Skip to content
Learni
View all tutorials
Cloud & DevOps

How to Deploy an Amazon EKS Cluster in 2026

18 minINTERMEDIATE
AWSAmazon EKSKubernetes
Lire en français

Introduction

Amazon EKS lets you manage Kubernetes clusters without worrying about the control plane infrastructure. In 2026, companies demand secure, scalable, and automated deployments. This tutorial walks you through creating a production-ready EKS cluster, configuring VPC networking, and deploying a real application. You'll learn to use eksctl for quick provisioning and Terraform for infrastructure as code. Each step includes practical, working examples.

Prerequisites

  • AWS account with administrator IAM permissions
  • AWS CLI v2 installed and configured
  • eksctl version 0.180+
  • Terraform 1.7+
  • kubectl and Docker
  • Basic knowledge of Kubernetes and AWS VPC

Installing the Tools

install-tools.sh
#!/bin/bash
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

curl -LO "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz"
tar -xzf eksctl_*.tar.gz
sudo mv eksctl /usr/local/bin

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

This script installs AWS CLI, eksctl, and kubectl. Run it on a Linux machine or via WSL. Verify the versions after installation to avoid incompatibilities with the 2026 EKS APIs.

Creating the Cluster with eksctl

cluster.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: production-eks
  region: eu-west-3
  version: "1.31"
vpc:
  cidr: 10.0.0.0/16
managedNodeGroups:
- name: general
  instanceType: m6i.large
  desiredCapacity: 3
  minSize: 2
  maxSize: 6
  volumeSize: 100
  privateNetworking: true
  iam:
    withAddonPolicies:
      albIngress: true
      cloudWatch: true

This YAML file defines an EKS 1.31 cluster with private nodes and IAM policies for ALB and CloudWatch. Use eksctl create cluster -f cluster.yaml to deploy it.

Deploying the Cluster

deploy-cluster.sh
eksctl create cluster -f cluster.yaml --verbose 4

# Vérification
aws eks update-kubeconfig --region eu-west-3 --name production-eks
kubectl get nodes

The eksctl command provisions the cluster, subnets, and IAM roles. Updating kubeconfig allows you to manage the cluster from your terminal.

Terraform VPC Configuration

vpc.tf
module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "5.8.1"
  name = "eks-vpc"
  cidr = "10.0.0.0/16"
  azs             = ["eu-west-3a", "eu-west-3b", "eu-west-3c"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
  enable_nat_gateway = true
  single_nat_gateway = false
  tags = {
    "kubernetes.io/cluster/production-eks" = "shared"
  }
}

This Terraform module creates an EKS-optimized VPC with private subnets and NAT gateways. It meets high-availability requirements.

Deploying an Application

deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: web
  template:
    metadata:
      labels:
        app: web
    spec:
      containers:
      - name: nginx
        image: nginx:1.25
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: web-service
spec:
  selector:
    app: web
  ports:
  - port: 80
  targetPort: 80
  type: ClusterIP

This Kubernetes manifest deploys 3 Nginx replicas with a ClusterIP service. Apply it with kubectl apply -f deployment.yaml after configuring the cluster.

Best Practices

  • Use managed node groups with Graviton instances to reduce costs
  • Always enable private networking and restrictive security groups
  • Implement Pod Identity instead of IAM roles for service accounts
  • Enable EKS add-ons (CoreDNS, kube-proxy, VPC CNI) via eksctl
  • Configure pod disruption budgets for critical workloads

Common Errors

  • Forgetting to tag subnets with kubernetes.io/cluster/* causes creation failures
  • Using public subnets without NAT gateways blocks pulls of private images
  • Neglecting to update kubectl to a version compatible with EKS 1.31
  • Not enabling IAM policies for ALB and CloudWatch add-ons

Going Further

Explore our advanced Kubernetes and AWS training: https://learni-group.com/formations. Also check out Terraform modules for EKS and GitOps strategies with ArgoCD.