Professional Documents
Culture Documents
Via StackShare | Tech stack deep dives from top startups and engineering teams
Kubernetes is hugely popular and growing, and is primarily used on the cloud — 83 percent of organizations included in a
large CNCF survey said they run Kubernetes on at least one public cloud. Amazon is a natural option for Kubernetes clusters,
due to its mature and robust infrastructure, and a variety of deployment options with a varying degree of automation.
Read on to understand three key options for running Kubernetes on AWS, how they work and which is best for your
organization’s needs.
When deploying Kubernetes in AWS, you can configure and manage your deployment by yourself for full flexibility and
control. You also have the option of using either AWS-provided services or third-party services to manage your
implementation.
kops — an open source tool you can use to automate the provisioning and management of clusters in AWS. Although
not a managed tool, kops does enable you to simplify deployment and maintenance processes. It is officially
supported by AWS.
Amazon Elastic Kubernetes Service (EKS) — a managed service offered by AWS. EKS uses automatically
provisioned instances and provides a managed control plane for your deployment.
Rancher — a complete enterprise computing platform to deploy Kubernetes clusters everywhere: on-premises, in the
cloud and at the edge. Rancher unifies these clusters to ensure consistent operations, workload management and
enterprise-grade security.
1. For convenience, create two environment variables: NAME set to your cluster name, and KOPSSTATESTORE set to the
URL of your cluster state store on S3.
2. Check which availability zones are available on EC2, by running the command aws ec2 describe-
2. Check which availability zones are available on EC2, by running the command aws ec2 describe-
availability-zones --region us-west-2 (ending with the region you want to launch the instances in). Select
an available zone, for example us-west-2a.
3. Build your cluster as follows - this is a basic cluster with no high availability:
4. View your cluster configuration by running the command kops edit cluster ${NAME}. You can leave all settings
as default for now.
5. Run the command kops update cluster ${NAME} --yes . This boots instances and downloads Kubernetes
components until the cluster reaches a “ready” state.
7. Validate that your cluster is working properly by running kops validate cluster.
Centralized user authentication & RBAC - you can integrate Rancher with LDAP, Active Directory or SAML-based
authentication services. This enables you to consistently enforce role-based access control (RBAC) policies across
your environments. Centralized RBAC is the preferred way to manage access and permissions as it reduces
administrative requirements and makes management of permissions easier.
UI in a single pane of glass - you manage Rancher from an intuitive web interface. This enables DevOps teams to
easily deploy and troubleshoot workloads and operations teams to smoothly release and link services and applications
across environments. Simplified management also eliminates the need to know specifics of your infrastructure of
Kubernetes distribution and promotes greater workflow efficiency.
Enhanced cluster security - Rancher enables you to centrally define security policies and procedures. Security
teams can set policies dictating how users are allowed to interact with clusters and how workloads operate across
infrastructures. These policies can then be immediately pushed to any clusters as needed.
Multi and hybrid-cloud support - included with Rancher are global application catalogs that you can use across
Kubernetes clusters, regardless of location. These catalogs provide access to apps ready for immediate deployment,
creating standardized application configurations across your services. Using these apps, you can significantly reduce
the load on your operations and development teams.
Tools integration - Rancher includes built-in integrations with the Istio service mesh, Prometheus and Grafana for
monitoring, Fluentd for logging. In combination, these integrations help you manage deployments across clouds
regardless of service variations.
Let’s see how to create a cluster on AWS with Rancher. The prerequisites are the same as for EKS (see the previous
section).
1. Prepare a Linux host with a supported version of Linux, and install a supported version of Docker on the host (see all
supported versions).
2. Start the Rancher server by running this Docker command:
3. Open a browser and go to the hostname or address where you installed your Docker container. You will see the
Rancher server UI.
5. Type a Cluster Name. Under Member Roles, click Add Member to add users that will be able to manage the cluster,
and select a Role for each user.
6. Enter the AWS Region, Access Key and Secret Key you got when creating your VPC.
7. Click Next: Select Service Role. For this tutorial, select Standard: Rancher-generated service role . This means
Rancher will automatically add a service role for the cluster to use. You can also select an existing AWS service role.
8. Click Next: Select VPC and Subnet . Choose whether there will be a Public IP for Worker Nodes . If you choose
No, select a VPC & Subnet to allow instances to access the Internet, so they can communicate with the Kubernetes
control plane.
10. Click Select Instance Options and select: a. Instance type – you can choose which Amazon instance should be
used for your Kubernetes worker nodes. b. Customer AMI override – you can choose a specific Amazon Machine
Image to install on your instances. By default, Rancher provides its EKS-optimized AMI. c. Desired ASG size – the
number of instances in your cluster. d. User data – custom commands for automated configuration, do not set this
number of instances in your cluster. d. User data – custom commands for automated configuration, do not set this
when you’re just getting started.
11. Click Create. Rancher is now provisioning your cluster. You can access your cluster once its state is Active.
For more details, refer to the Rancher AWS quick start guide, or learn more about the Rancher platform.
Conclusion
In this article we showed three ways to automatically spin up a Kubernetes cluster:
kops - an open source library that lets you quickly create a cluster using CLI commands.
Amazon Elastic Kubernetes Service - creating a cluster managed by Amazon, with high availability and security built
in.
Rancher with EKS - creating a cluster with Rancher as an additional management layer, which provided user
authentication and RBAC, enhanced security, and the ability to launch Kubernetes clusters on other public clouds or in
your local data center, and manage everything on one pane of glass.
Learn more about the Rancher platform and see how easy it is to manage Kubernetes across multiple cloud environments.