In this edition of our AWS and Kubernetes consulting series, we’ll take you through a step-by-step to launching Kubernetes on Amazon Web Services.
Running an application in the cloud without the proper tools to manage it and improve its functionality can be tricky. That is why when deploying a customer’s application you want to have the means for fast deployment, features roll out, resource management, resilience and automation of certain operations. Kubernetes is an open-source platform that gives you a set of tools to do just that.
K&C - Creating Beautiful Technology Solutions For 20+ Years . Can We Be Your Competitive Edge?
Drop us a line to discuss your needs or next project
Today we will run Kubernetes multi-master cluster on AWS and deploy a simple application. We’ll use kops (Kubernetes Operations), which is a utility for managing Kubernetes clusters. In our opinion, currently kops is the best tool for deploying Kubernetes clusters in Amazon Web Services.
1. Creating a zone in Route53:
aws route53 create-hosted-zone –name example.com
2. Creating an S3 bucket to store the cluster configuration:
aws s3api create-bucket --bucket kubernetes-cluster --region eu-west-1
We include versioning:
aws s3api put-bucket-versioning --bucket kubernetes-cluster --versioning-configuration Status=Enabled
3. Creating our new cluster
export KOPS_STATE_STORE=s3://kubernetes-cluster kops create cluster --name example.com --master-zones eu-west-1a,eu-west-1b,eu-west-1c --zones eu-west-1a,eu-west-1b,eu-west-1c --state s3://kubernetes-cluster --node-count 3 --yes
name cluster name should be identical to zone name
master-zones zones where masters will be launched
zones zones where the nodes will be located
state configuration storage bucket
node-count a number of nodes in the cluster
yes applies changes
Checking availability of the cluster:
kops validate cluster
The output:
Using cluster from kubectl context: example.com Validating cluster example.com INSTANCE GROUPS NAME ROLE MACHINETYPE MIN MAX SUBNETS master-eu-west-1a Master m3.medium 1 1 eu-west-1a master-eu-west-1b Master m3.medium 1 1 eu-west-1b master-eu-west-1c Master m3.medium 1 1 eu-west-1c nodes Node t2.medium 3 3 eu-west-1a,eu-west-1b,eu-west-1c NODE STATUS NAME ROLE READY ip-174-21-107-10.eu-west-1.compute.internal node True ip-174-21-113-20.eu-west-1.compute.internal master True ip-174-21-38-94.eu-west-1.compute.internal node True ip-174-21-53-131.eu-west-1.compute.internal node True ip-174-21-61-2.eu-west-1.compute.internal master True ip-174-21-67-114.eu-west-1.compute.internal master True Your cluster example.com is ready
Kops also creates settings for kubectl. We can also do:
kubectl get node
The output:
ip-174-21-107-10.eu-west-1.compute.internal Ready 11d v1.7.2 ip-174-21-113-20.eu-west-1.compute.internal Ready 11d v1.7.2 ip-174-21-38-94.eu-west-1.compute.internal Ready 11d v1.7.2
To edit nodes configuration, we do this:
kops edit ig nodes
Editing the file:
apiVersion: kops/v1alpha2 kind: InstanceGroup metadata: creationTimestamp: 2017-10-02T23:10:46Z labels: kops.k8s.io/cluster: example.com name: nodes spec: image: kope.io/k8s-1.7-debian-jessie-amd64-hvm-ebs-2017-07-28 machineType: t2.medium -> t2.xlarge maxSize: 3 -> 4 minSize: 3 -> 4 role: Node subnets: - eu-west-1a - eu-west-1b - eu-west-1c
Saving the file and applying the configuration:
kops rolling-update cluster –yes
Checking the state of the cluster:
kops validate cluster
The output:
nodes Node t2.xlarge 4 4 eu-west-1a,eu-west-1b,eu-west-1c
For convenience, let’s deploy a dashboard:
kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.6.3.yaml
Dashboard will be available at:
https://api.example.com/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy/#!/pod?namespace=default
Now we will deploy a simple web application, with a setup for balancer with ssl and a domain name
To associate Kubernetes with Route53, we’ll need to deploy pod:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/route53-mapper/v1.3.0.yml
In the IAM role, we’ll need to find the names of the nodes and add policy:
" Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "route53:ListHostedZonesByName", "Resource": "*" }, { "Effect": "Allow", "Action": "elasticloadbalancing:DescribeLoadBalancers", "Resource": "*" }, { "Effect": "Allow", "Action": "route53:ChangeResourceRecordSets", "Resource": "*" } ] }
Writing a yaml file for Deployments:
apiVersion: apps/v1beta1 kind: Deployment metadata: name: project-ci spec: replicas: 2 template: metadata: labels: projectenv: ci spec: containers: - name: project image: ecr.eu-west-1.amazonaws.com/project env: - name: DEPLOYMENT_ENV value: "ci" - name: FILEBEAT_ENABLE value: "yes" ports: - containerPort: 80
Now creating a yaml file for Service:
kind: Service apiVersion: v1 metadata: annotations: domainName: "projectci.example.com." service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:us-west-1:659153740712:certificate/xxxxxxxx" service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http name: projectci labels: projectenv: ci dns: route53 spec: selector: projectenv: ci ports: - name: "https" protocol: TCP port: 443 type: LoadBalancer
After deployment, we’ll see our application at https://projectci.example.com
And in the AWS console we’ll see the newly created balancer:
That’s it! You’re good to go. You might also be interested in other articles in our Kubernetes series such as Our Guide for Hashicorp Consul/Vault with Kubernetes.
Munich-based K&C has over 20 years of experience as an IT Services consultant and outsourced development resource. We provide DevOps, Cloud services, Serverless architecture design and many other areas of expertise across contemporary development technology stacks and consultancy.
Our partners span some of Europe’s best known brands, exciting start-ups and well established SMEs – all of whom have learned to trust completely our combination of German management and nearshored tech talent to realise their outsourced IT needs.
We’d be delighted to hear about any project or problem we might be able to help you with! Just drop us a line or pick up the phone.
When does IT Outsourcing work?
(And when doesn’t it?)