Skip to content

newpetstore/infra-k8s-aws

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
helm
helm
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
admin.user.role.yml
admin.user.role.yml
 
 
admin.user.yml
admin.user.yml
 
 
cluster-create.sh
cluster-create.sh
 
 
cluster-delete.sh
cluster-delete.sh
 
 
create-admin.sh
create-admin.sh
 
 
create-kubedash.sh
create-kubedash.sh
 
 
env.sh
env.sh
 
 

Repository files navigation

Kubernetes Infrastructure at AWS

To create kubernetes cluster at AWS

How to Use

  • Install kops 1.15.1
  • Install kubectl 1.17.0
  • Install helm 3.0.3
  • Create a ssh keypair
    • kops use the ~/.ssh/id_rsa.pub, by default
  • Create an account with these IAM permissions:
AmazonEC2FullAccess
AmazonRoute53FullAccess
AmazonS3FullAccess
IAMFullAccess
AmazonVPCFullAccess
  • Export your AWS_ACCESS_KEY_ID
export AWS_ACCESS_KEY_ID='<YOUR ACCESS KEY>'
  • Export your AWS_SECRET_ACCESS_KEY
export AWS_SECRET_ACCESS_KEY='<YOUR SECRET KEY>'

  • Create a S3 bucket to store kops state

    • If are familiar with Terraform, use this to create the bucket

  • Edit the env.sh script and set the following variables

# Ohio, for example
export ZONES='us-east-2a'
# Use .k8s.local suffix, telling to kops to create a gossip-based cluster
export NAME='pets.k8s.local'
export KOPS_STATE_STORE='s3://YOUR BUCKET NAME'
  • Execute the cluster-create.sh script
./cluster-create.sh

  • Wait until the cluster is ready to create the resources ahead

  • To see cluster status

kubectl get nodes

You can go ahead when every node is Ready:

NAME                                          STATUS   ROLES    AGE   VERSION
ip-172-20-37-9.us-east-2.compute.internal     Ready    master   29m   v1.15.9
ip-172-20-46-165.us-east-2.compute.internal   Ready    node     28m   v1.15.9
ip-172-20-54-151.us-east-2.compute.internal   Ready    node     28m   v1.15.9

To edit kubelet configuration

Checkout these details

  • Open the cluster configuration
source env.sh
kops edit cluster
  • Edit the kubelet spec, to add authenticationTokenWebhook and authorizationMode
kind: Cluster
metadata:
  name: xxx.xxx.com
spec:
  # ...
  kubelet:
    anonymousAuth: false
    authenticationTokenWebhook: true
    authorizationMode: Webhook
  • Update the cluster
kops update cluster --yes
kops rolling-update cluster --yes

To create the metrics server

The metrics server provide data for horizontal pod autoscale.

helm install --namespace=kube-system \
     metrics-server helm/metrics-server

To create kubernetes dashboard

  • Execute the create-kubedash.sh script
./create-kubedash.sh
  • After few seconds, execute command bellow to get the public DNS of that dashboard
kubectl describe svc \
        kubernetes-dashboard-public \
       -n kubernetes-dashboard

To create an admin user

You should use this account to login at kubernetes dashboard.

  • Execute the create-admin.sh
./create-admin.sh

To deploy the Prometheus

  • Execute the command bellow:
helm install prometheus helm/prometheus
  • The Prometheus's server URL will be: http://prometheus-server.default.svc.cluster.local

To access the prometheus web console

# Export the pod name
export POD_NAME=$(kubectl get pods --namespace default -l "app=prometheus,component=server" -o jsonpath="{.items[0].metadata.name}")

# Start the port forwarding
kubectl --namespace default port-forward $POD_NAME 9090

To deploy the Grafana

  • Add the bitnami helm charts repository
helm repo add bitnami https://charts.bitnami.com/bitnami
  • Execute the command bellow:
helm install grafana bitnami/grafana

To access the grafana web console

  • Get the admin password
kubectl get secret grafana-secret \
        --namespace default \
        -o jsonpath="{.data.GF_SECURITY_ADMIN_PASSWORD}" | base64 --decode
  • Expose grafana with a public DNS
kubectl expose service grafana \
      --type=LoadBalancer \
      --name=grafana-public \
      -n default
  • And get that public DNS
kubectl describe svc \
      grafana-public \
     -n default

To deploy EFK Stack

  • Add the elastic helm charts repository
helm repo add elastic https://helm.elastic.co
helm install elasticsearch elastic/elasticsearch --version 7.5.2
helm install filebeat elastic/filebeat --version 7.5.2
helm install kibana elastic/kibana --version 7.5.2
  • Expose the Kibana with public DNS:
kubectl expose deployment kibana-kibana \
        --type=LoadBalancer \
        --name=kibana-public \
        -n default
  • After few seconds, execute command bellow to get the public DNS of Kibana
kubectl describe svc kibana-public -n default

Create namespaces for your projects

kubectl create namespace 'a-namespace'

To deploy a mongodb instance

  • Execute the command bellow:
helm install --namespace='a-namespace' mongodb helm/mongodb
  • Get the root password
kubectl get secret \
        --namespace='a-namespace' \
        mongodb \
        -o jsonpath="{.data.mongodb-root-password}" \
        | base64 --decode

To deploy the istio

istioctl manifest apply --set profile=demo

To destroy the cluster

  • Execute the cluster-delete.sh
./cluster-delete.sh

About

Kubernetes Infrastructure at AWS using Kops

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages