How to Setup Amazon EC2 Linux-managed node group

Follow these steps to create your Amazon EC2 Linux-managed node group.

1. Create a node IAM role and associate it with the necessary Amazon EKS IAM controlled policy. The Amazon EKS node kubelet daemon is responsible for making requests to AWS APIs on behalf of the user. Through the use of an IAM instance profile and associated policies, nodes are granted permissions to make API calls.

1. Create a new file with the name node-role-trust-policy.json and paste the following contents into it.

{   
   "Version": "2012-10-17", 
  "Statement":  [     
       {       
         "Effect": "Allow", 
          "Principal":  {
              "Service": "ec2.amazonaws.com"
        }, 
        "Action": "sts:AssumeRole"
     }   
   ] 
}  

Create the node IAM role.

aws iam create-role \   --role-name myAmazonEKSNodeRole \   --assume-role-policy-document file://"node-role-trust-policy.json"

Attach the managed IAM policies that are required for the role.

aws iam attach-role-policy \
--policy-arn arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy \
--role-name myAmazonEKSNodeRole aws iam attach-role-policy \
--policy-arn arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly \
--role-name myAmazonEKSNodeRole aws iam attach-role-policy \
--policy-arn arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy \
--role-name myAmazonEKSNodeRole

2. Log in to the Amazon EKS console by going to https://console.aws.amazon.com/eks/home#/clusters

3. Choose a name for the cluster you built in the previous step. Step 1: Create your Amazon EKS cluster, such as my-cluster.

4. Perform the following actions on the my-cluster page:

1. Select the Configuration tab from the drop-down menu.
2.  Select the Compute tab from the drop-down menu.
3.  Select Add Node Group from the drop-down menu

5. Perform the following actions on the Configure Node Group page:

1. Name your managed node group by providing a different name, such as my-node group, in the Name field.
2.  In the Node IAM role name field, enter myAmazonEKSNodeRole, which you created in the previous step. We recommend that each node group has its own IAM role distinct from the others.
3. Select the Next option.

6. Accept the default values on the Set compute and scaling setup screen, and then click on the Next button.

7. Accept the default options on the Specify networking page and proceed to the next page.

8. Revisit your managed node group set up on the Review, create the page, and click the Create button.

9. After a few minutes, the Status in the Node Group settings area will change from Creating to Active, indicating that the group has been activated. Don’t go to the following step until the Status is changed to Active.