Mastering AWS EKS Deployment with Terraform: A Comprehensive Guide

October 29, 2023 Amazon, AWS, Cloud Computing, Containers, Elastic Container Registry(ECR), Elastic Kubernetes Service(EKS), Emerging Technologies, Kubernates, Kubernetes, Orchestrator, PaaS No comments

Introduction: Amazon Elastic Kubernetes Service (EKS) simplifies the process of deploying, managing, and scaling containerized applications using Kubernetes on AWS. In this guide, we’ll explore how to provision an AWS EKS cluster using Terraform, an Infrastructure as Code (IaC) tool. We’ll cover essential concepts, Terraform configurations, and provide hands-on examples to help you get started with deploying EKS clusters efficiently.

Understanding AWS EKS: Before diving into the Terraform configurations, let’s familiarize ourselves with some key concepts related to AWS EKS:

  • Managed Kubernetes Service: EKS is a managed Kubernetes service provided by AWS, which abstracts away the complexities of managing the Kubernetes control plane infrastructure.
  • High Availability and Scalability: EKS ensures high availability and scalability by distributing Kubernetes control plane components across multiple Availability Zones within a region.
  • Integration with AWS Services: EKS seamlessly integrates with other AWS services like Elastic Load Balancing (ELB), Identity and Access Management (IAM), and Amazon ECR, simplifying the deployment and operation of containerized applications.

Provisioning AWS EKS with Terraform: Now, let’s walk through the steps to provision an AWS EKS cluster using Terraform:

  1. Setting Up Terraform Environment: Ensure you have Terraform installed on your system. You can download it from the official Terraform website or use a package manager.
  2. Initializing Terraform Configuration: Create a new directory for your Terraform project and initialize it with a main.tf file. Inside main.tf, add the following configuration:
provider "aws" {
  region = "your-preferred-region"

module "eks_cluster" {
  source  = "terraform-aws-modules/eks/aws"
  version = "X.X.X"  // Use the latest version

  cluster_name    = "my-eks-cluster"
  cluster_version = "1.21"
  subnets         = ["subnet-1", "subnet-2"] // Specify your subnets
  # Additional configuration options can be added here

Replace "your-preferred-region", "my-eks-cluster", and "subnet-1", "subnet-2" with your desired AWS region, cluster name, and subnets respectively.

3. Initializing Terraform: Run terraform init in your project directory to initialize Terraform and download the necessary providers and modules.

4. Creating the EKS Cluster: After initialization, run terraform apply to create the EKS cluster based on the configuration defined in main.tf.

5. Accessing the EKS Cluster: Once the cluster is created, Terraform will provide the necessary output, including the endpoint URL and credentials for accessing the cluster.

IAM Policies and Permissions: To interact with the EKS cluster and underlying resources, you need to configure IAM policies and permissions.

Here’s a basic IAM policy that grants necessary permissions for managing EKS clusters, EC2 and S3 related resources:

  "Version": "2012-10-17",
  "Statement": [
      "Effect": "Allow",
      "Action": "eks:*",
      "Resource": "*"
       "Effect": "Allow",
       "Action": "ec2:*",
       "Resource": "*"
       "Effect": "Allow",
       "Action": "s3:*",
       "Resource": "*"
       "Effect": "Allow",
       "Action": "iam:*",
       "Resource": "*"

Make sure to attach this policy to the IAM role or user that Terraform uses to provision resources.

Conclusion: In this guide, I’ve covered the process of provisioning an AWS EKS cluster using Terraform, along with essential concepts and best practices. By following these steps and leveraging Terraform’s infrastructure automation capabilities, you can streamline the deployment and management of Kubernetes clusters on AWS. Experiment with different configurations and integrations to tailor your EKS setup according to your specific requirements and workload characteristics. Happy clustering!

Additional References:

  1. AWS EKS Documentation – Official documentation providing in-depth information about Amazon EKS, including getting started guides, best practices, and advanced topics.
  2. Terraform AWS EKS Module – Official Terraform module for provisioning AWS EKS clusters. This module simplifies the process of setting up EKS clusters using Terraform.
  3. IAM Policies for Amazon EKS – Documentation providing examples of IAM policies for Amazon EKS, helping you define fine-grained access controls for EKS clusters and resources.
  4. Kubernetes Documentation – Official Kubernetes documentation offering comprehensive guides, tutorials, and references for learning Kubernetes concepts and best practices.

GitOps with a comparison between Flux and ArgoCD and which one is better for use in Azure AKS

March 15, 2023 Azure, Azure, Azure DevOps, Azure Kubernetes Service(AKS), Cloud Computing, Development Process, DevOps, DevSecOps, Emerging Technologies, GitOps, KnowledgeBase, Kubernates, Kubernetes, Microsoft, Orchestrator, Platforms, SecOps No comments

GitOps has emerged as a powerful paradigm for managing Kubernetes clusters and deploying applications. Two popular tools for implementing GitOps in Kubernetes are Flux and ArgoCD. Both tools have similar functionalities, but they differ in terms of their architecture, ease of use, and integration with cloud platforms like Azure AKS. In this blog, we will compare Flux and ArgoCD and see which one is better for use in Azure AKS.


