Show HN: Faster local AWS EKS access

3 months ago 1

This is a script that is used to speed up kubectl when using AWS EKS. This works by caching the eks token from AWS. The speed increase for a simple kubectl get pods is ~73%. It's really noticeable.

The default way is to use aws eks get-token command, but it is not cached and it is not very fast. It's slow because:

  1. Every kubectl command will do a aws eks get-token which makes an api call to AWS
  2. aws is python. When running kubectl in a script, you can very clearly see how much performance is lost generating tokens for each kubectl invocation in Activity Monitor.

Here is a quick comparison before and after

  1. Clone repo
  2. cd into the repo and chmod +x cached-aws-eks-token.sh. Necessary as git clone removes the executable flag from files.
  3. Simply replace the command: aws with command: ../cache-eks-token/cached-aws-eks-token.sh in your ~/.kube/config files.
    1. The command might differ based on where you placed the script.

Important

Remember to update your kubeconfig with the above script whenever you create a new kubeconfig or use aws eks update-kubeconfig to generate/update as it will replace it back with command: aws, wasting time in your life :)

This script will caches the token generated by aws eks get-token in a file based on cluster name in the $HOME/.kube/cache directory. AWS issues token for at-most 15 mins. This script will check the expiry and return existing token if it's till valid. The token will be refreshed if it's expiring within 30 seconds.

  1. Unable to connect to the server: getting credentials: exec: ... permission denied
    1. simply run chmod +x cached-aws-eks-token.sh
  2. If error like Unable to connect to the server: getting credentials: ... no such file or directory
    1. Make sure to make the command path is relative to wherever the script exists. You can use ../ in the command to move up directories.
  3. Failed conversion of ``'' using format ``%Y-%m-%dT%H:%M:%SZ''
    1. Happens when unable to get the date from the cache file. Try deleing the token cache files from $HOME/.kube/cache
    2. The cache file generated by the script should looks like this
      { "kind": "ExecCredential", "apiVersion": "client.authentication.k8s.io/v1beta1", "spec": {}, "status": { "expirationTimestamp": "2025-07-20T17:38:15Z", "token": "k8s-aws-v1.<token>" } }
  1. jq brew install jq
Read Entire Article
  1. Homepage
  2. Technology
  3. Show HN: Faster local AWS EKS access

Related

Poland signs largest ever rail deal to buy 42 double-decker trains

Poland signs largest ever rail deal to buy 42 double-decker ...

31 minutes ago 1
Hochul Urged to Ban Horseshoe Crab Fishing

Hochul Urged to Ban Horseshoe Crab Fishing

33 minutes ago 1
Ask HN: Anyone else hate the GitHub Android app

Ask HN: Anyone else hate the GitHub Android app

38 minutes ago 1
Hostinger Web Hosting