How to set up a Kubernetes Cluster in AWS with kOps
Installation of Kubernetes using KOPS

How to set up a Kubernetes Cluster in AWS with kOps

Chinnayya Chintha Chinnayya Chintha

Chinnayya Chintha

Cloud & DevOps Engineer | SRE | AWS | Azure | Kubernetes | Docker | Terraform | CI/CD | DevSecOps | Automation | Scalable & Secure Systems | Passionate About Growth & Innovation

发布日期: 2024年7月7日
+ 关注

Kubernetes Operations (kOps) is an open-source tool that helps create, destroy, upgrade, and maintain production-grade Kubernetes clusters. It can also provision the necessary cloud infrastructure. kOps is considered the easiest way to get a Kubernetes cluster up and running and is often used to deploy clusters on AWS and Google Cloud Platform (GCP).

Prerequisites:

To follow along, you’ll need to have the following:

  1. An AWS account and the AWS CLI configured with admin credentials
  2. KOPS && kubectl
  3. jq—You can download and install this simple text manipulation tool
  4. An active domain with a dedicated “kops” subdomain—kOps depends on DNS records for internal and external communication.

Step 1: Create the “kops” AWS IAM user 

aws iam create-group --group-name kops;

aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonEC2FullAccess --group-name kops;
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonRoute53FullAccess --group-name kops; 
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess --group-name kops; 
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/IAMFullAccess --group-name kops;
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonVPCFullAccess --group-name kops;
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonSQSFullAccess --group-name kops;
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess --group-name kops;

aws iam create-user --user-name kops;
aws iam add-user-to-group --user-name kops --group-name kops; 
aws iam create-access-key --user-name kops;

Record the SecretAccessKey and AccessKeyID values 

# configure the AWS CLI to use ‘kops’ user
aws configure       # use the new access and secret key  
aws iam list-users  # you should see a list of all your IAM users here  

#Export the following variables for a session: 
export AWS_ACCESS_KEY_ID=$(aws configure get aws_access_key_id)  
export AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)

Record the SecretAccessKey and AccessKeyID values in the output of the previous command, and then use them in the commands below: 

# configure the AWS CLI to use ‘kops’ user
aws configure       # use the new access and secret key  
aws iam list-users  # you should see a list of all your IAM users here  

#Export the following variables for a session: 
export AWS_ACCESS_KEY_ID=$(aws configure get aws_access_key_id)  
export AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)

Step2: Configure DNS

Next, create a hosted zone in AWS for your kops subdomain: 

#install jq locally before running the below command
aws route53 create-hosted-zone --name kops.yourdomain.com --caller-reference $(uuidgen) | jq .DelegationSet.NameServers

You should see output similar to this: 

aws route53 create-hosted-zone --name kops.yourdomain.com --caller-reference $(uuidgen) | jq .DelegationSet.NameServers        
$ dig ns kops.yourdomain.com +short

"ns-1055.awsdns-03.org",
 "ns-862.awsdns-43.net",
 "ns-44.awsdns-05.com",
 "ns-1916.awsdns-47.co.uk"

Step3: Cluster state storage

领英推荐

We recommend keeping the creation of this bucket confined to us-east-1, otherwise more work will be required.

aws s3api create-bucket \ --bucket prefix-example-com-state-store \ --region us-east-1

Note: S3 requires --create-bucket-configuration LocationConstraint=<region> for regions other than us-east-1.

aws s3api put-bucket-versioning --bucket prefix-example-com-state-store --versioning-configuration Status=Enabled

Step4: Install KOPS 

curl -Lo kops https://github.com/kubernetes/kops/releases/download/v1.22.2/kops-linux-amd64
chmod +x kops
sudo mv kops /usr/local/bin/kops

Install Kubectl 

 curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"

chmod 700 kubectl
mv kubectl   /usr/local/bin
Create a public key and a private key $ ssh-keygen -t rsa

Step5: Install Kubernetes 

kops create cluster --name=chinnayyachinthak8s.xyz \
                    --state=s3://chinnayyachinthak8s.xyz \
                    --zones=us-east-1a,us-east-1b \
                    --node-count=2 \
                    --control-plane-count=1 \
                    --node-size=t3.medium \
                    --control-plane-size=t3.medium \
                    --control-plane-zones=us-east-1a \
                    --control-plane-volume-size=20 \
                    --node-volume-size=10 \
                    --ssh-public-key=~/.ssh/id_rsa.pub \
                    --dns-zone=chinnayyachinthak8s.xyz \
                    --networking=calico \
                    --yes

Wait for about 10 minutes for the cluster to come up. You can run this command to validate the cluster’s health: 

kops validate cluster --wait 10m

Delete the Cluster

kops delete cluster --name ${NAME}


Olufemi Alabi

SRE | DevOps | Cloud Support Engineer | Security Engineer | Analytics | Technical Writer | Linux | IT | Techtainer | Technical Poet

8 个月

Cool.
回复

要查看或添加评论,请登录

Chinnayya Chintha的更多文章

社区洞察

其他会员也浏览了