How to Visualize all our Kubernetes clusters in one place with Amazon EKS Connector ?

With Amazon EKS Connector, we can use to register and connect any conformant Kubernetes cluster to AWS and visualize it in the Amazon EKS console. After a cluster is connected, we can see the status, configuration, and workloads for that cluster in the Amazon EKS console.

We can use this feature to view connected clusters in Amazon EKS console, but we can't manage them. The Amazon EKS Connector is also an open source project on Github.

The Amazon EKS Connector can connect the following types of Kubernetes clusters to Amazon EKS.

• On-premises Kubernetes clusters
• Self-managed clusters that are running on Amazon EC2
• Managed clusters from other cloud providers

AWS also added support for connected cluster tagging and Kubernetes version display on the EKS console. Registering a cluster is now easier with fewer steps as theyve automated the Service Linked Role creation.

Amazon EKS Connector considerations

Before we use Amazon EKS Connector, understand the following:

• We must have administrative privileges to the Kubernetes cluster to connect the cluster to Amazon EKS.
• The Kubernetes cluster must have Linux 64-bit (x86) worker nodes present before connecting. ARM worker nodes aren't supported.
• We must have worker nodes in our Kubernetes cluster that have outbound access to the ssm. and ssmmessages. Systems Manager endpoints. For more information, see Systems Manager endpoints in the AWS General Reference.
• By default, we can connect up to 10 clusters in a Region. We can request an increase through the service quota console. See Requesting a quota increase for more information.
• Only the Amazon EKS RegisterCluster, ListClusters, DescribeCluster, and DeregisterCluster APIs are supported for external Kubernetes clusters.

We must have the following permissions to register a cluster:

• eks:RegisterCluster
• ssm:CreateActivation
• ssm:DeleteActivation
• iam:PassRole

We must have the following permissions to deregister a cluster:

• eks:DeregisterCluster
• ssm:DeleteActivation
• ssm:DeregisterManagedInstance

Required IAM roles for Amazon EKS Connector

Using the Amazon EKS Connector requires the following two IAM roles:

• The Amazon EKS Connector service-linked role is created when we register the cluster.
• The Amazon EKS Connector agent IAM role must be created manually. See Amazon EKS connector IAM role for details.

To enable cluster and workload view permission for another user, we must apply the eks-connector and Amazon EKS Connector cluster roles to our cluster. Follow the steps in Granting access to a user to view Kubernetes resources on a cluster.

Thanks for reading my article till end. I hope you learned something special today. If you enjoyed this article then please share to your friends and if you have suggestions or thoughts to share with me then please write in the comment box.