Self managed worker nodes

·

2 min read

Deploy Self-managed Worker Nodes

In EKS, self-managed worker nodes are nodes you are responsible for managing their whole lifecycle. From choosing suitable AMIs, creating EC2 Launch Templates, creating EC2 Auto-scaling groups, upgrading nodes, patching the operating system, and draining nodes before upgrading and every single task related to the nodes’ lifecycle will be managed directly by you, and AWS doesn’t provide any automation for them.

Steps to create self managed worker nodes

1) IAM role for worker nodes :-

Create an IAM role with below policies

AmazonEKSWorkerNodePolicy

AmazonEKS_CNI_Policy

AmazonEC2ContainerRegistryReadOnly

Authentication: Adding the IAM role to the aws-auth ConfigMap enables the self-managed worker nodes to authenticate with the EKS cluster. This is essential for the nodes to join the cluster and participate in its activities.

Authorization: Kubernetes uses the aws-auth ConfigMap to map IAM roles to Kubernetes roles and permissions. This mapping ensures that the worker nodes have the necessary permissions to interact with Kubernetes resources.

2) Create a launch template

  • Launch template name: self-managed-worker-nodes

  • AMI ID: Use an EKS-optimized AMI. You can find the AMI ID for your region.

    • AWS provides a bunch of optimized AMIs for EKS clusters. These images contain all necessary configurations and tools to setup and deploy worker nodes.
  • Instance type: Choose an appropriate instance type, e.g., t3.medium.

  • Key pair: Select an existing key pair or create a new one.

  • Security groups: Use a security group that allows the necessary traffic (e.g., port 443 for HTTPS).

    • To allow traffic between worker nodes themselves

      To allow traffic from the control plane

      To allow traffic to the control plane

      To allow SSH traffic to worker nodes

  • IAM instance profile: Select the IAM role you created earlier.

  • Find max Pods can be run on EC2 instance:

    • each EC2 Instance Type has its limitation for the number of allowed network interfaces and the number of allowed IP addresses that can be assigned to each interface. This limitation affects the number of Pods you can run on each worker node

3) Add User Data:

  • Add the user data script to configure the worker nodes to join the EKS cluster

4) Create the Template:

  • Review the settings and create the launch template

5) Create an EKS Managed Node Group Using the Launch Template

When a node goes down in an EKS managed node group using a launch template, the Auto Scaling Group (ASG) will automatically create a new instance to replace the failed one.