The next thing I’d like to play with is to manually create a cluster using kubeadm, run a simple web-service there and access it via AWS LoadBalancer.
The main issue I faced with during this set up was lack of full-fledged documentation and up to date examples, thus had to do almost everything by the cut-and-try method.
Just to finally see a message saying:
WARNING: aws built-in cloud provider is now deprecated. The AWS provider is deprecated and will be removed in a future release
The example below uses the Kubernetes version: v1.15.2. and ЕС2 with OS Ubuntu 18.04
Create a VPC with the 10.0.0.0/16 CIDR:
Add a tag named kubernetes.io/cluster/kubernetes with the owned value – it will be used by K8s for AWS resources auto-discovery related to the Kubernetes stack, also it will add such a tag itself during creating new resources:
Enable DNS hostnames:
Create a new subnet in this VPC:
Enable Public IPs for EC2 instances which will be placed in this subnet:
Add the tag:
Create an IGW to route traffic from the subnet into the Internet:
For IGW add the tag as well, just in case:
Attached this IGW to your VPC:
Create a routing table:
Add the tag here:
Click on the Routes tab, add a new route to the 0.0.0.0/0 network via the IGW we created above:
Attach this table to the subnet – Edit subnet association:
Choose your subnet created earlier:
To make Kubernetes working with AWS need to create two IAM EC2 roles – for master and slaves.
You can also use ACCESS/SECRET instead.
IAM Master role
Go to the IAM > Policies, click Create policy, into the JSON add a new policy description (see cloud-provider-aws):
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.1. Latest validated version: 18.09
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Activating the kubelet service
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [ip-10-0-0-102.eu-west-3.compute.internal kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.100.0.1 10.0.0.102]
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"