By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post

How do I create a managed node group using Bottlerocket AMI in Amazon EKS?

4 minute read
0

I want to use eksctl to launch Bottlerocket Amazon Machine Image (Bottlerocket AMI) to create a managed node group in Amazon Elastic Kubernetes Service (Amazon EKS).

Resolution

Prerequisite

1.    Make sure that you have eksctl version 0.124.0 or later.

2.    Run the following command to check your version:

$ eksctl version

Create a bottlerocket.yaml file

1.    Open the terminal where you installed eksctl. Then, complete the following steps to create a new file.

2.    Replace mybottlerocket-cluster with the name of your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 100 characters.

3.    Replace bottlerocket-nodegroup with a name for your node group. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 100 characters.

4.    Specify the instance type. For example, to deploy on an ARM instance, replace m5.xlarge with an ARM instance type.

5.    Replace eks_bottlerocket with the name of an Amazon Elastic Compute Cloud (Amazon EC2) SSH key pair. After they're launched, use SSH to connect to the nodes.

Note: If you don't have an Amazon EC2 SSH key pair, then create one in the AWS Management Console. For more information, see Amazon EC2 key pairs and Linux instances.

6.    Replace all remaining values in the example with your own values. After you make the replacements, save the bottlerocket.yaml file.

---
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
 
metadata:
  name: mybottlerocket-cluster
  region: us-west-2
  version: '1.23'
 
managedNodeGroups:
  - name: bottlerocket-nodegroup
    instanceType: m5.xlarge
    minSize: 2
    maxSize: 4
    desiredCapacity: 3
    amiFamily: Bottlerocket
    labels: { role: br-worker }
    tags:
       nodegroup-type: Bottlerocket
    ssh:
      allow: true
      publicKeyName: eks_bottlerocket

Note: You can create Bottlerocket-managed node groups for all default instance types. These are static scaling (T series), general purpose (M series), compute-optimized (C series), memory-optimized (R series), and the Graviton2 ARM-based instance types. Bottlerocket AMI doesn't support accelerated computing instance types (P, G, Inf1).

For more information on Bottlerocket AMI, see Amazon EKS optimized Bottlerocket AMIs.

Create the node group and list its nodes in the EKS cluster

1.    Run the following eksctl command to create a node group:

$ eksctl create nodegroup -f bottlerocket.yaml
[✔]  created 1 nodegroup(s) in cluster "mybottlerocket-cluster"

2.    List the nodes in the EKS cluster along with your attributes:

$ kubectl get nodes -o=custom-columns=NODE:.metadata.name,ARCH:.status.nodeInfo.architecture,OS-Image:.status.nodeInfo.osImage,OS:.status.nodeInfo.operatingSystem
NODE                                          ARCH    OS-Image                                OS
ip-192-168-xx-xx.us-west-2.compute.internal   amd64   Bottlerocket OS 1.11.1 (aws-k8s-1.23)   linux
ip-192-168-xx-xx.us-west-2.compute.internal   amd64   Bottlerocket OS 1.11.1 (aws-k8s-1.23)   linux
ip-192-168-xx-xx.us-west-2.compute.internal   amd64   Bottlerocket OS 1.11.1 (aws-k8s-1.23)   linux

Connect to the Bottlerocket AMI nodes (optional)

Connect to the new Bottlerocket nodes through an AWS Systems Manager (AWS SSM) session. The AWS SSM agent is running on the node because you already turned on AWS SSM permission for the node instance role. For more information on AWS SSM, see What is AWS Systems Manager?

1.    Run the following command to find the instance IDs:

$ kubectl get nodes -o=custom-columns=NODE:.metadata.name,ARCH:.status.nodeInfo.architecture,OS-Image:.status.nodeInfo.osImage,OS:.status.nodeInfo.operatingSystem,InstanceId:.spec.providerID
NODE                                           ARCH    OS-Image                                OS      InstanceId
ip-192-168-xx-xx.us-west-2.compute.internal    amd64   Bottlerocket OS 1.11.1 (aws-k8s-1.23)   linux   aws:///us-west-2b/i-0cf32f13f60c2f501
ip-192-168-xx-xx.us-west-2.compute.internal    amd64   Bottlerocket OS 1.11.1 (aws-k8s-1.23)   linux   aws:///us-west-2b/i-0f31328a5d21cb092
ip-192-168-xx-xx.us-west-2.compute.internal    amd64   Bottlerocket OS 1.11.1 (aws-k8s-1.23)   linux   aws:///us-west-2b/i-08c218b729ecf9b5d

Start an SSM session

By default, Bottlerocket has a control container that runs on a separate instance of containerd. This container runs the AWS SSM agent and lets you run commands or start interactive shell sessions on Bottlerocket nodes.

1.    Choose one of the instances that you identified earlier and launch an SSM session. The following example shows an SSM session command for the i-0cf32f13f60c2f501 instance:

$ aws ssm start-session --target i-0cf32f13f60c2f501 --region us-west-2
Starting session with SessionId: EKS-Test-User-0077e4c89ad2bc888
          Welcome to Bottlerocket's control container!

Related information

Launching self-managed Bottlerocket nodes

What is Amazon EKS?

Topics
Containers
Tags
Amazon Elastic Kubernetes Service
Language
English
AWS OFFICIAL
AWS OFFICIALUpdated 2 months ago
No comments

Relevant content