I want to learn how to create a Bottlerocket managed node group in Amazon Elastic Kubernetes Service (Amazon EKS) using the Bottlerocket Amazon Machine Image (AMI) and eksctl.
Resolution
Prerequisite
Before you complete the resolution steps, confirm that you have eksctl version 0.124.0 or later.
To check your version, run the following command:
$ eksctl version
Create a bottlerocket.yaml file
Open the terminal where you installed eksctl. Then, use the following example to create and save the bottlerocket.yaml file.
Note:
- Replace mybottlerocket-cluster with the name of your cluster. The name can contain only hyphens and alphanumeric characters that are case sensitive. It must start with an alphabetic character and can't be longer than 100 characters.
- Replace bottlerocket-nodegroup with a name for your node group. The name can contain only hyphens and alphanumeric characters that are case sensitive. It must start with an alphabetic character and can't be longer than 100 characters.
- Specify the instance type. For example, to deploy on an Arm instance, replace m5.xlarge with an Arm instance type.
- Replace eks_bottlerocket with the name of an Amazon Elastic Compute Cloud (Amazon EC2) SSH key pair. After you launch the nodes, use SSH to connect to them.
Note: If you don't have an Amazon EC2 SSH key pair, then create one in the AWS Management Console. For more information, see Amazon EC2 key pairs and Linux instances.
---
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: mybottlerocket-cluster
region: us-west-2
version: '1.27'
managedNodeGroups:
- name: bottlerocket-nodegroup
instanceType: m5.xlarge
minSize: 2
maxSize: 4
desiredCapacity: 3
amiFamily: Bottlerocket
labels: { role: br-worker }
tags:
nodegroup-type: Bottlerocket
ssh:
allow: true
publicKeyName: eks_bottlerocket
Note: You can create Bottlerocket-managed node groups for general purpose, compute-optimized, memory-optimized, and storage-optimized instance types. The Bottlerocket AMI doesn't support accelerated computing instance types.
Create the node group and list its nodes in the EKS cluster
-
Run the following eksctl command to create a node group:
$ eksctl create nodegroup -f bottlerocket.yaml[✔] created 1 nodegroup(s) in cluster "mybottlerocket-cluster"
-
List the nodes in the EKS cluster and your attributes:
$ kubectl get nodes -o=custom-columns=NODE:.metadata.name,ARCH:.status.nodeInfo.architecture,OS-Image:.status.nodeInfo.osImage,OS:.status.nodeInfo.operatingSystemNODE ARCH OS-Image OS
ip-192-168-xx-xx.us-west-2.compute.internal amd64 Bottlerocket OS 1.17.0 (aws-k8s-1.27) linux
ip-192-168-xx-xx.us-west-2.compute.internal amd64 Bottlerocket OS 1.17.0 (aws-k8s-1.27) linux
Connect to the Bottlerocket AMI nodes (optional)
Connect to the new Bottlerocket nodes through an AWS Systems Manager session. AWS Systems Manager Agent (SSM Agent) runs on the node because you already turned on Systems Manager permission for the node instance role.
Run the following command to find the instance IDs:
$ kubectl get nodes -o=custom-columns=NODE:.metadata.name,ARCH:.status.nodeInfo.architecture,OS-Image:.status.nodeInfo.osImage,OS:.status.nodeInfo.operatingSystem,InstanceId:.spec.providerIDNODE ARCH OS-Image OS InstanceId
ip-192-168-xx-xx.us-west-2.compute.internal amd64 Bottlerocket OS 1.17.0 (aws-k8s-1.27) linux aws:///us-west-2b/i-0cf32f13f60c2f501
ip-192-168-xx-xx.us-west-2.compute.internal amd64 Bottlerocket OS 1.17.0 (aws-k8s-1.27) linux aws:///us-west-2b/i-0f31328a5d21cb092
ip-192-168-xx-xx.us-west-2.compute.internal amd64 Bottlerocket OS 1.17.0 (aws-k8s-1.27) linux aws:///us-west-2b/i-08c218b729ecf9b5d
Start a Systems Manager session
By default, Bottlerocket has a control container that runs on a separate instance of containerd. This container runs SSM Agent and lets you run commands or start interactive shell sessions on Bottlerocket nodes.
Choose an instance, and launch a Systems Manager session. The following example shows a Systems Manager session command for the i-0cf32f13f60c2f501 instance:
$ aws ssm start-session --target i-0cf32f13f60c2f501 --region us-west-2
Starting session with SessionId: EKS-Test-User-0077e4c89ad2bc888
Welcome to Bottlerocket's control container!
Related information
Launching self-managed Bottlerocket nodes
What is Amazon EKS?
Instance types (Amazon EC2)