How Do I Assign Elastic IP Addresses to EKS Pods Using VPC CNI?

Introduction

Assigning Elastic IP addresses to Amazon EKS (Elastic Kubernetes Service) Pods is a valuable technique that enables direct internet access for your applications while maintaining a static IP allocation. This guide provides a comprehensive walkthrough on how to configure the Amazon VPC CNI (Container Network Interface) plugin to facilitate this process. By following the steps outlined in this document, you will be able to enhance your EKS Pods with Elastic IPs, improving accessibility and reliability.

Step-by-Step Explanation

To assign Elastic IP addresses to EKS Pods using the Amazon VPC CNI plugin, follow these steps:

1. Create a VPC: Start by creating a Virtual Private Cloud (VPC) that will host your EKS cluster.
2. Create Subnets: Define subnets within your VPC to provide network segmentation for your resources.
3. Set Up the EKS Cluster: Create an EKS cluster and configure the VPC CNI plugin to allow the assignment of Elastic Network Interfaces (ENIs) to your Pods.
4. Create an Elastic IP: Allocate an Elastic IP address that will be associated with the ENI of a Pod.
5. Associate the Elastic IP: Link the Elastic IP to the ENI of the Pod to enable internet access.

Below is a Pulumi program in TypeScript that demonstrates how to create an EKS cluster and configure the VPC CNI plugin to assign Elastic IPs to Pods.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as eks from "@pulumi/eks";

// Create a VPC for our EKS cluster
const vpc = new aws.ec2.Vpc("vpc", {
    cidrBlock: "10.0.0.0/16",
    enableDnsHostnames: true,
    enableDnsSupport: true,
});

// Create subnets for our VPC
const subnet = new aws.ec2.Subnet("subnet", {
    vpcId: vpc.id,
    cidrBlock: "10.0.1.0/24",
    availabilityZone: "us-west-2a",
});

// Create an EKS cluster
const cluster = new eks.Cluster("eksCluster", {
    vpcId: vpc.id,
    subnetIds: [subnet.id],
    instanceType: "t2.medium",
    desiredCapacity: 2,
    minSize: 1,
    maxSize: 3,
    vpcCniOptions: {
        enablePodEni: true, // Enable the assignment of ENIs to pods
    },
});

// Create an Elastic IP
const eip = new aws.ec2.Eip("eip", {
    vpc: true,
});

// Associate the Elastic IP with the ENI of a pod
const eni = new aws.ec2.NetworkInterface("eni", {
    subnetId: subnet.id,
    privateIps: [eip.privateIp],
});

const eipAssociation = new aws.ec2.EipAssociation("eipAssociation", {
    allocationId: eip.id,
    networkInterfaceId: eni.id,
});

// Export the cluster's kubeconfig
export const kubeconfig = cluster.kubeconfig;

In this program, we:

1. Create a VPC and a subnet.
2. Create an EKS cluster with the VPC CNI plugin configured to enable the assignment of ENIs to Pods.
3. Create an Elastic IP and associate it with the ENI of a Pod.

Key Points

• Elastic IPs: These are static IP addresses that can be associated with your EKS Pods, providing consistent access points.
• VPC CNI Plugin: This plugin allows Pods to use secondary IP addresses from the VPC, enabling them to be assigned Elastic IPs.
• Direct Internet Access: By assigning Elastic IPs, Pods can gain direct access to the internet, which is essential for certain applications.

Conclusion

In summary, assigning Elastic IP addresses to EKS Pods using the Amazon VPC CNI plugin is a straightforward process that enhances your application’s connectivity and reliability. By following the steps outlined above, you can successfully configure your EKS environment to utilize Elastic IPs, ensuring that your Pods can communicate effectively with the outside world. This setup not only improves accessibility but also provides a level of stability that is crucial for production workloads.