Deploy a fully-functional Kubernetes cluster using AWS CloudFormation. Your cluster will be configured to use AWS features to enhance Kubernetes. For example, Kubernetes may automatically provision an Elastic Load Balancer for each Kubernetes Service. At CoreOS, we use the kube-aws CLI tool to automate cluster deployment to AWS.
After completing this guide, a deployer will be able to interact with the Kubernetes API from their workstation using the kubectl CLI tool.
Each of the steps will cover:
- Step 1: Configure (this document)
- Download the kube-aws CloudFormation generator
- Define account and cluster settings
- Step 2: Render
- Compile a re-usable CloudFormation template for the cluster
- Optionally adjust template configuration
- Validate the rendered CloudFormation stack
- Step 3: Launch
- Create the CloudFormation stack and start our EC2 machines
- Set up CLI access to the new cluster
- Step 4: Update
- Update the CloudFormation stack
- Step 5: Add Node Pool
- Create the additional pool of worker nodes
- Adjust template configuration for each pool of worker nodes
- Required to support cluster-autoscaler
- Step 6: Destroy
- Destroy the cluster
Let's get started.
Go to the releases and download the latest release tarball for your architecture.
Currently, binaries coming from the final release for each version are signed so you should download the corresponding signature (.sig) as well. If you've decided to download a non-final release you can skip down to "Extract the binary:".
Import the CoreOS Application Signing Public Key:
gpg2 --keyserver pgp.mit.edu --recv-key FC8A365EValidate the key fingerprint:
gpg2 --fingerprint FC8A365EThe correct key fingerprint is 18AD 5014 C99E F7E3 BA5F 6CE9 50BD D3E0 FC8A 365E
Go to the releases and download the latest release tarball and detached signature (.sig) for your architecture.
Validate the tarball's GPG signature:
PLATFORM=linux-amd64
# Or
PLATFORM=darwin-amd64
gpg2 --verify kube-aws-${PLATFORM}.tar.gz.sig kube-aws-${PLATFORM}.tar.gzExtract the binary:
tar zxvf kube-aws-${PLATFORM}.tar.gzAdd kube-aws to your path:
mv ${PLATFORM}/kube-aws /usr/local/binConfigure your local workstation with AWS credentials using one of the following methods:
Provide the values of your AWS access and secret keys, and optionally default region and output format:
$ aws configure
AWS Access Key ID [None]: AKID1234567890
AWS Secret Access Key [None]: MY-SECRET-KEY
Default region name [None]: us-west-2
Default output format [None]: textWrite your credentials into the file ~/.aws/credentials using the following template:
[default]
aws_access_key_id = AKID1234567890
aws_secret_access_key = MY-SECRET-KEY
Provide AWS credentials to kube-aws by exporting the following environment variables:
export AWS_ACCESS_KEY_ID=AKID1234567890
export AWS_SECRET_ACCESS_KEY=MY-SECRET-KEYTest that your credentials work by describing any instances you may already have running on your account:
$ aws ec2 describe-instancesDid you download kube-aws?
Did your credentials work? We will use the AWS CLI in the next step.
Yes, ready to configure my cluster options No, I need more info on the AWS CLI