Prerequisites
Question
You lead a team to use Kubernetes to develop some microservices in the local server and data center.
To align with the company's strategy to move to the AWS cloud, you need to consider the possibilities of migrating the projects that your team is working on.
You think that Amazon Elastic Container Service for Kubernetes (Amazon EKS) is a good candidate.
In order to start using EKS properly, which prerequisites must be met? (Select TWO)
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - C, D.
In order to use the EKS service properly, some prerequisites must be met, which is mentioned in https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html.
Option A is incorrect because EKS can pull Docker images from ECR or any other container registries, such as Docker Hub.
Option B is incorrect because using Route53 alone will not help to access the cluster.
In addition to standard Amazon EKS permissions, your IAM user or role must have route53:AssociateVPCWithHostedZone permissions to enable the cluster's endpoint private access.
Refer to page 41 on the below link under the 'Note' section.
https://docs.aws.amazon.com/eks/latest/userguide/eks-ug.pdfOption C is correct because Amazon EKS needs the IAM role to create AWS resources such as a load balancer.
Option D is correct because EKS has also provided a CloudFormation template to provide a suitable VPC for the EKS cluster.
The link https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html contains the instructions on how to create the cluster VPC for EKS.
Sure, I'd be happy to explain!
To start using Amazon Elastic Container Service for Kubernetes (Amazon EKS) properly, there are two prerequisites that must be met:
All related container images are registered in Amazon ECR since EKS can only pull Docker images from ECR. Amazon ECR is a fully-managed Docker container registry that makes it easy to store, manage, and deploy Docker container images. Amazon EKS can only pull Docker images from Amazon ECR, so all container images must be registered there before they can be used in an EKS cluster. This means that you need to have all your container images built and stored in Amazon ECR before you can start using EKS.
An IAM EKS service role should be created to allow Amazon EKS to manage clusters on your behalf. When you create an Amazon EKS cluster, you need to specify an IAM role that Amazon EKS can assume to create and manage resources on your behalf. This role is called the "IAM EKS service role," and it allows Amazon EKS to create and manage resources such as Amazon EC2 instances, load balancers, and security groups. Without this role, Amazon EKS cannot create or manage any resources on your behalf.
In addition to the above prerequisites, there are other considerations to take into account when setting up an EKS cluster, such as:
A VPC exists for the EKS cluster to use: An Amazon EKS cluster must be created within a Virtual Private Cloud (VPC). The VPC provides the network infrastructure for your cluster, and you need to have a VPC set up before you can create an EKS cluster.
A Route53 should be in place for Amazon EKS to route internet traffic among various public subnets: Amazon EKS can be used to deploy Kubernetes applications across multiple Availability Zones, and you need to set up a Route53 DNS record to route traffic to your cluster's endpoints. This is only necessary if you plan to expose your Kubernetes services to the public internet.
I hope this helps! Let me know if you have any further questions.
