A simple and flexible command-line tool for AWS EKS management
- Free software: MIT license
- Documentation: https://ekscli.readthedocs.io.
- Available AWS credentials (configured as boto3)
- Heptio authenticator binary (Section
To install heptio-authenticator-aws for Amazon EKS
in AWS EKS User Guide) - [Optional] kubectl (1.10 and later) for kubernetes cluster operations
As easy as the standard python way by using pip.
$ pip install ekscli
Optionally, after installation, command-completion can be achieved with:
$ eval "$(_EKS_COMPLETE=source eks)"
Note: AWS fees will be charged in your account for the AWS resources created by ekscli.
ekscli
with almost everything default.This will create an EKS cluster including the control plane (managed master by AWS), a node group and a
kubectl
configuration file (KUBECONFIG
or $HOME/.kube/config
).$ eks create cluster --name=dev
# EKS cluster name can be set as an environment variable
$ export EKS_CLUSTER_NAME=dev
$ eks create cluster
To create the EKS cluster's control plane (master) only:
$ eks create cluster --name=dev --cp-only
To create the EKS cluster's control plane (master) with existing subnets of a VPC, a predefined IAM role, an existing EC2 KeyPair etc.:
$ eks create cluster --name=dev --cp-only \
--subnets=subnet-1234567,subnet-abcdef1 \
--cp-role eks-default-role \
--region us-west-2 \
--kubconfig ./dev.conf \
--heptio-auth /tmp/heptio-auth-aws \
--keyname dev \
--node-sg-ingress port=22,cidr=10.0.0.0/8 \
--tags Env=dev,Project=eks-poc
The simplest way to create a node group
$ eks create node-group --name=dev --node-name=workers
To create a node group with more options
$ eks create node-group --name=dev --node-name=another \
--node-role=eks-worker-s3 \
--node-subnets=subnet-1234567 \
--node-min=1 \
--node-max=10
--node-sg-ingress port=22,cidr=10.0.0.0/8 \
--node-sg-ingress protocol=tcp,from=8080,to=8088,cidr=0.0.0.0/0 \
--region us-west-2 \
--kubconfig ./dev.conf \
--heptio-auth /tmp/heptio-auth-aws \
--keyname dev \
--tags Env=dev,Project=eks-poc
To help bootstrapping kubelet agent
# on EC2 worker instances, after copying kubelet, cni, heptio-aws-authenticator executables
$ eks bootstrap -o node-labels=gpu=enable,role=node \
-o feature-gates=RotateKubeletServerCertificate=true,CRIContainerLogRotation=true
$ systemctl daemon-reload
$ systemctl enable kubelet.service
To display files created by ekscli boostrap locally rather than on EC2 instances
# on local machine
$ eks bootstrap --dry-run -n poc -r us-east-1 -m 32 -i 127.0.0.1 \
-o node-labels=gpu=enable,role=node \
-o feature-gates=RotateKubeletServerCertificate=true,CRIContainerLogRotation=true
To use ekscli boostrap as oneshot systemd unit
[Unit]
Description=Configures Kubelet for EKS worker nodes
Before=kubelet.service
[Service]
Type=oneshot
ExecStart=/usr/local/bin/ekscli bootstrap
RemainAfterExit=true
[Install]
WantedBy=multi-user.target
- Simple and concise command line interface
- Flexible configuration
- Plain vanilla EKS cluster without unrequired resources running Kubernetes clusters
- EKS resources managed by AWS CloudFormation
- Command line auto-completion supported for Bash and Zsh
- Prepare necessary configuration for kubelet with self cluster discovery and additional options on worker nodes
- Output cluster information to different formats: yaml, json
- Update the cluster and node groups
- Create from templatable configuration files