Generic Intro Slide

Sam Brown - I like solving hard problems with technology

I have (controlled) shiny object syndrome

 

* Containers & Continuous Delivery Practice Lead at Oteemo

* Organizer - DC Continuous Delivery

* Recovering Java developer

Installing Kubernetes

 

  • Google - GKE

  • Azure - Container Service

  • AWS - ?? (Coming soon?              )** 

 

** AWS recently jointed the Cloud Native Computing Foundation  (CNCF) creating speculation that they will have a Kubernetes offering soon.

Why do we need an installer?

Because installing this is complicated...

So, what is KOPS?

Kubernetes Operations (kops)

Production Grade K8s Installation, Upgrades, and Management

Key Features

  • Command-Line Interface that can create and manage cluster state
  • New or existing VPC
  • Public or Private with bastion server
  • High-Availability K8s masters across availability zones
  • Rolling upgrades in cluster

Configuration management supported via CloudFormation or Terraform templates

(dry-runs & idempotency)

Getting Started

  1. Install kubectl command-line tool   https://kubernetes.io/docs/tasks/tools/install-kubectl/

  2. Install kops

#OSX
brew update && brew install kops

#Linux
#Download latest release: https://github.com/kubernetes/kops/releases
$ chmod +x kops-linux-amd64                 # Add execution permissions
$ mv kops-linux-amd64 /usr/local/bin/kops   # Move the kops to /usr/local/bin

  3. Create an AWS account and set up the CLI            https://docs.aws.amazon.com/cli/latest/userguide/cli-multiple-profiles.html

  4.  Create an S3 bucket to store state

  5.  (Optional) Create a user with specific AWS IAM roles:

 

AmazonEC2FullAccess
AmazonRoute53FullAccess
AmazonS3FullAccess
IAMFullAccess
AmazonVPCFullAccess

Creating the Cluster

#!/bin/bash

export AWS_PROFILE=oteemoxc

export KOPS_STATE_STORE=s3://xc-kops-clusters

kops create cluster \
    --node-count 2 \
    --zones us-east-1a,us-east-1b \
    --master-zones us-east-1a,us-east-1b,us-east-1c \
    --dns-zone oteemo-xc.com \
    --node-size t2.medium \
    --master-size t2.medium \
    --kubernetes-version 1.7.3 \
    ${NAME} \
    --yes

Other Interesting Options

  --admin-access stringSlice             Restrict API access to this CIDR.  If not set, access will not be restricted by IP. (default [0.0.0.0/0])
  --api-loadbalancer-type string         Sets the API loadbalancer type to either 'public' or 'internal'
  --associate-public-ip                  Specify --associate-public-ip=[true|false] to enable/disable association of public IP for master ASG and nodes. Default is 'true'.
  --authorization string                 Authorization mode to use: AlwaysAllow or RBAC (default "AlwaysAllow")
  --bastion                              Pass the --bastion flag to enable a bastion instance group. Only applies to private topology.
  --cloud-labels string                  A list of KV pairs used to tag all instance groups in AWS (eg "Owner=John Doe,Team=Some Team").
  --dns string                           DNS hosted zone to use: public|private. Default is 'public'. (default "Public")
  --dns-zone string                      DNS hosted zone to use (defaults to longest matching zone)
  --encrypt-etcd-storage                 Generate key in aws kms and use it for encrypt etcd volumes
  --master-count int32                   Set the number of masters.  Defaults to one master per master-zone
  --master-security-groups stringSlice   Add precreated additional security groups to masters.
  --master-size string                   Set instance size for masters
  --master-tenancy string                The tenancy of the master group on AWS. Can either be default or dedicated.
  --master-zones stringSlice             Zones in which to run masters (must be an odd number)
  --networking string                    Networking mode to use.  kubenet (default), classic, external, kopeio-vxlan (or kopeio), weave, flannel, calico, canal, kube-router. (default "kubenet")
  --node-count int32                     Set the number of nodes
  --node-security-groups stringSlice     Add precreated additional security groups to nodes.
  --node-size string                     Set instance size for nodes
  --node-volume-size int32               Set instance volume size (in GB) for nodes
  --ssh-access stringSlice               Restrict SSH access to this CIDR.  If not set, access will not be restricted by IP. (default [0.0.0.0/0])
  --ssh-public-key string                SSH public key to use (default "~/.ssh/id_rsa.pub")
  -t, --topology string                      Controls network topology for the cluster. public|private. Default is 'public'. (default "public")
  --vpc string                           Set to use a shared VPC

Validating the Cluster

kops validate cluster novakube.oteemo-xc.com

Via kops:

Via dashboard

# Install dashboard to the cluster
kubectl create -f https://git.io/kube-dashboard

# Proxy the dashboard to localhost (not exposed)
kubectl proxy

# Open the dashboard:
open http://locahost:8001/ui

Adding Worker Nodes

# Bring up config file and edit
kops edit instancegroup nodes

# edit file to add nodes

# Send updates to AWS config
kops update cluster --yes

# Apply updates to the cluster itself
kops rolling-update cluster --yes

Updating Kubernetes Version

# Edit cluster configuration
kops edit cluster novakube.oteemo-xc.com

# Set the KubernetesVersion to the target version (e.g. v1.7.4)

# kops update cluster novakube.oteemo-xc.com to preview
kops update cluster novakube.oteemo-xc.com --yes

# kops rolling-update cluster novakube.oteemo-xc.com to preview 
kops rolling-update cluster novakube.oteemo-xc.com --yes

Getting Support

Questions?

@SamuelBrownIV

@NOVAKube

Kops Kubernetes

By samueltbrown

Made with Slides.com

Kops Kubernetes

  • 752

More from samueltbrown