Part I : Deploying Kubernetes Cluster to AWS

almas muhtadi

Jun 27, 2020·6 min read

In this article we will get to know what kubernetes is and try to deploy a kubernetes cluster in AWS.

To get a better understanding of what kubernetes is for, it is important for you to know about containers and docker. More detail about containerization is not covered in this article. So make sure to find out about containers or docker later on. In short, a docker container runs our application in a virtual environment that is similar to how the application runs in a normal OS. Except, rather than the environment have many installed software, for example like how our computer is. It only has the OS, our application, and some other application that is necessary for our application to run.

In classic servers we normally have one bare metal server with everything (PHP, MySQL, Nginx, Java, etc) installed inside it. One thing that surely every system administrator has faced before is system failure either due to system update, conflict in application version, and many other things that are related with changes in the OS or application server that somehow affect the others. With containers, this is no longer the case. Because every application is contained in a virtual environment, they will not affect the others. But then, you might ask, how can every application connect to each other. For example, how does a PHP application connect to the MySQL Database ?, or how can my PHP application use Nginx ?, or how to create connection between two or more application ?. That is where kubernetes come in.

Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.

So one of many purposes of using kubernetes is to manage and orchestrate container applications so they can work together. With the power of docker containerization and kubernetes orchestration modern application servers can minimize the error due to the system, as well as make updating easy, fast, and without any downtime. You can easily run your application on top of multiple machines (or virtual one) called nodes.

To get started with kubernetes you can try to install minikube on your pc or using docker desktop. I find that using docker desktop is the easiest way to get started. In this article I want to deploy a kubernetes cluster in AWS EC2 using kops. I find kops as the easiest and fastest way to start running your own kubernetes cluster in AWS EC2. Kops stands for Kubernetes Ops, it allows you to create, update, delete, and manage kubernetes clusters in many popular cloud providers such as AWS or GCP. It has a very decent manual which I recommend for you to read. This article is a recap on what I do when I deploy a kubernetes cluster.

Hand’s ON

Before starting, create an EC2 instance, we will install kops there. I use t3.micro instance with ubuntu 18.04. Name this instance Kubernetes Controller. I find that this is a good way to manage your cluster and secure them. Of course you can instal kops on your own computer, but try to avoid that. Instead, use this kubernetes controller instance to manage your cluster. That way, there will be only a single entry point to manage your cluster and it is easier to secure it.

Create Cluster

To get started you need to make sure that you have kop, kubectl and aws cli installed.

Download Kops

$ curl -LO https://github.com/kubernetes/kops/releases/download/$(curl -s https://api.github.com/repos/kubernetes/kops/releases/latest | grep tag_name | cut -d '"' -f 4)/kops-linux-amd64
$ chmod +x kops-linux-amd64
$ sudo mv kops-linux-amd64 /usr/local/bin/kops

Download Kubectl

$ curl -Lo kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
$ chmod +x ./kubectl
$ sudo mv ./kubectl /usr/local/bin/kubectl

Download AWS CLI

$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
$ unzip awscliv2.zip
$ sudo ./aws/install

To start using aws cli you need a user. You can create a user in your AWS console. The user must have this permission,

• AmazonEC2FullAccess
• AmazonRoute53FullAccess
• AmazonS3FullAccess
• IAMFullAccess
• AmazonVPCFullAccess

Once you have created the user, you will have the access and secret key for that user. Use the secret and access key

# configure the aws client to use the IAM user
$ aws configure           # Use user access and secret key here

Check if everything works,

$ aws iam list-users      # If all goes well you should list of your IAM users here

Next, setup a S3 State Storage to store your cluster state.

# create bucket
$ aws s3api create-bucket \
    --bucket prefix-example-com-state-store \
    --region us-east-1# enbale versioning
$ aws s3api put-bucket-versioning \
    --bucket prefix-example-com-state-store \  
    --versioning-configuration Status=Enabled \# enbale encryption
$ aws s3api put-bucket-encryption \
    --bucket prefix-example-com-state-store \
    --server-side-encryption-configuration \
    '{"Rules":[{"ApplyServerSideEncryptionByDefault": \
    {"SSEAlgorithm":"AES256"}}]}'# save the bucket name as env variable 
# consider to put this in .bashrc or .profile
$ export KOPS_STATE_STORE=s3://prefix-example-com-state-store

Before creating a cluster you should decide on the name for the cluster. The name can be related to a certain domain but you must configure the DNS.

# consider to put this in .bashrc or .profile
$ export NAME=myfirstcluster.example.com

Or by using k8s.local you can create a cluster by using the gossip base communication. (the fastest way to start)

# consider to put this in .bashrc or .profile
$ export NAME=myfirstcluster.k8s.local

One small thing before starting, check the subnet availability in your preferred region (in my case, us-west-1).

$ aws ec2 describe-availability-zones --region us-west-1

Make sure that you deploy enough nodes to cover more than one subnet. This is to make sure the high availability of your cluster.

Just run the following command to start the creation of your kubernetes cluster.

# I create one master node (t3.medium) and 2 worker nodes (t3.micro)
  distributed in multiple zones.
$ kops create cluster \
    --name ${NAME} \
    --zones us-west-1b,us-west-1c \
    --master-zones us-west-1b \
    --node-count=2 \
    --node-size=t3.micro \
    --master-size=t3.medium \
    --cloud-labels "Team=Dev,Owner=John Doe" # after creating cluster it will ask you about ssh key to access the nodes so create one if you haven't
$ ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa$ kops create secret sshpublickey admin -i ~/.ssh/id_rsa.pub 
  --name{NAME} --state ${KOPS_STATE_STORE}# then update to finalize everything
$ kops update cluster --name ${NAME} --yes

You can immediately see the creation of new instances in your AWS console. You need to wait a while before everything is up and running. After a while try to run the following command and you should see your kubernetes nodes are ready. If it is not, try again later.

$ kops validate cluster
$ kubectl get nodes

Update Cluster

After creating a cluster you might want to change something, you can use the following command.

To edit master configuration (instance type, label, min, max etc)

kops edit ig master-us-west-1b --name ${NAME}

To edit nodes configuration (instance type, label, min, max, etc)

kops edit ig nodes --name ${NAME}

After saving the new configuration file, run the following command to apply the changes.

$ kops update cluster --yes
$ kops rolling-update cluster --yes

Install Metric Server

The metric server is a useful service for you to monitor the cluster resources. It is also needed if you want to use the Horizontal Pod Autoscaller.

You can find more about the metric server here,

To install it, first you need to update your cluster

$ kops edit cluster# add the following
kubelet:
    anonymousAuth: false
    authorizationMode: Webhook
    authenticationTokenWebhook: true# apply the changes
$ kops update cluster --yes
$ kops rolling-update cluster --yes# If you use Kubernetes 1.16+
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/metrics-server/v1.16.x.yaml

If everything goes well you can run the following command and see the resources of your cluster.

$ kubectl top nodes

Delete Cluster

Since this is a trial you might want to destroy the cluster and replace it with a more proper cluster later on. This can be done easily, but make sure you don’t do this by mistake because you will lose your cluster immediately.

kops delete cluster --name ${NAME} --yes

Congratulation 👍, you just launch your kubernetes cluster.

In the next part we will learn more about how to deploy a web application, what is a pod, replication set, service, and deployment.

Thank you for reading.