Step by step EKS setup with ECR uploads and Kubernetes deployment for CI CD
If you want to stop pretending that Kubernetes is magic and actually ship an app to Amazon EKS on AWS, this guide is for you. You will provision a cluster, build and push Docker images to ECR, deploy Kubernetes Deployment and Service manifests with kubectl, and then clean up before AWS charges you for eternal regret.
Prepare your local environment
Install the usual suspects on your workstation: AWS CLI, eksctl, kubectl, and Docker. Configure a profile with aws configure and set your default region. Make sure Docker can build images and that kubectl can talk to a cluster if one is present.
Quick checklist
- AWS CLI configured with credentials and a default region
- eksctl installed for easy cluster creation
- kubectl installed for interacting with Kubernetes
- Docker running for image builds and pushes
Create an EKS cluster with eksctl
eksctl is the fast lane for EKS. One command can create the control plane and a managed node group without you writing a CloudFormation epic.
eksctl create cluster --name demo --region us-west-2 --nodes 2Wait a few minutes for node registration. Then confirm nodes are visible with kubectl get nodes. If kubectl looks confused, check your kubeconfig and aws credentials.
Build and push Docker images to ECR
Create an ECR repository if you do not already have one. Then build your image and tag it for the repository. You can rely on the default tag if you want to avoid tag drama.
aws ecr create-repository --repository-name myapp
aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-west-2.amazonaws.com
docker build -t 123456789012.dkr.ecr.us-west-2.amazonaws.com/myapp .
docker push 123456789012.dkr.ecr.us-west-2.amazonaws.com/myappStore the registry URI somewhere safe, because you will need it in your Kubernetes manifests. That URI is the link between your CI CD pipeline and the cluster.
Deploy Kubernetes manifests with kubectl
Create a Deployment that references the pushed image and a Service to expose it. Keep manifests small and sensible so you can actually debug them when things go sideways.
# deployment.yaml
apiVersion v1
kind Deployment
metadata
name myapp-deployment
spec
replicas 2
selector
matchLabels
app myapp
template
metadata
labels
app myapp
spec
containers
- name myapp
image 123456789012.dkr.ecr.us-west-2.amazonaws.com/myapp
ports
- containerPort 80
# service.yaml
apiVersion v1
kind Service
metadata
name myapp-service
spec
type LoadBalancer
selector
app myapp
ports
- port 80
targetPort 80Apply the manifests with kubectl apply -f deployment.yaml and kubectl apply -f service.yaml. Watch pods spin up with kubectl get pods and inspect logs with kubectl logs for fast failure analysis.
Expose and verify your service
For quick testing use kubectl port-forward or check the LoadBalancer external IP in the AWS console. If you prefer the terminal, run curl against the external IP or port forward locally and open the app in a browser.
kubectl port-forward svc/myapp-service 8080 80
# then in another shell
curl 127.0.0.1 8080Common troubleshooting tips
- If pods are not scheduling inspect events with kubectl describe pod
- If images fail to pull check ECR permissions and registry URI
- If health checks fail check container logs with kubectl logs
Clean up when you are done
Do not be that person who forgets to delete the cluster and wakes up to a bill. Remove the cluster and any unneeded ECR repositories when you are finished.
eksctl delete cluster --name demo --region us-west-2
aws ecr delete-repository --repository-name myapp --forceFinal notes on CloudNative practices
This flow is the backbone of many CI CD pipelines. Use immutable image tags in real pipelines, automate ECR pushes from your CI system, and make manifests part of your source repo. Kubernetes will still be opinionated, but at least you can be calm and prepared when it complains.
Now go deploy something slightly heroic and then clean it up before your credit card cries.