Launching Windows Nodes using AWS Management Console

To launch self-managed Windows nodes using the AWS management console, complete the following steps:

Procedure

  1. If you have created a new cluster, wait for your cluster status to change to ACTIVE. If you launch your Windows nodes before the cluster is active, the nodes fail to register with the cluster and you have to relaunch the nodes.
  2. Open the AWS CloudFormation console.
  3. Select Create stack.
  4. For Specify template, select Amazon S3 URL, copy the following URL and paste it into Amazon S3 URL: 
    https://s3.us-west-2.amazonaws.com/amazon-eks/cloudformation/2020-10-29/amazon-eks-windows-nodegroup.yaml
  5. Select Next twice.
  6. On the Quick create stack page, provide appropriate values for the following parameters:
    • Stack name: Choose a stack name for your AWS CloudFormation stack. For example, you can call it my-cluster-stack.
    • ClusterName: Enter the name of your Amazon EKS cluster.
    • ClusterControlPlaneSecurityGroup: Choose the security group from the AWS CloudFormation output that you generated when you created your VPC. To retrieve the applicable group, complete the following steps:
      1. Open the Amazon EKS console.
      2. Select the name of the cluster.
      3. Select the Networking tab.
      4. Use the Additional security groups value as a reference when selecting from the ClusterControlPlaneSecurityGroup dropdown list.
    • NodeGroupName: Enter a name for your node group. This name can be used later to identify the Auto Scaling node group that is created for your nodes. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 100 characters.
    • NodeAutoScalingGroupMinSize: Enter the minimum number of nodes that your node Auto Scaling group can scale in to (example: 6 nodes).
    • NodeAutoScalingGroupDesiredCapacity: Enter the desired number of nodes to scale to when your stack is created (example: 6 nodes).
    • NodeAutoScalingGroupMaxSize: Enter the maximum number of nodes that your node Auto Scaling group can scale out to (example: 7 nodes).
    • NodeInstanceType: Choose an instance type for your nodes. (example: m5.xlarge, 4 CPU core with 16 GB Memory).
    • NodeImageIdSSMParam: Pre-populated with the Amazon EC2 Systems Manager parameter of the current recommended Amazon EKS optimized Windows Core AMI ID. To use the full version of Windows, replace Core with Full.
    • NodeImageId: (Optional) If you are using your own custom AMI (instead of the Amazon EKS optimized AMI), enter a node AMI ID for your AWS Region. If you specify a value for this field, it overrides any values in the NodeImageIdSSMParam field.
    • NodeVolumeSize: Specify a root volume size for your nodes, in GB.
    • KeyName: Enter the name of an Amazon EC2 SSH key pair that you can use to connect using SSH into your nodes with after they launch. If you do not already have an Amazon EC2 key pair, you can create one in the AWS Management Console.
      Note: If you do not provide a key pair here, the AWS CloudFormation stack will not be created.
    • BootstrapArguments: Specify any optional arguments to pass to the node bootstrap script, such as extra kubelet arguments using -KubeletExtraArgs.
      Note: You can configure Amazon EKS optimized Windows AMIs to use containerd as a runtime. When using an AWS CloudFormation template to create Windows nodes, specify -ContainerRuntime containerd in a bootstrap argument to enable the containerd runtime.
    • DisableIMDSv1: By default, each node supports the Instance Metadata Service Version 1 (IMDSv1) and IMDSv2. You can disable IMDSv1. To prevent future nodes and pods in the node group from using MDSv1, set DisableIMDSv1 to TRUE.
    • VpcId: Select the ID for the VPC that you created.
    • NodeSecurityGroups: Select the security group that was created for your Linux node group when you created your VPC. If your Linux nodes have more than one security group attached to them, specify all of them. This is, for example, if the Linux node group was created with eksctl.
    • Subnets: Choose the subnets that you created.
  7. On the Configure stack options screen, click Next.
    Use an existing IAM role which has the necessary permission to execute the stack or else stack creation will fail.
  8. Acknowledge that the stack might create IAM resources, and then choose Create stack.
  9. IMPORTANT: When your stack has finished creating, select it in the console and choose Outputs.
  10. Record the NodeInstanceRole for the node group that was created. You need this when you configure your Amazon EKS Windows nodes.