Efficient Kubernetes Autoscaling with Karpenter on Amazon EKS

Introduction

As modern applications grow increasingly dynamic and demand-driven, managing Kubernetes infrastructure efficiently has become critical. While traditional autoscaling tools like Cluster Autoscaler have served well, they often come with limitations in terms of responsiveness and flexibility. This is where Karpenter, an open-source project developed by AWS, comes into the picture.

Karpenter is a high-performance, flexible, and cost-efficient node provisioning system that automatically launches just the right compute resources for Kubernetes workloads. It is designed to work directly with the Kubernetes scheduler and make real-time decisions based on actual pod requirements. This guide provides a comprehensive walkthrough for installing and configuring Karpenter on an Amazon EKS cluster, along with a compatibility matrix and frequently asked questions.

Pioneers in Cloud Consulting & Migration Services

Reduced infrastructural costs
Accelerated application deployment

Get Started

Compatibility Matrix

The following table outlines the compatible versions of essential components required for a successful Karpenter deployment in an Amazon EKS environment:

table

Prerequisites

Before beginning the installation process, ensure the following tools and configurations are in place:

A running Amazon EKS Cluster
AWS CLI configured with appropriate permissions
kubectl, eksctl, and helm installed and configured
An initial worker node group to support Karpenter and system workloads
Necessary IAM permissions to create roles and policies

Step-by-Step Installation Guide

Step 1: Create an AWS IAM Role for the Karpenter
Karpenter requires an AWS IAM role with permissions to launch and terminate Amazon EC2 instances. Create the role using the following commands:

KARPENTER_IAM_ROLE_NAME="KarpenterControllerRole" CLUSTER_NAME="your-cluster-name" AWS_REGION="us-east-1" ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
eksctl create iamserviceaccount 
--cluster $CLUSTER_NAME 
--name karpenter 
--namespace karpenter 
--attach-policy-arn arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy 
--attach-policy-arn arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly 
--attach-policy-arn arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy 
--role-name "$KARPENTER_IAM_ROLE_NAME" 
--approve 
--region $AWS_REGION

KARPENTER_IAM_ROLE_NAME="KarpenterControllerRole" CLUSTER_NAME="your-cluster-name" AWS_REGION="us-east-1" ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)

eksctl create iamserviceaccount

--cluster $CLUSTER_NAME

--name karpenter

--namespace karpenter

--attach-policy-arn arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy

--attach-policy-arn arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly

--attach-policy-arn arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy

--role-name "$KARPENTER_IAM_ROLE_NAME"

--approve

--region $AWS_REGION

Step 2: Add Karpenter Helm Repository

Add and update the Helm repository to fetch the latest chart:

helm repo add karpenter https://charts.karpenter.sh
helm repo update

1 2	helm repo add karpenter https://charts.karpenter.sh helm repo update

Step 3: Create the Karpenter Namespace

kubectl create namespace karpenter

1	kubectl create namespace karpenter

Step 4: Install Karpenter Using Helm
Install Karpenter in the newly created namespace:

helm upgrade --install karpenter karpenter/karpenter \
  --namespace karpenter \
  --set serviceAccount.create=false \
  --set serviceAccount.name=karpenter \
  --set controller.clusterName=$CLUSTER_NAME \
  --set controller.clusterEndpoint=$(aws eks describe-cluster --name $CLUSTER_NAME --query "cluster.endpoint" --output text) \
  --set controller.aws.defaultInstanceProfile=KarpenterNodeInstanceProfile-$CLUSTER_NAME

helm upgrade --install karpenter karpenter/karpenter \

--namespace karpenter \

--set serviceAccount.create=false \

--set serviceAccount.name=karpenter \

--set controller.clusterName=$CLUSTER_NAME \

--set controller.clusterEndpoint=$(aws eks describe-cluster --name $CLUSTER_NAME --query "cluster.endpoint" --output text) \

--set controller.aws.defaultInstanceProfile=KarpenterNodeInstanceProfile-$CLUSTER_NAME

Step 5: Define a Provisioner
Create a basic Provisioner resource to instruct Karpenter on how to launch nodes:

apiVersion: karpenter.sh/v1alpha5
kind: Provisioner
metadata:
  name: default
spec:
  requirements:
    - key: "node.kubernetes.io/instance-type"
      operator: In
      values: ["t3.medium", "t3.large"]
  providerRef:
    name: default
  ttlSecondsAfterEmpty: 30

apiVersion: karpenter.sh/v1alpha5

kind: Provisioner

metadata:

spec:

requirements:

- key: "node.kubernetes.io/instance-type"

operator: In

values: ["t3.medium", "t3.large"]

providerRef:

ttlSecondsAfterEmpty: 30

Apply the configuration:

kubectl apply -f provisioner.yaml

1	kubectl apply -f provisioner.yaml

Step 6: Install Karpenter Using Helm
Install Karpenter in the newly created namespace:

helm upgrade --install karpenter karpenter/karpenter \
  --namespace karpenter \
  --set serviceAccount.create=false \
  --set serviceAccount.name=karpenter \
  --set controller.clusterName=$CLUSTER_NAME \
  --set controller.clusterEndpoint=$(aws eks describe-cluster --name $CLUSTER_NAME --query "cluster.endpoint" --output text) \
  --set controller.aws.defaultInstanceProfile=KarpenterNodeInstanceProfile-$CLUSTER_NAME

helm upgrade --install karpenter karpenter/karpenter \

--namespace karpenter \

--set serviceAccount.create=false \

--set serviceAccount.name=karpenter \

--set controller.clusterName=$CLUSTER_NAME \

--set controller.clusterEndpoint=$(aws eks describe-cluster --name $CLUSTER_NAME --query "cluster.endpoint" --output text) \