Flux is a GitOps tool that automates the deployment of Kubernetes resources by syncing them with a Git repository. It supports multiple deployment strategies, including canary, blue-green, and A/B testing. Flux has a simple architecture that consists of two components: a controller and an agent. The controller watches a Git repository for changes, while the agent runs on each Kubernetes node and applies the changes to the cluster. Flux can be easily integrated with Azure AKS using the Flux Helm Operator, which allows users to manage their Helm charts using GitOps.


ArgoCD is a GitOps tool that provides a declarative way to deploy and manage applications on Kubernetes clusters. It has a powerful UI that allows users to visualize the application state and perform rollbacks and updates. ArgoCD has a more complex architecture than Flux, consisting of a server, a CLI, and an agent. The server is responsible for managing the Git repository, while the CLI provides a command-line interface for interacting with the server. The agent runs on each Kubernetes node and applies the changes to the cluster. ArgoCD can be integrated with Azure AKS using the ArgoCD Operator, which allows users to manage their Kubernetes resources using GitOps.


Now that we have an understanding of the two tools, let’s compare them based on some key factors:

  1. Architecture: Flux has a simpler architecture than ArgoCD, which makes it easier to set up and maintain. ArgoCD’s more complex architecture allows for more advanced features, but it requires more resources to run.
  2. Ease of use: Flux is easier to use than ArgoCD, as it has fewer components and a more straightforward setup process. ArgoCD’s UI is more user-friendly than Flux, but it also has more features that can be overwhelming for beginners.
  3. Integration with Azure AKS: Both Flux and ArgoCD can be integrated with Azure AKS, but Flux has better integration through the Flux Helm Operator, which allows users to manage Helm charts using GitOps.
  4. Community support: Both tools have a large and active community, with extensive documentation and support available. However, Flux has been around longer and has more users, which means it has more plugins and integrations available.


In conclusion, both Flux and ArgoCD are excellent tools for implementing GitOps in Kubernetes. Flux has a simpler architecture and is easier to use, making it a good choice for beginners. ArgoCD has a more advanced feature set and a powerful UI, making it a better choice for more complex deployments. When it comes to integrating with Azure AKS, Flux has the advantage through its Helm Operator. Ultimately, the choice between Flux and ArgoCD comes down to the specific needs of your organization and your level of experience with GitOps.

Introduction to Docker and Containers: A Beginner’s Guide

March 9, 2023 Azure, Azure Kubernetes Service(AKS), Cloud Computing, Containers, Docker, Emerging Technologies, Kubernates, Kubernetes, Microsoft, Orchestrator, Virtualization No comments

Containers are a popular technology for developing and deploying applications. They provide an isolated runtime environment that runs an application and its dependencies, making it easier to package, deploy, and manage the application. Docker is a platform for managing containers that has become very popular in recent years. In this article, we’ll provide an introduction to Docker and containers, including their benefits, architecture, and examples.

Benefits of Docker and Containers

Containers have many benefits that make them a popular technology for software development, including:

  1. Portability: Containers are portable and can run on any system that supports the container runtime, making them easy to move between different environments.
  2. Consistency: Containers provide a consistent runtime environment, regardless of the host system.
  3. Efficiency: Containers are lightweight and require fewer resources than traditional virtual machines, making them more efficient to run.
  4. Isolation: Containers isolate applications and their dependencies, reducing the risk of conflicts and security vulnerabilities.

Architecture of Docker and Containers

Docker has a client-server architecture, consisting of three main components:

  1. Docker client: A command-line interface or graphical user interface that enables users to interact with the Docker daemon.
  2. Docker daemon: A server that runs on the host system and manages the creation, management, and deletion of containers.
  3. Docker registry: A repository for storing and sharing Docker images, which are templates for creating containers.

Docker images are built from Dockerfiles, which are text files that specify the configuration of a container. Dockerfiles contain instructions for installing and configuring the required software and dependencies for an application to run.

Examples of Docker and Containers

Here are some examples of how Docker and containers are used in software development:

  1. Creating development environments: Developers can use containers to create consistent development environments that can be easily shared and reproduced across teams.
  2. Deploying applications: Containers can be used to package and deploy applications to production environments, ensuring consistency and reliability.
  3. Testing and quality assurance: Containers can be used to test and validate applications in different environments, ensuring that they work as expected.


