How to configure autoscaling for existing AWS EKS Cluster

The Cluster Autoscaler is essential for automatically adjusting the number of nodes in your cluster based on resource requirements and constraints.

Instructions

step-by-step guide:

Deploy Cluster Autoscaler

If the Cluster Autoscaler is not deployed, you'll need to deploy it to allow for dynamic node scaling based on resource requirements. Here's a simplified process to do so:

Get your EKS Cluster Name:

eksctl get cluster

Configure IAM OIDC Provider for EKS:

eksctl utils associate-iam-oidc-provider --region=<your-region> --name=<your-cluster-name> --approve

Create IAM Policy for Cluster Autoscaler: Name this policy as ca-iam-policy.json

{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Effect": "Allow",

            "Action": [

                "autoscaling:DescribeAutoScalingGroups",

                "autoscaling:DescribeAutoScalingInstances",

                "autoscaling:DescribeLaunchConfigurations",

                "autoscaling:DescribeTags",

                "autoscaling:SetDesiredCapacity",

                "autoscaling:TerminateInstanceInAutoScalingGroup",

                "ec2:DescribeLaunchTemplateVersions"

            ],

            "Resource": "*"

        }

    ]

}

Create the policy using the following command:

aws iam create-policy --policy-name AmazonEKSClusterAutoscalerPolicy --policy-document file://ca-iam-policy.json

Attach the Policy to Your Node IAM Role:

Replace <NodeInstanceRole> with your node's IAM role:

aws iam attach-role-policy --policy-arn arn:aws:iam::<account-id>:policy/AmazonEKSClusterAutoscalerPolicy --role-name <NodeInstanceRole>

The NodeInstanceRole is the IAM role that's attached to your EKS worker nodes. Here's how you can retrieve it:

eksctl get iamidentitymapping --region <your-region> --name <your-cluster-name>

Look for the RoleARN in the output, and the role name is the final part of the ARN after the last /.

For example:

eksctl get iamidentitymapping --region ap-south-1 --name unified-dev

Flag --name has been deprecated, use --cluster

Here unified-dev20230314050701738200000018 is the NodeInstanceRole

ARN USERNAME GROUPS ACCOUNT

arn:aws:iam::349271159511:role/unified-dev20230314050701738200000018 system:node:{{EC2PrivateDNSName}} system:bootstrappers,system:nodes

Deploy Cluster Autoscaler:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/autoscaler/master/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-autodiscover.yaml

Edit the Cluster Autoscaler Deployment:

kubectl -n kube-system edit deployment.apps/cluster-autoscaler

Find the line with the command field and modify the --node-group-auto-discovery flag to reflect your EKS cluster name:

--node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled,k8s.io/cluster-autoscaler/<YOUR_CLUSTER_NAME>

Ensure that Cluster Autoscaler is Configured to Discover ASGs:

Cluster Autoscaler should be configured to automatically discover ASGs tagged with specific tags. Ensure your ASGs have the correct tags:

k8s.io/cluster-autoscaler/enabled

k8s.io/cluster-autoscaler/<YOUR CLUSTER NAME>

Make sure the CA deployment contains:
--cloud-provider=aws

--node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled,k8s.io/cluster-autoscaler/<YOUR CLUSTER>

Highlight important information in a panel like this one. To edit this panel's color or style, select one of the options in the menu.

DevOps

How to configure autoscaling for existing AWS EKS Cluster

Related articles

Related content