Configure kubectl for Amazon EKS

To use the stock kubectl client for EKS you need to:

  • install the AWS IAM Authenticator for Kubernetes

https://docs.aws.amazon.com/eks/latest/userguide/configure-kubectl.html

  • modify your kubectl configuration file to use it for authentication

 

Other things that may be useful are:

  • helm – if you’re using Helm charts to manage your cluster in EKS
  • kubectl and awscli – goes without saying

E.g. check your aws cli version with:

aws --version and upgrade with pip install awscli --upgrade --user

  • assume-role – if you’re using IAM roles

https://github.com/remind101/assume-role

  • nice to have is fzf: https://github.com/junegunn/fzf#installation

 

To update your kubeconfig use:

aws eks update-kubeconfig --name CLUSTER_NAME-eks --region REGION

You’ll need an up-to-date version of the awscli. E.g. 1.15.53 won’t cut it.

 

To assume role use:

eval $(assume-role <role-name>)

Issues:

If you get:

it would be because you don’t have a profile in your ~/.aws/config

Your profile in ~/.aws/config should look like:

 

You should be able to run:

assume-role <role-name>

and see the assume role output.

 

 

 

Testing:

To test you can access your EKS cluster, use:

kubectl get all -n kube-system

Or for none-system:

kubectl get all

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *