Eksctl - A CLI Tool to Create Kubernetes Cluster on Amazon EKS

In this blog post, we will look at how to use eksctl to create Kubernetes clusters on EKS. eksctl is a command line tool written in Go by weaveworks and based on Amazon's official CloudFormation templates.

For those new to EKS, it is an AWS managed service that makes it easy to deploy, scale and manage containerized applications running on Kubernetes. All clusters are deployed on EC2.

How to Install eksctl on Linux

Since eksctl is written in Go, it is distributed as a binary package with no dependency. You can manually download the package from Releases page or pull the latest release with wget or curl command.

In our example, we will use wget, so make sure it is installed before you proceed.

curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/latest_release/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp

This will download eksctl tar file and extract it to /tmp directory.

Before you can use the binary, you need to move the file to a directory in your $PATH environment variable.

$ sudo mv /tmp/eksctl /usr/local/bin

For macOS users, you can as well install eksctl tool from Homebrew:

$ brew install weaveworks/tap/eksctl

Check version using:

$ eksctl version
2018-07-25T11:52:18+03:00 [ℹ] versionInfo = map[string]string{"builtAt":"2018-07-23T07:21:37Z", "gitCommit":"c332060348833792c9a69f1ef71d1c8d76c3ffd7", "gitTag":"0.1.0-beta.3"}

Configure AWS API credentials

Once you have installed eksctl, it will require AWS API credentials to connect to EKS service. The easiest way to configure these credentials is by using.awscliwhich is installed using pip.

Install pip:

$ sudo apt-get install python-pip # For Ubuntu/Debian
$ sudo yum install python-pip # For CentOS
$ sudo pacman -S python-pip # For Arch Linux / Manjaro

You can now install an awscli package using pip:

$ sudo pip install awscli

When installed, initiate configuration by running:

$ aws configure
AWS Access Key ID [****************JO6B]: 
AWS Secret Access Key [****************78cd]: 
Default region name [us-west-2]: 
Default output format [json]:

You must provide AWS Access Key ID and AWS Secret Access Key for AWS IAM user account to be used when deploying Kubernetes cluster on EKS. The credentials will be located on ~/.aws/credentials file.

Create a Cluster on Amazon EKS with eksctl

When all settings have been saved, you can now create a new cluster on EKS:

$ eksctl create cluster

Options that can be used include:

-n, --name string : To specify EKS cluster name
-N, --nodes int: Total number of nodes, default is 2
-r, --region string:  AWS region (default "us-west-2")
-M, --nodes-max int:  Maximum nodes in ASG
-t, --node-type string: node instance type (default "m5.large")
-m, --nodes-min int:  Minimum nodes in ASG
--kubeconfig: String path to write kubeconfig. Default is ~.kube/config --ssh-public-key string: SSH public key to use for nodes: (default "~/.ssh/id_rsa.pub")

To get a list of more options, run:

$ eksctl --help

To put this into perspective, let's use some of the options to create our cluster:

$ eksctl create cluster -n test-cluster -N 2 
2018-07-25T17:16:36+03:00 [ℹ] setting availability zones to [us-west-2b us-west-2a us-west-2c]
2018-07-25T17:16:36+03:00 [ℹ] importing SSH public key "/home/jmutai/.ssh/id_rsa.pub" as "eksctl-test-cluster-9d:54:75:7b:4e:e0:d0:b5:76:f2:77:69:f8:aa:0c:c6"
2018-07-25T17:16:38+03:00 [ℹ] creating EKS cluster "test-cluster" in "us-west-2" region
2018-07-25T17:16:38+03:00 [ℹ] creating VPC stack "EKS-test-cluster-VPC"
2018-07-25T17:16:38+03:00 [ℹ] creating ServiceRole stack "EKS-test-cluster-ServiceRole"
2018-07-25T17:17:06+03:00 [✔] created ServiceRole stack "EKS-test-cluster-ServiceRole"
2018-07-25T17:18:13+03:00 [✔] created VPC stack "EKS-test-cluster-VPC"
2018-07-25T17:18:13+03:00 [ℹ] creating control plane "test-cluster"
2018-07-25T17:28:48+03:00 [✔] created control plane "test-cluster"
2018-07-25T17:28:48+03:00 [ℹ] creating DefaultNodeGroup stack "EKS-test-cluster-DefaultNodeGroup"
2018-07-25T17:49:26+03:00 [✔] created DefaultNodeGroup stack "EKS-test-cluster-DefaultNodeGroup"
2018-07-25T17:49:26+03:00 [✔] all EKS cluster "test-cluster" resources has been created
2018-07-25T17:49:26+03:00 [✔] saved kubeconfig as "/home/jmutai/.kube/config"
2018-07-25T17:49:35+03:00 [ℹ] the cluster has 1 nodes
2018-07-25T17:49:35+03:00 [ℹ] node "ip-192-168-113-37.us-west-2.compute.internal" is not ready
2018-07-25T17:49:35+03:00 [ℹ] waiting for at least 2 nodes to become ready
2018-07-25T17:49:58+03:00 [ℹ] the cluster has 2 nodes
2018-07-25T17:49:58+03:00 [ℹ] node "ip-192-168-113-37.us-west-2.compute.internal" is ready
2018-07-25T17:49:58+03:00 [ℹ] node "ip-192-168-145-33.us-west-2.compute.internal" is ready
2018-07-25T17:49:58+03:00 [✖] heptio-authenticator-aws not installed
2018-07-25T17:49:58+03:00 [ℹ] cluster should be functional despite missing (or misconfigured) client binaries
2018-07-25T17:49:58+03:00 [✔] EKS cluster "test-cluster" in "us-west-2" region is ready

Once you have created a cluster, the cluster credentials will be added in ~/.kube/config

To use a x-y node Auto Scaling Group, use the options:

--nodes-min=x --nodes-max=y
--nodes-min=2 --nodes-max=5 # Autoscaling btw 2-5

To get details about the deployed cluster, use:

$ eksctl get cluster -n test-cluster
2018-07-25T22:16:02+03:00 [ℹ] cluster = {
Arn: "arn:aws:eks:us-west-2:721943413499:cluster/test-cluster",
CertificateAuthority: {
CreatedAt: 2018-07-25 14:18:15 +0000 UTC,
Endpoint: "https://ID.yl4.us-west-2.eks.amazonaws.com",
Name: "test-cluster",
ResourcesVpcConfig: {
SecurityGroupIds: ["sg-48287686"],
SubnetIds: ["subnet-4077678b","subnet-55eda03a","subnet-38704e6d"],
VpcId: "vpc-0e6a8c66"
RoleArn: "arn:aws:iam::721945983479:role/EKS-test-cluster-ServiceR-AWSServiceRoleForAmazonE-10L09YV7UZQN9",
Status: "ACTIVE",
Version: "1.10"

To delete a cluster, run:
$ eksctl delete cluster --name=<name> [--region=<region>]


$ eksctl delete cluster -n test-cluster
2018-07-25T22:44:59+03:00 [ℹ] deleting EKS cluster "test-cluster"
2018-07-25T22:45:06+03:00 [!] as you are not using the auto-generated kubeconfig file you will need to remove the details of cluster test-cluster manually
2018-07-25T22:45:06+03:00 [✔] all EKS cluster "test-cluster" resource will be deleted (if in doubt, check CloudFormation console)

Read also :

Deploying Kubernetes on AWS EKS service with eksctl is easy to follow process that doesn't need you to struggle with a user interface, and in an easy to redo manner. All cluster configurations are saved on deployment machine, you can quickly make changes and update your cluster.

Josphat Mutai 12:05 am

About Josphat Mutai

Red Hat Certified Engineer with more than 2 years experience managing critical Cloud Infrastructures and Services. Passionate about Technology and loves testing and reviewing gadgets and Open-source tools.

Author Archive Page

Have anything to say?

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.