EKS Post-Installation Helper Utility
Automated post-deployment toolkit for Amazon EKS clusters, streamlining installation, validation, and management of critical Kubernetes components.
⚙️ The Problem: EKS Post-Deployment Complexity
After provisioning an Amazon EKS cluster, there's still a mountain of work to do before it's production-ready: monitoring, storage classes, ingress controllers, security tools, RBAC, and more — each requiring manual configuration and validation.
Hours of manual configuration for each new cluster
Different configurations across clusters lead to drift
Manual steps invite human errors and misconfigurations
Tribal knowledge required for proper setup
🚀 The Solution: Intelligent Automation
This project is a comprehensive intelligent automation toolkit that transforms the entire post-installation process for EKS clusters. It doesn't just run commands — it thinks through the process, making intelligent decisions at every step.
Auto-discovers cluster configuration, AWS account, region, node groups, and existing installations
Validates all dependencies, credentials, and cluster connectivity before any action
Skips already-installed components, upgrades outdated ones, and handles edge cases
Every component is automatically validated post-install with built-in health checks
The utility transforms a complex, multi-hour process into a repeatable, intelligent workflow that ensures every cluster is configured consistently and correctly — with zero manual intervention.
📦 Supported Components
- Datadog Agent
- Kube State Metrics
- Metrics Server
- EBS CSI Driver
- EFS CSI Driver
- Encrypted Storage Classes
- Kong Ingress (Internal/External)
- AWS Load Balancer Controller
- VPC CNI Plugin
- StackRox (RHACS)
- RBAC Configuration
- IAM Policies for S3
- Velero (Backup/DR)
- Cluster Autoscaler
- CoreDNS PDB
- Kubeconfig Generator
- Dependency Checker
- AWS Login Handler
🏛️ Script Architecture
The utility follows a modular architecture where each component has its own install and validation functions. This design allows for:
Each component is self-contained with install/validate/uninstall functions
Install only what you need: single apps, multiple apps, or all at once
Every component has validation logic to verify successful installation
Phase timeouts prevent indefinite hangs during deployment
✨ Key Features
Automatic AWS login via gimme-aws-creds, IAM role discovery, and region detection.
Validates kubectl, helm, jq, aws-cli, git, kustomize, and roxctl before execution.
Color-coded logging (info, warn, error, success) for clear visibility.
-i (install), -v (validate), -u (uninstall), -A (all apps), -n (specific apps).
Safe to run multiple times — detects existing installations and skips/upgrades.
Script validates it's running the latest version from master branch.
📄 Sample Configurations Managed
The utility manages complex Kubernetes configurations, including:
GP3 volumes with KMS encryption, WaitForFirstConsumer binding, and volume expansion
Full observability stack with APM, logs, process monitoring, and orchestrator explorer
Internal and external configurations with AWS ELB annotations and security groups
IRSA-enabled autoscaler with least-waste expander strategy
Custom network configurations with ENIConfig for secondary CIDR support
🏆 Benefits Achieved
Cluster post-install reduced from hours to minutes with automated processes.
Every cluster is configured identically, eliminating configuration drift.
Built-in validation catches issues immediately, not in production.
Easily manage dozens of clusters with the same tooling and standards.
Codified knowledge — any team member can provision production-ready clusters.
Modular design makes adding new components or updating existing ones simple.
KalpBot
AI Assistant
KalpOps AI