Self managed worker nodes
Deploy Self-managed Worker Nodes
In EKS, self-managed worker nodes are nodes you are responsible for managing their whole lifecycle. From choosing suitable AMIs, creating EC2 Launch Templates, creating EC2 Auto-scaling groups, upgrading nodes, patching the operating system, and draining nodes before upgrading and every single task related to the nodes’ lifecycle will be managed directly by you, and AWS doesn’t provide any automation for them.
Steps to create self managed worker nodes
1) IAM role for worker nodes :-
Create an IAM role with below policies
AmazonEKSWorkerNodePolicy
AmazonEKS_CNI_Policy
AmazonEC2ContainerRegistryReadOnly
Authentication: Adding the IAM role to the aws-auth
ConfigMap enables the self-managed worker nodes to authenticate with the EKS cluster. This is essential for the nodes to join the cluster and participate in its activities.
Authorization: Kubernetes uses the aws-auth
ConfigMap to map IAM roles to Kubernetes roles and permissions. This mapping ensures that the worker nodes have the necessary permissions to interact with Kubernetes resources.
2) Create a launch template
Launch template name:
self-managed-worker-nodes
AMI ID: Use an EKS-optimized AMI. You can find the AMI ID for your region.
- AWS provides a bunch of optimized AMIs for EKS clusters. These images contain all necessary configurations and tools to setup and deploy worker nodes.
Instance type: Choose an appropriate instance type, e.g.,
t3.medium
.Key pair: Select an existing key pair or create a new one.
Security groups: Use a security group that allows the necessary traffic (e.g., port 443 for HTTPS).
To allow traffic between worker nodes themselves
To allow traffic from the control plane
To allow traffic to the control plane
To allow SSH traffic to worker nodes
IAM instance profile: Select the IAM role you created earlier.
Find max Pods can be run on EC2 instance:
- each EC2 Instance Type has its limitation for the number of allowed network interfaces and the number of allowed IP addresses that can be assigned to each interface. This limitation affects the number of Pods you can run on each worker node
3) Add User Data:
- Add the user data script to configure the worker nodes to join the EKS cluster
4) Create the Template:
- Review the settings and create the launch template
5) Create an EKS Managed Node Group Using the Launch Template
When a node goes down in an EKS managed node group using a launch template, the Auto Scaling Group (ASG) will automatically create a new instance to replace the failed one.