If you’re interested in learning more about Docker and containers, here are some helpful resources:

  1. Docker Documentation: The official documentation for Docker provides comprehensive guides and tutorials on using Docker and containers.
  2. Docker Hub: A repository for Docker images, where you can find and download images for various software applications.
  3. Docker Compose: A tool for defining and running multi-container Docker applications, enabling you to run complex applications with multiple containers.


Docker and containers are powerful tools for developing, packaging, and deploying applications, providing consistency, portability, and efficiency. By isolating applications and their dependencies, containers reduce the risk of conflicts and security vulnerabilities, making them a popular choice in software development. With Docker’s client-server architecture and powerful tools like Dockerfiles and Docker Compose, developers can easily create, manage, and deploy containers to any environment.

Kubernetes vs Service Fabric

April 13, 2018 Application Virtualization, Azure, Emerging Technologies, Kubernates, Orchestrator, OS Virtualization, PaaS, Service Fabric, Virtual Machines, Virtualization No comments

What is the difference between Kubernates and Service Fabric?

It is a common question today among most of the business stakeholders, infrastructure specialists, and information technology architects.










To answer in simpler words, quoting from this Reddit log :

  • Kubernetes manage/orchestrate containers and applications within. 
  • ServiceFabric is a framework for microservices based on one of three models; stateful, stateless, actor. Service Fabric provides a framework for creating micro services, runtime for managing distributed instances, and also provides the ‘fabric’ that holds everything together.

A detailed comparison quoting from an MSDN blog  from here:

Azure Container Service: If you are looking to deploy your application in Linux environment and are comfortable with an orchestrator such as Swarm, Kubernetes or DC/OS, use ACS. A typical 3 tier application (such as a web front end, a caching layer, a API layer and a database layer) can be easily container-ized with 1 single dockerfile (or docker-compose file). It can be continuously decomposed into smaller services gradually. This approach provides an immediate benefit of portability of such an application. Containers is Open technology and there is great community support around containers.

Azure Service Fabric: If an application must have its state saved locally, then use Service Fabric. It is also a good choice if you are looking to deploy the application in Windows server ecosystem(Linux support is in the works as well!). Refer to common workloads on Service Fabric for more discussion on applications that can benefit from Service Fabric. Biggest benefit is that Service Fabric applications can run on-premise, on Azure or even in other cloud platforms also.

What’s Azure Container Service (ACS/AKS)

April 12, 2018 Application Virtualization, Azure, Azure Container Service, Cloud Computing, Cloud Services, Computing, Containers, Docker, Emerging Technologies, IaaS, Kubernates, Microsoft, OpenSource, Orchestrator, OS Virtualization, PaaS, Virtual Machines, Virtualization, Windows Azure Development No comments

I will start with history: Sometime around 2016, Microsoft launched an IaaS service called Azure Container Service a.k.an ACS serves as a bridge between Azure Ecosystem and existing container ecosystem being used widely by the developer community around the world.

kubernates_azureIt helps as a gateway for infrastructure engineers and developers to manage underlying infrastructure such as Virtual Machines, Storage, Network Load Balancing services individually than the application itself.  The application developer doesn’t have to worry about planet-scale of the application, instead, a container orchestrator can manage the scale up and scale down of your application environment based on peaks and downs of your application usage.

It offers an option to select from 3 major container orchestrators available today such as DC/OS, Swarm, Docker, and Kubernates.   ACS along with your choice of container orchestrators works efficiently with different container ecosystems to enable the promise of application virtualization.

To make it simpler, ACS is your Super Glue to gel your Azure infrastructure and your container orchestrator together. Means you will be able to make your fully managed container cluster in a matter of minutes with Azure.

ACS is for making your microservices dream come true, by providing individual services scale according to the demand and automatically reduce the scale, if usage is low. You don’t have to worry, ACS and your container orchestrator will take care of you.

If you are a beginner to container-based infrastructure for your applications, you don’t have to take the pain at all of setting up Kubernates on your own, instead, ACS will simplify your implementation with a couple of easier click thru’s and your container infrastructure is ready to be fully managed by you. As simple as that.

What is Azure Container Kubernates Service (AKS) then?

As I am writing today, Microsoft has a new fully managed PaaS service called as Azure Container Service (AKS) or Managed Kubernates, meaning that Kubernates would be your default fully managed container orchestrator, if you choose Azure Container Service. But you would be able to deploy other open-source container orchestrators if you prefer to choose to have your own unmanaged Kubernates, Docker or DC/OS and then add your specific management and monitoring tools.

This service is currently available in PUBLIC PREVIEW, you can get started from here

Means though it is a fully managed service, you still have the option to manage it your own using your preferred set of tools and orchestrators.

Charging Model

Whether you manage your AKS service with your own set of tools and orchestrator or you use Fully Managed Kubernates, you only need to pay for resources you consume. No need to worry about per-cluster charges like other providers.

Useful References: