Learn DevOps & Server Administration

Monday, February 25, 2019

How to Setup Chef Workstation, Hosted Chef Server and Configure Node using Chef cookbook

Chef:
Chef is a powerful tool for automation that transforms infrastructure into code. Whether you're operating in the cloud or on-premises or in Hybrid Environment. Chef automates how infrastructure is configured, deployed and managed across your network.

Three main part of Chef.

Chef Workstation (SDK) - Where we write recipe and Cookbook
Chef Server - Hold Cookbook, roles, Node information and manage Nodes
Chef Client Node - Manage by Chef Server, each deployment and configuration done by Chef Server

Prerequisites:

One Linux or Windows Machine (For chef Workstation)
Chef Server account
One Linux System to perform the installation using cookbook

Step 1- Setup Chef Workstation:

We can use either Windows or Linux system to set up as Chef Workstation. Download and install Chef workstation SDK from its official website. Download Chef SDK https://downloads.chef.io/chefdk/ and install on your favourite system.

Follow these commands to finish the installation on Ubuntu 16.04:
To download:

$ https://packages.chef.io/files/stable/chefdk/3.7.23/ubuntu/16.04/chefdk_3.7.23-1_amd64.deb

To Install:

$ dpkg -i  chefdk_3.7.23-1_amd64.deb

It will take a few minutes to finish the installation:
Step 2- Setup Hosted Chef Server:
Open the browser and hit this URL to sign up https://manage.chef.io/signup
Fill out your details as in picture below

Once sign up process complete, log in to your account and follow the steps below to complete initial set up.

Click on administration tab and choose to Create button under the organization

Download Starter Kit- it provides an interface between chef workstation and chef Server to communicate and upload cookbook to chef server.

Once Download finished, Go to the downloaded directory.

In the above screenshot highlighted is my Deployment kit name.

Extract Starter Kit on your Workstation.

$  unzip chef-starter.zip

Once Deployment Kit unzip successfully, You will see extracted folder name Chef-repo

Go to Chef-repo directory

$  cd chef-repo

Verify extracted files with .chef configuration file.

$  ls -lah 

drwxr-xr-x 1 Amar 197121    0 Feb 25 14:20 ./
drwxr-xr-x 1 Amar 197121    0 Feb 25 14:20 ../
drwxr-xr-x 1 Amar 197121    0 Feb  9 02:58 .chef/
-rw-r--r-- 1 Amar 197121  495 Feb  9 02:58 .gitignore
drwxr-xr-x 1 Amar 197121    0 Feb  9 02:58 cookbooks/
-rw-r--r-- 1 Amar 197121 2.3K Feb  9 02:58 README.md
drwxr-xr-x 1 Amar 197121    0 Feb  9 02:58 roles/

You will notice three main components.Chef, Cookbook and roles inside.

Please remember to create and upload cookbook to chef server inside this directory Because it has Chef Server organization information and private key to communicate chef server. You can check Chef server details in .chef file.

Now, We are ready to start writing recipes and start upload cookbook to Chef server.

Step 3- Start Writing Chef recipes and cookbook.

Generate template for your own custom cookbook, though N number of cookbooks are available on the Internet. In this Example, I'm going to demonstrate Jenkins installation using Chef cookbook.

$ chef generate cookbook cookbook/jenkins

Generating cookbook jenkins
- Ensuring correct cookbook file content
- Committing cookbook files to git
- Ensuring delivery configuration
- Ensuring correct delivery build cookbook content
- Adding delivery configuration to feature branch
- Adding build cookbook to feature branch
- Merging delivery content feature branch to master

Your cookbook is ready. Type `cd amar` to enter it.

There are several commands you can run to get started locally developing and testing your cookbook.
Type `delivery local --help` to see a full list.

Why not start by writing a test? Tests for the default recipe are stored at:

test/integration/default/default_test.rb

If you'd prefer to dive right in, the default recipe can be found at:

recipes/default.rb

Our Jenkins cookbook templated generated. let's add our custom configuration.

