AWS Open Source Blog

Optimized Support for Amazon EKS on Ubuntu 18.04

Note: This article was written and published in 2018, so instructions and links may be outdated.

The Canonical Public Cloud (CPC) team provides a prepared, ready-to-use version of the Ubuntu 18.04 ‘LTS’ release, Bionic, customized for use with the Amazon Elastic Container Service for Kubernetes (EKS). If you are currently an Ubuntu user, you are probably already very experienced (or at least experimenting) with applications platforms, and especially the Canonical Distribution of Kubernetes

Canonical has now fully integrated the EKS worker node requirements into their image build process for Ubuntu images. The Amazon EKS team provides packer scripts with the configuration details for anyone to use, and those scripts are available to you in the Amazon Web Services – Labs GitHub repository. If you want to investigate how EKS Worker Nodes are built, this is where improvements and requirements will be available for use, review, and reference.

The Canonical Public Cloud Team collaborated with the Amazon EKS team to integrate the requirements for worker nodes directly into their CI/CD pipelines, to produce an image that is fully consistent with the other official Ubuntu images that this CPC team provides. Canonical provides this official Ubuntu Amazon machine images (AMI) for use on Amazon EC2 instances of all types. While these particular EKS-optimized images are built on the official Minimal Ubuntu, the official Ubuntu images include all the currently supported Ubuntu/Long Term Support (LTS) releases, known as Ubuntu 14.04 or Trusty, Ubuntu 16.04 or Xenial, and, the most recent release, Ubuntu 18.04 or Bionic.

If you have been rolling your own worker node images manually, we recommend that you consider using the official images, to ensure that you can take advantage of the streamlined services that give you access to regional mirrors, and full integration of the requirements for each new stable release of Amazon EKS. The Canonical Public Cloud team tracks and updates these images with the same frequency as all the other images.

You can locate the CPC-provided images using the console links for the Oregon Region or the Virginia Region as mentioned in the Canonical Announcement, or from the command line using your preferred region (us-west-2 in the example) in the following AWS EC2 CLI command:

aws ec2 describe-images \
--filters "Name=owner-id,Values=099720109477" "Name=architecture,Values=x86_64" "Name=root-device-type,Values=ebs" "Name=virtualization-type,Values=hvm" \
--query 'Images[?contains(Name, `ubuntu-eks`)] | [?contains(Name, `testing`) == `false`] | [?contains(Name, `minimal`) == `false`] | [?contains(Name, `hvm-ssd`) == `true`] | sort_by(@, &CreationDate)| [-1].ImageId' \
--output text \
--region us-west-2

This aws-cli command uses some of the features of JMESPath (a query language for JSON built right into the aws-cli) in the query key:value parameters, to ensure that we have the latest image for our configuration. We use this to prevent discovering images that are older or for testing. [?contains(Name, `testing`) == `false`] prevents the consumption of testing images produced later than the most recent validated image. Piping the discovered values through the sort_by(@, &CreationDate) filter sorts the images from earliest to latest, so that we can then take the last AMI ID for the latest version available. The filters parameter contains the owner-id, also known as the account number, 099720109477. All official Ubuntu images are published to this account by the CPC team and shared to AWS Marketplace as well for increased searchability.

Canonical’s blog post includes links to the most current EKS images, as well as AWS Cloudformation templates corresponding to the ones published by the Amazon EKS team, but for use with the official Ubuntu images. These can be included in your configuration to optimize scalability. Use them as-is, or customize them to match your own performance and scalability expectations. From time to time, both Canonical and AWS will publish additional notifications. Here are the current versions for customer use today:

REGION Ubuntu EKS-Optimized AMI ID Ubuntu EKS-Optimized Cfn Templates
US-WEST-2 ami-6322011b amazon-eks-ubuntu-nodegroup.yaml
US-EAST-1 ami-06fd8200ac0eb656d amazon-eks-ubuntu-nodegroup.yaml

AWS Premium support jointly provides tier-1 and tier-2 support for Amazon EC2 customers running applications, and works directly with Canonical engineering when circumstances necessitate an upstream fix. If you discover any complications or issues in your deployments, you can rely on the collaborative efforts between Amazon and Canonical for action and attention to any issue affecting usablility or security. For Enterprise support directly from Canonical, we recommend that you review the APN blogpost on Canonical Enterprise Support for Ubuntu on AWS Marketplace or the official Ubuntu Advantage web portal.

Community support for Ubuntu worker nodes is also increasing in other collaborative projects. Support for the official Ubuntu Images for EKS is already included in Weaveworks’ eksctl roadmap (you can review the request in their issues). This might be a great place to make your first community contribution!

We’d also love to hear from you about other projects where you would like to see more flexibility and customization in how you define and use AWS services and features, including Amazon EKS.

It’s a pleasure to see the Ubuntu community using Amazon EKS. If you have a new feature idea that you would like to include in the official EKS Ubuntu images and templates, send us a request; we look forward to hearing more about your new use cases. Finally, we would like to hear more about how you are using these official Ubuntu images with Amazon EKS today.

David Duncan

David Duncan

David is a Principal Solutions Architect at Amazon Web Services. He works to ensure stable, secure, and consistent delivery for open source platform partners on Amazon EC2.