Table of contents
Introduction:
Kubernetes has become the de facto standard for container orchestration, providing a scalable and resilient platform for deploying and managing containerized applications. Kops (Kubernetes Operations) is a powerful tool that simplifies the process of creating and managing Kubernetes clusters on Amazon Web Services (AWS). In this blog, we will walk you through the step-by-step process of creating a Kubernetes cluster on AWS using Kops.
REQUIREMENTS :
Linux machine (ubuntu)
AWS account
kops binary (Kubernetes cluster initiate)
kubectl binary (Kubernetes deployments)
KOPS BINARY SETUP :
curl -Lo kops https://github.com/kubernetes/kops/releases/download/$(curl -s https://api.github.com/repos/kubernetes/kops/releases/latest | grep tag_name | cut -d '"' -f 4)/kops-linux-amd64
chmod +x ./kops
sudo mv ./kops /usr/local/bin/
KUBECTL BINARY SETUP :
curl -Lo kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
SETUP IAM USER (kops access aws resources) :
This is AWS CLI commands working methods. kindly configure aws-cli packages in your Linux machines.
In order to build clusters within AWS we'll create a dedicated IAM user for Kops. This user requires API credentials in order to use Kops. Create the user, and credentials, using the AWS console.
The Kops user will require the following IAM permissions to function properly:
AmazonEC2FullAccess
AmazonRoute53FullAccess
AmazonS3FullAccess
IAMFullAccess
AmazonVPCFullAccess
You can create the kops IAM user from the command line using the following:
aws iam create-group --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonEC2FullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonRoute53FullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/IAMFullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonVPCFullAccess --group-name kops
aws iam create-user --user-name kops
aws iam add-user-to-group --user-name kops --group-name kops
aws iam create-access-key --user-name kops
You should record the SecretAccessKey and AccessKeyID in the returned JSON output, and then use them below:
configure the aws client to use your new IAM user :
aws configure # Use your new access and secret key here
aws iam list-users # you should see a list of all your IAM users here
Notes:
Because "aws configure" doesn't export these vars for Kops to use, we export them now
export AWS_ACCESS_KEY_ID=$(aws configure get aws_access_key_id)
export AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)
Cluster Type:
1. single node cluster
- Multinode cluster
DNS Kubernetes type:
single node cluster means not needing any DNS entry it takes the default machine DNS record. The only requirement to trigger this is to have the cluster name end with .k8s.local.
Multinode cluster means it acts Loadbalancer type. Loadbalancer means it needs a single entry point to reach this cluster's master nodes. we need to prepare somewhere to build the required DNS records. (use route 53 DNS record)
Cluster State storage:
In order to store the state of your cluster, and the representation of your cluster, we need to create a dedicated S3 bucket for Kops to use. This bucket will become the source of truth for our cluster configuration. In this guide, we'll call this bucket awsdemo, but you should add a custom prefix as bucket names need to be unique.
aws s3api create-bucket --bucket awsdamo --region us-east-1
aws s3api put-bucket-versioning --bucket awsdemo --versioning-configuration Status=Enabled
nodes authentication methods:
create ssh-key for machines
ssh-keygen
Creating your first cluster:
Prepare local environment (Multimaster types)
We're ready to start creating our first cluster! Let's first set up a few environment variables to make this process easier.
export NAME=aws.damo.com
export KOPS_STATE_STORE=s3://awsdamo
Note:
You don’t have to use environmental variables here. You can always define the values using the –name and –state flags later.
kops create cluster --zones us-east-1a ${NAME}
kops create secret ${NAME} sshpublickey admin -i ~/.ssh/id_rsa.pub (Optional)
if choose multiple availability zones
kops create cluster --zones us-east-1a,east-1b ${NAME}
kops cluster details and initiate mechanism:
LIST CLUSTER DETAILS
kops get cluster
EDIT CLUSTER
kops edit cluster damo.k8s.local
EDIT INSTANCE NODE GROUP
kops edit ig --name=damo.k8s.local nodes
EDIT MASTER INSTANCE GROUP
kops edit ig --name=damo.k8s.local master-us-east-1a
UPDATE CLUSTER
kops update cluster --name damo.k8s.local --yes
cluster validates:
VALIDATE CLUSTER
kops validate cluster
LIST NODES
kubectl get nodes --show-labels
SSH CONNECTION ESTABLISHMENT
ssh -i ~/.ssh/id_rsa admin@public[master,nodes]
Congratulations! You have successfully created a Kubernetes cluster on AWS using Kops. With Kops, managing your Kubernetes cluster becomes significantly easier, and you can focus on deploying and managing containerized applications with ease.
As your workload grows, Kops enables you to scale the cluster and manage the infrastructure effortlessly. Explore the capabilities of Kubernetes to deploy and scale applications effectively, benefiting from the power of container orchestration.
Happy Kubernetes cluster management with Kops!
Let's learn together! I appreciate any comments or suggestions you may have to improve my learning and blog content.
#Kubernetes #Kops #AWS #ContainerOrchestration #DevOps #InfrastructureManagement #CloudComputing #ContainerizedApplications #ContinuousDeployment #Automation #Kubectl #EC2 #IAM #Route53 #K8s #CloudNative #ClusterManagement #VPC #ECR #EKS
Thank you,
Sivaprakash S