Open configuration file:

$ vi cookbooks/jenkins/recipes/default.rb

Append following configuration

# Cookbook:: jenkins
# Recipe:: default
#
# Copyright:: 2019, The Authors, All Rights Reserved.


#Install default JAVA Version in Ubuntu
package 'default-jdk' do
end

# Add Jenkins Repo, Keys and run apt update
execute "add jenkins repo" do
        command <<-EOF
                wget -q -O - https://pkg.jenkins.io/debian/jenkins-ci.org.key | sudo apt-key add -
                sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
                apt-get update
EOF
end

# To Install Jenkins Package
package 'jenkins' do

end

# To Enable and start Jenkins Service
service 'jenkins' do
        action [:enable, :start]

end

# Set System Time Zon
execute 'datetimect' do
        command <<-EOF
                sudo timedatectl set-timezone Asia/Kolkata

        EOF
end

Save cookbook.

Jenkins installation Cookbook is ready. Let's upload to our hosted Chef Server.

$ knife cookbook upload jenkins

Uploading jenkins        [0.1.0]
Uploaded 1 cookbook.

Jenkins cookbook successfully uploaded to Hosted Chef Server.

Step 4- Perform Jenkins installation on the remote machine using a cookbook.

Make sure you can SSH to the Node from Workstation. Run the following command to perform an installation with User Name and Password.

$ knife bootstrap 10.0.1.70 --ssh-user ubuntu --ssh-password 'mypassword' --sudo --use-sudo-password --node-name Node01 --run-list 'recipe[jenkins]'

Modify the above command as per your details.

If you have access using Key file run the following command.

$ knife bootstrap 10.0.1.170 --ssh-user ubuntu --sudo --identity-file /home/sshkey/ubuntu.ppk --node-name Node01 --run-list 'recipe[jenkins]'

Modify highlighted points with your details.

Upon successful installation, you will get output like this.

Jenkins installation completed successfully, let's verify the installation by accessing Node01 IP address with Jenkins port - 8080

http://10.0.1.170:8080/

Jenkins installation is done successfully. Now you can create your own custom Chef cookbook for various configuration and installation.

Optional: Now, You can manage your node from your hosted Chef account, You can list your added node in the Chef console. Please see below picture for more detail.

Monday, February 4, 2019

Jenkins Pipeline Build and push Docker Image to Docker Hub

Jenkins Pipeline:
Jenkins Pipeline uses a build pipeline plugin which supports continues delivery pipeline into Jenkins.

A continuous delivery (CD) pipeline is an automated expression of your process for getting software from version control right through to your users and customers.

The definition of a Jenkins Pipeline is written into a text file (called a Jenkinsfile) which in turn can be committed to a project’s source control repository.

Jenkins support two types of the pipeline:

Scripted pipeline
Declarative pipeline

Declarative and Scripted Pipelines are constructed fundamentally differently. Declarative Pipeline is a more recent feature of Jenkins Pipeline which:

provides richer syntactical features over Scripted Pipeline syntax, and

is designed to make writing and reading Pipeline code easier.

PipeLine Concepts:

The following concepts are key aspects of Jenkins Pipeline, which tie in closely to Pipeline syntax

Node - Node is a machine which is part of Jenkins env and capable to execute pipeline.
Stage - It uses to describe conceptually subnet of task
Step - It tells Jenkins what to do

Prerequisites:

Windows machine installed following software.
Installed Docker on Windows.
Installed Jenkins
Docker Hub Login

Step 1- Install Docker on Windows:

I'm using Windows 7 for the demonstration, You can follow this blog to finish the Docker for Windows installation.

Step 2- Install Jenkins On Windows:

Follow this blog to finish the Jenkins installation on Windows: How to Install Jenkins on Windows Machine.

Step 3- Complete pre-requisites:

Add Docker hub login details:

To add docker hub login details open Jenkins and go to add credentials page:

On add credentials page add docker User and Password

After adding credentials.
In the Jenkinsfile, I have defined steps to stop and delete existing container so we need to run following command before continuing. Open Docker quick terminal and the command.

$ docker run -dit --name apache2 -p 80:80 ubuntu

The above command will create a container of ubuntu with name apache2. Let's continue.

Step 4- Setup Jenkins Job:
Open Jenkins > new project >Enter Project name > Choose Project type Pipeline

Choose Ok > Choose this project is parameterized > select string parameter in the drop down list> fill out the details as in the picture below

On the Pipeline section select Definition pipeline Script from SCM > Select type Git > Enter Git repository URL > click on Save

Jenkins Job is ready to build.

Step 5- Build and test Jenkins job:
choose to Build with parameters select your docker user and click on the build button.

After successfully complete, you will see output like this.

Build and push has completed successfully to Docker Hub. Based on this you build other customs Docker Image and push to your Docker hub account.

optionally, You can check My GitHub repository and view the dockerfile and Jenkinsfile pipeline.
https://github.com/amarsingh3d/jenkins-pipeline

Thanks for Reading blog!!

How to Install Docker in Windows 7

Docker:
Docker is the most revolutionized technology in virtualization world nowadays. Docker is actually an open source project which provides container technology. A container is a lightweight VM(virtual machine) or a process which allows us to install Linux based applications inside it. The container doesn’t have its own Kernel, RAM, CPU and Disk but it uses the underlying OS kernel, RAM, CPU cores and Disk.

Prerequisites:

Windows 7 Machine enabled Virtualization
A user with administrator access
Installed VBox software.

Step 1- Download and Install Docker Toolbox:

In this section, We will install Docker Toolbox software and prerequisites applications.

If you have already installed Virtual box in your System, don't install it with Docker Toolbox package. Let's follow the steps below to start the installation.

Go to Docker Toolbox page.
Click on Get Docker Toolbox for Windows

Once download finished, Double click on installer.

Click Next to continue the installation

Choose Full Installation and Click on Next

Click Next to continue the installation

Choose next

Click on the Install button to start the installation, It may take a few minutes to finish the installation.

Click on Always install software from Oracle Corporation and choose install.

Once Done click on finish.

After, Successful installation, you will see these three shortcuts on the desktop.

Docker toolbox for Windows Installation completed successfully and ready for use.

Step 2- Initial setup of Docker toolbox:
After, Successful installation. double click on Docker Quickstart Terminal. It will download boot2Docker Iso file. Please wait until the process gets completed.

After, Successful initialization you will following windows.

Docker-Machine has successfully initialized and ready to use.

Step 3- Basic Docker command.
Following are some basic command.

Check docker machine IP

$ docker-machine ip
192.168.99.100

Check Docker-machine Status

$ docker-machine status
Running

Create First Container:

$ docker run -dit --name web -p 80:80 ubuntu

It will download the latest ubuntu docker image and will create a container.

Check running container

$ docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                NAMES
e38d28990a16        ubuntu              "/bin/bash"         27 seconds ago      Up 21 seconds       0.0.0.0:80->80/tcp   web

Newly created Container up and running. Now, You are ready to build more docker image using docker file.

You can check here- how to build DockerImage using docket file.

Build Docker Image using Dockerfile

Thanks for the reading blog!!

Thursday, January 10, 2019

How to Setup LAMP stack on AWS EKS

EKS: Amazon Elastic Container Server for Kubernetes (EKS) is a managed service that allows us to run Kubernetes Cluster with needing to stand up or maintain own Kubernetes Control Plane.

Step 1- Clone Git repository

We need to clone the git repository, in order to download Apache, PHP, MySQL and PhpMyAdmin yaml file.

Run the following command on the Linux terminal.

$ git clone https://github.com/amarsingh3d/kubernetes-LAMP.git

Clone output would be like this

Cloning into 'kubernetes-LAMP'...
remote: Enumerating objects: 12, done.
remote: Counting objects: 100% (12/12), done.
remote: Compressing objects: 100% (7/7), done.
remote: Total 12 (delta 2), reused 12 (delta 2), pack-reused 0
Unpacking objects: 100% (12/12), done.

Once download finish, Change directory

$ cd  kubernetes-LAMP/

Step 2- Create Apache,PHP,MySQL,PhpMyAdmin Deployment, Pod & Service:

Run the command below to create Apache & PHP deployment, pod and Service

$ kubectl create -f Apache_PHP_App.yaml

deployment.extensions/phpdeployment created
service/phpservice created

To Create MySQL Deployment and Service runs following Command.

$  kubectl create -f mysql.yaml

deployment.extensions/mysqldeploy created
service/mysql-service created

Create PhpMyAdmin pod and service.

$  kubectl create -f phpmyadmin.yaml

service/phpmyadmin created
pod/phpmyadmin created

Step-3: Validate created Deployment, Service and pods:

List deployment:

$ kubectl get deploy

NAME             DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
mysqldeploy       1             1                1                    1           30m
phpdeployment   1             1                1                    1           26m

List Services:

$ kubectl get svc

**NAME**            **TYPE**           **CLUSTER-IP**       **EXTERNAL-IP**                                                               **PORT(S)**          **AGE**
  kubernetes         ClusterIP         10.100.0.1             <none>                                                                        443/TCP              12d
  mysql-service      NodePort          10.100.133.204         <none>                                                                        3306:30006/TCP       4m
  phpmyadmin         LoadBalancer      10.100.124.42          a923b8ce414c611e9a4580e9bc01181a-1306726413.us-east-1.elb.amazonaws.com       80:31136/TCP         4m
  phpservice         LoadBalancer      10.100.252.156         a145801e314c711e9878e0a7065e7328-1743249526.us-east-1.elb.amazonaws.com       80:30080/TCP         25s

Check running pods

$ kubectl get pods -o=wide

**NAME**                             **READY**     **STATUS**    **RESTARTS**   **AGE**       **IP**                **NODE**                              **NOMINATED NODE**
  mysqldeploy-5c9dcc8c55-bhqrj         1/1           Running        0             15m       192.168.183.108   ip-192-168-170-141.ec2.internal                           <none>
  phpdeployment-7fc9485dbf-82tpn       1/1           Running        0             12m       192.168.86.181    ip-192-168-106-201.ec2.internal      <none>
  phpmyadmin                           1/1           Running        0             15m       192.168.167.172   ip-192-168-170-141.ec2.internal      <none>

Step -4: Test Apache, PHP and PhpMyAdmin access

Open browser and access PHPservice service external IP URL:

http://a145801e314c711e9878e0a7065e7328-1743249526.us-east-1.elb.amazonaws.com/

Check phpinfo

http://a145801e314c711e9878e0a7065e7328-1743249526.us-east-1.elb.amazonaws.com/phpinfo.php

Test PhpMyAdmin login

http://a923b8ce414c611e9a4580e9bc01181a-1306726413.us-east-1.elb.amazonaws.com/

User: root

Password: redhat // We setup MySQL root password in our Mysql.yaml deployment file.//

We have successfully setup LAMP stack on EKS Kubernetes cluster.

-----------------------------------------------------------------------------------------------------------------------

Optional: Once you have done with LAB, you can delete Service and Deployment.

Delete PHP Deployment:

$ kubectl delete deploy/phpdeployment

deployment.extensions "phpdeployment" deleted

Delete MySQL Deployment:

$ kubectl delete deploy/mysqldeploy

deployment.extensions "mysqldeploy" deleted

delete PHP Service

$ kubectl delete svc/phpservice

service "phpservice" deleted

delete MySQL Service

$ kubectl delete svc/mysql-service
service "mysql-service" deleted

Delete PhpMyAdmin Service

$ kubectl delete svc/phpmyadmin

service "phpmyadmin" deleted

Delete PhpMyAdmin pod

$ kubectl delete pod/phpmyadmin
  pod "phpmyadmin" deleted

We have successfully deleted all the deployment, service and pods

Wednesday, January 9, 2019

How to Setup LAMP Stack on Docker System

We will Create 3 Container as follow:

Apache + PHP Container
MySQL Container
PhpMyAdmin Container

Prerequisites:

Docker
Docker-compose

Step 1- Install Docker:

Before we provision our LAMP Stack, we need docker installed on your host. Follow my previous blog for installing Docker.

https://linuxhowtoguide.blogspot.com/2018/08/how-to-install-docker-in-ubuntu-1604-lts.html

Step 2- Install Docker-compose:

$ curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

Make docker-compose executable

$ chmod +x /usr/local/bin/docker-compose

Step 3- Clone git repository on your local system and change directory

Run the following command to clone git repository

$ git clone https://github.com/amarsingh3d/Docker-LAMP.git

Change Directory

$ cd Docker-LAMP

Step 4- Create Folder to mount with Apache and MySQL container

Before, we provision our LAMP container environment. First, We need to complete some prerequisites. 1-We will setup Two Directories, One for DocumentRoot and Second for MySQL database directory. Run the following command to setup two directories.

$ sh setupdir.sh

Copy phpinfo.php to DocumentRoot

$ copy phpinfo.php DocumentRoot

Once Directory setup successfully, we can proceed to provision LAMP Container stack

Step 5- Setup Container for LAMP Stack

To provision LAMP stack run following command.

$ docker-compuse up -d

Validate Created Container:

$ docker container ls

You will see three up and running container.

CONTAINER ID        IMAGE                          COMMAND                  CREATED             STATUS              PORTS                            NAMES
326da5972785        phpmyadmin/phpmyadmin          "/run.sh supervisord…"   About an hour ago   Up About an hour    9000/tcp, 0.0.0.0:8080->80/tcp   docker-lamp_phpmyadmin_1
c1a700d81c42        amarsingh3d/apache2.4-php7.2   "/bin/sh -c '/usr/sb…"   About an hour ago   Up About an hour    0.0.0.0:80->80/tcp               docker-lamp_www_1
7480657c8ced        mysql:5.6                      "docker-entrypoint.s…"   About an hour ago   Up About an hour    0.0.0.0:3306->3306/tcp           docker-lamp_db_1

All Three Containers are up and running.

Step 6- Verify Container and Services:

In order to verify Apache container, check your Docker host IP address and access IP Address in the browser. In my case, My IP address is following

http://10.0.1.170

http://10.0.1.170/phpinfo.php

Verify PhpMyAdmin Access
To access PhpMyAdmin go to browser and access Docker host IP with port 8080
http://10.0.1.170:8080/

We have successfully setup LAMP stack on Docker host.

Saturday, December 29, 2018

How to Setup AWS EKS Cluster with Worker Node and Management Server

AWS EKS: Amazon Elastic Container Server for Kubernetes (EKS) is a managed service that allows us to run Kubernetes Cluster with needing to stand up or maintain own Kubernetes Control Plane.

Kubernetes is an open source System for automating the deployment, Scaling and management of the containerized application.

Amazon EKS can be integrated with many AWS services.

ELB for Load Balancing
IAM for authentication
Amazon VPC for isolation

Note: It's recommended to use the same user to provision EKS cluster and connect from the management kubectl server.

Step 1: Setup New User and IAM Role:

Before, Provision EKS cluster. We need to set up a user (Programmatic access not console) and one IAM role to provision EKS cluster and required resource on behalf of you. Let's follow the step below to create User and IAM Role.

A- Create Amason EKS Service Roles:

Log on to AWS Console
Go to IAM
Select Roles and choose Create Role
Select AWS Services in Type of trusted entity
Choose EKS

Next: Permissions
Again Next
Add Tag optional
Next
Enter Role Name EKS-Service

Select Create to finish and create the Role.

EKS Service role created successfully

B- Create A policy to grant EKS full access

Log on to AWS Console
Go to IAM
Choose Policies
Create Policy
Choose JSON format and paste these lines:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "eks:*"
            ],
            "Resource": "*"
        }
    ]
}

Click on Review Policy
Enter Policy Name- EKS_Full_Access

Click on Create

EKS Full Access policy created

C- Create a user:

Log on to AWS Console
Go to IAM
Select User and choose Add User
On next Page Enter User Name
Choose Access Type Programmatic access

Select Next permissions
Choose attach existing policies directly
Select policy as in the screenshot below and Administrator also

Next
Add Tags optional - add a tag if you want
NEXT
Review final selection and Click on Create button to finish.

A User set up successfully. We will use this user to Create EKS Cluster from the AWS CLI and manage our EKS Cluster.

D - Generate Access and Secret Key

In order to Create and manage EKS Cluster, we need to set up AWS CLI so aws-iam-authenticator can communicate with our cluster using AWS CLI credentials profile.

Log on to AWS Console
Go to IAM
Select EKS-User
Select Security credentials TAB
Click on Create access key

Download and keep access & secret key somewhere, We will use these key in AWS CLI configuration in the next step.

Step 2: Create Amazon EKS Cluster VPC:
We need a VPC to provision EKS Cluster and nodes, you can use existing VPC but it's best practice to create a new VPC with subnets and Security Groups. let's follow the Steps below to Create new EKS Cluster VPC.

Log on to AWS Console - https://console.aws.amazon.com/cloudformation/
Go to Cloud formation
Select Create Stack
Choose Specify an Amazon S3 template URL
Add following URL- https://amazon-eks.s3-us-west-2.amazonaws.com/cloudformation/2018-12-10/amazon-eks-vpc-sample.yaml

Click NEXT
Enter Stack Name, VPCBlock, Subnet01Block, Subnet02Block and Subnet03Block.

click Next
Optionally, you can specify Tag, rollback trigger and cloud watch monitoring. or Click Next to leave this section.
Review defined configuration
Click Create to finish and create the EKS Cluster VPC

It may take 5 to 10 minutes. After that VPC will be available. Please note down Subnets and security Group ID. We will use them in AWS CLI to create EKS Cluster.

For Example, see below picture.

Step 3: Setup Management system -

We need a System to create and Manage EKS cluster. We need to install following packages to manage EKS cluster.

AWS CLI
aws-iam-authenticator
Kubecutl
access and secret keys

A- Install AWS CLI:

To install AWS CLI use this URL: https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html

In my case, I am using Ubuntu 18.04. follow the command below to finish the installation.

Check python version

# python --version
Python 3.6.5

if you don't have python installed, do the installation.

Install python-pip

# apt install python-pip

Install awscli

# pip install awscli --upgrade

Make aws command available

# ln -s /usr/local/bin/aws /usr/bin/aws

Verify installation.

# aws --version

aws-cli/1.16.81 Python/2.7.15rc1 Linux/4.15.0-39-generic botocore/1.12.71

AWSCLI installtion completed successfully.

B- Set up aws-iam-authenticator:

Download aws-iam-authenticator

# wget https://amazon-eks.s3-us-west-2.amazonaws.com/1.11.5/2018-12-06/bin/linux/amd64/aws-iam-authenticator

Make aws-iam-authenticator executable

# chmod +x aws-iam-authenticator

Set path for aws-iam-authenticator

#  cp aws-iam-authenticator /usr/bin/

Verify aws-iam-authenticator installation

# aws-iam-authenticator help

C- Setup kubectl:

Kubectl is an important tool to manage Amazon EKS cluster. let's setup kubectl

Download kubectl

# curl -o kubectl https://amazon-eks.s3-us-west-2.amazonaws.com/1.11.5/2018-12-06/bin/linux/amd64/kubectl

Make kubectl executable

# chmod +x kubectl

Set kubectl path

# cp kubectl /usr/bin

Verify kubectl installation

# kubectl version --short --client
Client Version: v1.11.5

All three tools have been set up successfully.

D- Setup AWS CLI access and secret key:
We need to set up AWS CLI access to our AWS account, In order to provision Amazon EKS cluster and managing EKS cluster resource.

Run the following command on your system.

#  aws configure

AWS Access Key ID [****************CRBA]: KTxttt65DFDFDDFDNR6G88
AWS Secret Access Key [****************uiJj]: DkfjdkfjDFDFDFDFJwqpUdR+awgPaPPdkjkijkjkij
Default region name [us-east-1]: us-east-1
Default output format [table]: table

All done, Now management system is ready to provision Amazon EKS cluster.
Step 4: Create an Amazon EKS Cluster:
After setting up all the prerequisites, it's time to create EKS cluster.

Get Role ARN from the AWS console in the IAM section:

Get subnets and Security group ids from cloud formations output

Run the following command to create EKS Cluster:

# aws eks create-cluster --name Cluster_Name --role-arn Enter-Role-ARN_get-from-aws-console_see-first picture-above --resources-vpc-config subnetIds=Enter_all_three_subnets_ID_Get-details-from-cloudformation-stack-VPC-Stack_example-above-2nd-picture,securityGroupIds=Enter-security-gropu-ID_Get-from-CloudFormation-stack-VPC-Stack-above-picture

Once done, your output would be like below:

{
    "cluster": {
        "name": "devel",
        "arn": "arn:aws:eks:us-west-2:111122223333:cluster/EKS-Cluster02",
        "createdAt": 1527785885.159,
        "version": "1.10",
        "roleArn": "arn:aws:iam::111122223333:role/eks-service-role-AWSServiceRoleForAmazonEKS-AFNL4H8HB71F",
        "resourcesVpcConfig": {
            "subnetIds": [
                "subnet-a9189fe2",
                "subnet-50432629"
            ],
            "securityGroupIds": [
                "sg-f5c54184"
            ],
            "vpcId": "vpc-a54041dc"
        },
        "status": "CREATING",
        "certificateAuthority": {}
    }
}

After successful creation of EKS cluster. we can connect our cluster.

Step 5: Configure kubectl for amazon EKS cluster:

We to update kubeconfig file on your management system.

Run the following command to update your EKS cluster details in the kubectl config file

# aws eks update-kubeconfig --name EKS-Cluster02
Added new context arn:aws:eks:us-east-1:55568115433:cluster/EKS-Cluster02 to /home/amar/.kube/config

EKS Cluster added to the kubectl config file.

Verify Cluster Access

# kubectl get svc
NAME           TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.100.0.1      <none>        443/TCP   23h

Successfully connected to Amazon EKS Cluster

Step 6: Launch and configure EKS Worker nodes:

Now, when EKS VPC and Control plane is ready. We can launch and configure Worker nodes.

Log on to AWS console- https://console.aws.amazon.com/cloudformation.
Go to Cloud Formation
Create Stack
Choose: Specify an Amazon S3 template URL- https://amazon-eks.s3-us-west-2.amazonaws.com/cloudformation/2018-12-10/amazon-eks-nodegroup.yaml

Next
Give Stack name: EKS-Worker-Node
Enter Cluster name, SSH Key and Image ID: ami-0b4eb1d8782fc3aea or you can choose ami id based on your region - https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html

Fill all other details- make sure you enter correct EKS cluster name otherwise worker node can't communicate with Cluster. see details picute below.

Next

Next page is optional you can leave it for now or choose your desire setting.

Review your configuration & Acknowledge

Click on Create to finish and setup worker nods.

Our Worker node created successfully.

Step 7: Join worker Node to Cluster:

Once Worker node's stack ready, we can join them to EKS cluster.

SSH to management System
Get Worker node ARN from Cloud Formation Stack from AWS Console, see picture below

Download Config Map

# curl -O https://amazon-eks.s3-us-west-2.amazonaws.com/cloudformation/2018-12-10/aws-auth-cm.yaml

Update your Worker node's ARN in the aws-auth-cm.yaml file.
Edit the file in your favourite editor and replace yourARN with Red highlighted line.

 apiVersion: v1
kind: ConfigMap
metadata:
  name: aws-auth
  namespace: kube-system
data:
  mapRoles: |
    - rolearn: <ARN of instance role (not instance profile)>
      username: system:node:{{EC2PrivateDNSName}}
      groups:
        - system:bootstrappers
        - system:nodes

Save and exit from the file.
Appy configuration

# kubectl apply -f aws-auth-cm.yaml

Configuration updated Successfully.

Verify Added node.

# kubectl get node

Both the node added successfully.

Finally, We have successfully provision EKS Cluster, Worker Node and A management system to manage the EKS cluster.