const bucket = new aws.s3.Bucket("assets");

Or, to install some Kubernetes applications automatically into the Amazon EKS cluster (such as WordPress), add them using the Pulumi Kubernetes provider:

import * as k8s from "@pulumi/kubernetes";

// ...

const wordpress = new k8s.helm.v2.Chart("wpdev", {
    repo: "stable",
    version: "2.1.3",
    chart: "wordpress"
}, { providers: { kubernetes: cluster.kubernetesProvider }});

Pulumi makes it possible to define the cluster, managed AWS resources, and critical Kubernetes objects that are needed to bootstrap your entire Kubernetes environment in one place. This can then be versioned together, and exact replicas of the environment can be easily stood up independently for operations such as testing or even disaster recovery.

By expressing these resources in code instead of in YAML, users get many software engineering benefits—improved tooling, easier refactoring, the ability to create components, and when using TypeScript, strong typing to validate correctness up front.

Under the Hood

The Pulumi EKS component takes care of setting up all the pieces needed for an Amazon EKS cluster:

  • Creating an EKS Service Role
  • Optionally creating a new Virtual Private Cloud (VPC)
  • Creating an Amazon EKS cluster
  • Configuring a Kubernetes provider with access to the Amazon EKS cluster
  • Launching worker nodes in an Auto Scaling group to join the cluster
  • Installing a ConfigMap into the cluster to allow new Amazon EC2 worker nodes to join
  • Installing a StorageClass into the cluster to allow provisioning Amazon EBS-backed PersistentVolumes
  • Constructing the ‘kubeconfig’ needed to access the cluster
  • Optionally installing additional Kubernetes YAML and/or Helm charts

This involves steps that provision resources in AWS, steps that provision resources in Kubernetes, and other custom computation to coordinate these steps. These steps are written in an imperative fashion, not just declaratively, using TypeScript, allowing for robust validation due to being statically typed, as well as reuse through advanced object inheritance and modelling.

In addition, during the deployment Pulumi also provides complex coordination between these different steps.

Managing Pulumi Deployments

Once you have deployed your Amazon EKS cluster and Kubernetes resources to AWS, you can manage the deployment at pulumi.com, including deep links into the AWS console and Kubernetes dashboard to get real-time insights on your cluster.

All of the resources managed by your deployment, both in AWS and in Kubernetes, are available from this single view, along with an auditable history of deployments to this stack. The stack exports are also published in this same dashboard, so that key outputs from a deployment are easily available and can be shared with other users in your organization.

Additional management features, including role-based access control, CI/CD integrations, and rich resource graph visualization, are also available via the Pulumi management portal.

Pulumi EKS-2

Figure 2 – Easily deploying an Amazon EKS cluster via the Pulumi CLI.

Get Started Today

Pulumi offers a cloud-native developer platform for describing, deploying, and managing cloud infrastructure across AWS, Kubernetes, and other cloud platforms. You can use Pulumi to easily deploy Amazon EKS, or to deploy your own custom AWS and Kubernetes-based applications and infrastructure.

Get started with Pulumi for AWS at pulumi.io >>

The content and opinions in this blog are those of the third party author and AWS is not responsible for the content or accuracy of this post.

.

Pulumi logo-1

Pulumi – APN Partner Spotlight

Pulumi is an APN Advanced Technology Partner. They are a cloud-native development platform for describing, deploying, and managing cloud infrastructure across AWS, Kubernetes, and other cloud platforms.

Contact Pulumi | Solution Overview

*Already worked with Pulumi? Rate this Partner

*To review an APN Partner, you must be an AWS customer that has worked with them directly on a project.