Creating a Kubernetes Cluster on AWS Using Kubernetes Operations

1375f202e61682cc4963295f4b0430dc?s=47 Sathya
September 23, 2017

Creating a Kubernetes Cluster on AWS Using Kubernetes Operations

Small talk about getting a Kubernetes cluster up & running on AWS. In this talk, I describe about few gotchas that you might run into when setting up a k8s cluster

1375f202e61682cc4963295f4b0430dc?s=128

Sathya

September 23, 2017
Tweet

Transcript

  1. 2.

    About Me • Sathya • Ops @ Adobe.io • Handled

    Dev/Ops/DBA/Data Migration/etc etc
  2. 5.

    Toolchain choices • DIY • Kubernetes Operations (“production grade”) •

    Kube-up.sh (removed as of 1.6) • Kubeadm • Kube Spray • CoreOS Techtonic
  3. 6.

    Kubernetes Operations (“kops”) • Kubernetes Operations ◦ Current recommended/supported for

    AWS ◦ “Production grade” ◦ Can create single/HA Master node ◦ Kubectl for the cluster
  4. 7.

    What can kops do? • Create clusters ◦ Create new

    VPC ◦ Use an existing VPC • Update clusters ◦ Increase node counts ◦ Increase instance size ◦ Rolling* updates ◦ Change root volume size ◦ Change instance group to Spot instances • Upgrade clusters ◦ Import/upgrade from kube-up to kops ◦ Upgrade across versions
  5. 8.

    What else can kops do? • Output config ◦ Terraform

    ◦ Cloudformation ◦ Actually launch the instances • Dry run by default • Create Bastion host • Tear down the cluster • Many more. Read the docs!
  6. 9.

    Pre-requisites • awscli installed ◦ pip install awscli • kubectl

    installed ◦ Mac: brew install kubectl ◦ Others • AWS Account* ◦ You maybe charged some amount • kops installed ◦ Mac: brew install kops ◦ Linux
  7. 10.

    Way kops works • Creates an IAM group • Attach

    below group policies ◦ AmazonEC2FullAccess ◦ AmazonRoute53FullAccess ◦ AmazonS3FullAccess ◦ IAMFullAccess ◦ AmazonVPCFullAccess • Creates a user to this group • Creates S3 bucket to store state
  8. 11.

    Way kops works • Set the name of the cluster

    to NAME • Set the master & node size/count • kops create cluster • …. • Magic!
  9. 12.

    Points to note • You do not* need control over

    domain ◦ *caveat: kops needs to be v1.6.2 & above ▪ Cluster name must end in .k8s.local • Kops creates security groups for SSH open to all ◦ Always review what kops does with kops edit cluster $NAME • Kops creates masters & nodes in public subnet
  10. 13.

    Points to note • Kops creates m3.medium for master and

    2x t2.medium for nodes by default. ◦ Size accordingly. • Kops creates a new VPC, IGW, subnet but you can make it reuse existing VPC & subnets ◦ export VPC_ID=vpc-12345678 ◦ export NETWORK_CIDR=10.100.0.0/16 ◦ kops create cluster ${NAME} --vpc=${VPC_ID}
  11. 14.

    Instance Groups • Groups of similar machines • Master IG,

    Node IG • Edit IG, changes reflect on all instances ◦ kops get instancegroups ◦ kops edit ig ◦ kops update cluster ${NAME} • Changes apply to new instances only! ◦ Do a rolling update to update existing instances
  12. 16.

    Docs & References • Kops Documentation - https://github.com/kubernetes/kops/tree/master/docs • Deploying

    Highly Available Kubernetes cluster with Kops - https://renzedevries.wordpress.com/2017/02/09/deploying-a-highly-available-kuber netes-cluster-to-aws-using-kops/ • AWS Blog - https://aws.amazon.com/blogs/compute/kubernetes-clusters-aws-kops/ • Backstory of Kubernetes - https://changelog.com/podcast/250
  13. 17.

    Q&A? Reach me • Twitter - sathyabhat • DevUp Slack

    ◦ Join in https://slackipy.herokuapp.com/ ◦ #devops channel