--set controller.aws.defaultInstanceProfile=KarpenterNodeInstanceProfile-$CLUSTER_NAME

Step 7: Define a Provisioner
Create a basic Provisioner resource to instruct Karpenter on how to launch nodes:

apiVersion: karpenter.sh/v1alpha5
kind: Provisioner
metadata:
  name: default
spec:
  requirements:
    - key: "node.kubernetes.io/instance-type"
      operator: In
      values: ["t3.medium", "t3.large"]
  providerRef:
    name: default
  ttlSecondsAfterEmpty: 30

apiVersion: karpenter.sh/v1alpha5

kind: Provisioner

metadata:

spec:

requirements:

- key: "node.kubernetes.io/instance-type"

operator: In

values: ["t3.medium", "t3.large"]

providerRef:

ttlSecondsAfterEmpty: 30

Apply the configuration:

kubectl apply -f provisioner.yaml

1	kubectl apply -f provisioner.yaml

Step 8: Configure the EC2NodeClass Resource

This defines the underlying infrastructure configuration for node provisioning:

apiVersion: karpenter.k8s.aws/v1alpha1
kind: EC2NodeClass
metadata:
  name: default
spec:
  amiFamily: AL2
  role: KarpenterNodeRole-<CLUSTER_NAME>
  subnetSelectorTerms:
    - tags:
        karpenter.sh/discovery: <CLUSTER_NAME>
  securityGroupSelectorTerms:
    - tags:
        karpenter.sh/discovery: <CLUSTER_NAME>

apiVersion: karpenter.k8s.aws/v1alpha1

kind: EC2NodeClass

metadata:

spec:

amiFamily: AL2

role: KarpenterNodeRole-<CLUSTER_NAME>

subnetSelectorTerms:

- tags:

karpenter.sh/discovery: <CLUSTER_NAME>

securityGroupSelectorTerms:

- tags:

karpenter.sh/discovery: <CLUSTER_NAME>

Apply the configuration, replacing <CLUSTER_NAME> with your cluster name.

Step 9: Validate the Installation

To test whether Karpenter is operational, deploy a sample application that exceeds the capacity of the current node group:

kubectl create deployment inflate --image=nginx --replicas=10

1	kubectl create deployment inflate --image=nginx --replicas=10

Karpenter should automatically provision new nodes to meet the resource demand.

Best Practices

Always tag your VPC subnets and security groups with karpenter.sh/discovery: <CLUSTER_NAME>.

Monitor Karpenter’s controller logs to troubleshoot issues:

kubectl logs -n karpenter -l app.kubernetes.io/name=karpenter -f

1	kubectl logs -n karpenter -l app.kubernetes.io/name=karpenter -f

For cost optimization, configure Spot Instances using capacityType: spot.

Enable node consolidation to reduce resource fragmentation.

Conclusion

Karpenter represents a significant advancement in how Kubernetes clusters are scaled and managed on AWS. By eliminating the need for static node groups and enabling rapid, on-demand provisioning based on actual workload requirements, it delivers a highly responsive and cost-efficient solution for dynamic environments.

Its seamless integration with Amazon EKS and support for On-Demand and Spot Instances empower organizations to optimize infrastructure usage without compromising performance or reliability.

As cloud-native workloads evolve, tools like Karpenter are essential for achieving scalability, automation, and operational efficiency. By following the installation steps and best practices outlined in this guide, you can leverage Karpenter to enhance your Kubernetes deployment strategy and future-proof your infrastructure against the challenges of tomorrow.

Drop a query if you have any questions regarding Amazon EKS and we will get back to you quickly.

Empowering organizations to become ‘data driven’ enterprises with our Cloud experts.

Reduced infrastructure costs
Timely data-driven decisions

Get Started

About CloudThat

CloudThat is an award-winning company and the first in India to offer cloud training and consulting services worldwide. As a Microsoft Solutions Partner, AWS Advanced Tier Training Partner, and Google Cloud Platform Partner, CloudThat has empowered over 850,000 professionals through 600+ cloud certifications winning global recognition for its training excellence including 20 MCT Trainers in Microsoft’s Global Top 100 and an impressive 12 awards in the last 8 years. CloudThat specializes in Cloud Migration, Data Platforms, DevOps, IoT, and cutting-edge technologies like Gen AI & AI/ML. It has delivered over 500 consulting projects for 250+ organizations in 30+ countries as it continues to empower professionals and enterprises to thrive in the digital-first world.

FAQs

1. How does Karpenter differ from Cluster Autoscaler?

ANS: – Karpenter directly interacts with the Kubernetes scheduler, making decisions in real-time based on pod requirements. It does not rely on predefined node groups and is more responsive than Cluster Autoscaler.

2. Is retaining a managed node group necessary after deploying Karpenter?

ANS: – Yes, initially. A managed node group, including Karpenter, must run core system services. Once operational, Karpenter can handle all subsequent node provisioning.

3. Can Karpenter provision both Spot and On-Demand instances?

ANS: – Yes. Karpenter can dynamically launch both Spot and On-Demand EC2 instances by defining appropriate instance requirements in the Provisioner specification.

WRITTEN BY Deepakraj A L

Deepakraj A L works as a Research Intern at CloudThat. He is learning and gaining practical experience in AWS and Azure. Deepakraj is also passionate about continuously expanding his skill set and knowledge base by actively seeking opportunities to learn new skills. Deepakraj regularly explores blogs and articles related to various programming languages, technologies, and industry trends to stay up to date with the latest development in the field.