AWS EKSCTL installation steps notes
官方教學
https://docs.aws.amazon.com/zh_tw/eks/latest/userguide/setting-up.html
步驟1:
安裝kubectl
#懶人包 1.26.4
#請注意k8s版本或自行安裝對應的版本
#下載安裝
curl -Lo /usr/local/bin/kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.26.4/2023-05-11/bin/linux/amd64/kubectl
chmod +x /usr/local/bin/kubectl
#驗證
kubectl version --client --output=yaml步驟2:
安裝AWS CLI
#下載
sudo curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
#解壓縮
unzip awscliv2.zip
#連結
sudo ./aws/install -i /usr/local/aws-cli -b /usr/local/bin
#若要更新,後面帶update
sudo ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --update步驟3:
驗證EKS權限用戶aws configure
*存取金鑰在iam > user建立,不可再次查看請保存好
#開始配置
aws configure
#依據提示輸入
#access key
#secret key
#地區 ex:ap-southeast-1
#格式 ex:json步驟4:
安裝eksctl
#下載eksctl
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
#把下載下來的覆蓋
sudo mv /tmp/eksctl /usr/local/bin
#驗證工具是否已經安裝
eksctl version
步驟5:
更新k8s config
#嘗試查詢集群資訊
eksctl get clusters
#更新eks config
aws eks update-kubeconfig --region ap-southeast-1 --name <你的eks集群名稱>成功的畫面應該是這樣
再來就能用kubectl get node / kubectl get pod等操作了
排錯步驟
- 若在查詢集群時報錯
你的用戶 is not authorized to perform: eks:ListClusters on resource
- 檢查IAM權限策略
- 加入以下權限
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor",
"Effect": "Allow",
"Action": [
"cloudformation:DescribeStacks",
"cloudformation:ListStacks"
],
"Resource": "*"
}
]
}- 同場加應EKS的策略懶人包
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor",
"Effect": "Allow",
"Action": [
"eks:AccessKubernetesApi",
"eks:ListFargateProfiles",
"eks:DescribeNodegroup",
"eks:ListNodegroups",
"eks:DescribeFargateProfile",
"eks:ListTagsForResource",
"eks:ListUpdates",
"eks:DescribeUpdate",
"eks:DescribeCluster",
"eks:ListClusters"
],
"Resource": "*"
}
]
}
