Kube-AWS

Colin Hom - Infrastructure Engineergithub.com/colhom | [email protected]

Kube-AWS: Production Kubernetes Clusters on AWS

mailto:[email protected]

Design Goals

Artifacts should be:

Design Goals


Secure

Design Goals


Secure

Reproducible

Design Goals


Secure

Reproducible

Auditable

CloudEC2, VPC, IAM, security groups,

Autoscaling groups


Autoscaling groups

Hostdocker, flannel,

etcd


Autoscaling groups


etcd

Clusterhyperkube


Autoscaling groups


etcd

Clusterhyperkube

containers: - name: cat-pics-server image: quay.io/colin_hom/cat-pics:latest

“Under the hood” demo

$ kube-aws init \--cluster-name=demo-chom \--external-dns-name=my-cluster-endpoint \--region=us-west-1 \--availability-zone=us-west-1c \--key-name=key-pair-name \--kms-key-arn="arn:aws:kms:us-west-1:xxxxxxxxxx:key/xxxxxxxxxxxxxxxxxxx"

$ ls -R . > cluster.yaml

Step 1.

Initialize yourcluster configuration

Under the hood

Under the hoodcluster.yaml

1.init

clusterName: demo-chom

externalDNSName: demo.coreos.com

availabilityZone: us-west-1c

#workerCount: 1

#workerInstanceType: m3.medium

#controllerInstanceType: m3.medium

$ kube-aws render

$ ls -R . > userdata/ > credentials/ > stack-template.json > cluster.yaml > kubeconfig

Step 2.

Render cluster assets

Under the hood

Under the hood

init

cluster.yaml

render

user data

TLS credentials

stack template

1. 2.

Under the hood

init

cluster.yaml

render

user data

TLS credentials

stack template

1. 2.

"AutoScaleWorker": { "Properties": { "AvailabilityZones": [

"{{.AvailabilityZone}}"

], "DesiredCapacity": "{{.WorkerCount}}",….}

$ kube-aws up

…. (get coffee)

$ kubectl get nodes > NAME STATUS AGE > node-1 READY 10m

Step 3.

Push the button!

Under the hood

Under the hood

init

cluster.yaml

render

user data

TLS credentials

stack template

1. 2.

up

3.

stack template

user data

TLS credentials

Under the hood

init

cluster.yaml

render

user data

TLS credentials

stack template

1. 2.

up

3.

stack template

user data

TLS credentials

$ kube-aws up --export> Exporting demo-chom.stack-template.json

$ git add my-cluster.stack-template.json

$ git commit -am “first pass at my cluster!”

Step 4.

Save your state!

Under the hood

render

Under the hood

init

cluster.yaml

user data

TLS credentials

stack template

1. 2.

up

3. j

stack template

user data

TLS credentials

4.

export

Design Goals

Secure

Reproducible

Auditable

$ git diff> --- a/cluster.yaml +++ b/cluster.yaml

# Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large

$ kube-aws up --export

> Exporting demo-chom.stack-template.json

Let’s make some changes!Change the worker instance type from m3.medium to m3.large

$ git diff> # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large











$ git commit -am “workers are m3.large”


$ git diff HEAD~1 c542d5d8f20f6c059dfccc2b147f0097b1656381Author: Colin Hom <[email protected]>Date: Thu Apr 28 13:37:45 2016 -0700 # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large

j

Let’s make some changes!

Road to Version 1.0Recently Completed:

- Calico for network policy- Route53 Integration- Existing VPC support

Future Work:

- Zero-downtime upgrade path- HA control plane- Automated TLS rotation

github.com/coreos/coreos-kubernetes

Colin Homgithub.com/colhom | [email protected] | coreos.com

We’re hiring in all departments! Email: [email protected] Positions: coreos.com/ careers

mailto:[email protected]

Date post:	23-Jan-2018
Category:	Technology
Upload:	coreos
View:	660 times
Download:	0 times

Kube-AWS

Technology