Setting Up a Single-Node Kubernetes Cluster on AWS

Deploying a Single-Node Kubernetes Cluster on AWS

A Comprehensive Guide

Introduction

In this comprehensive series, we will walk you through the process of installing and configuring a single-node Kubernetes cluster on Amazon Web Services (AWS). This guide is designed to provide a step-by-step approach, breaking down the complex process into manageable sections.

Series Overview

Our guide consists of five parts, each addressing a critical aspect of the deployment:

1. Introduction and Prerequisites

• Understand the project scope
• Set up essential prerequisites and system requirements
• Configure your AWS environment

 

2. Base Operating System Installation

• Deploy Ubuntu 18.04 LTS (Bionic Beaver) on AWS
• Optimize the initial system configuration

 

3. Docker Installation and Configuration

• Install Docker container runtime
• Configure Docker for seamless Kubernetes integration

 

4. Kubernetes Components Installation

• Install core Kubernetes components (kubelet, kubeadm, kubectl)
• Configure essential Kubernetes services

 

5. Kubernetes Cluster Deployment

• Initialize your Kubernetes cluster
• Set up networking and storage
• Validate the successful deployment

 

Whether you’re a DevOps engineer, system administrator, or developer, this guide equips you with the knowledge and practical steps needed to create your own Kubernetes environment on AWS.

Let’s dive into Part 1: Introduction and Prerequisites!

Setting Up a Single-Node Kubernetes Cluster on AWS:

Part 1 – Introduction and Prerequisites

Introduction

Kubernetes, often referred to as K8s, is an open-source system designed to automate the deployment, scaling, and management of containerized applications. Containers provide isolated runtime environments, bundling an application along with its dependencies, system libraries, binaries, and configuration files.

Understanding Single-Node Kubernetes Clusters

A single-node Kubernetes cluster comprises two key components:

1. Master Node (Control Plane): Responsible for managing the overall cluster state, scheduling workloads, and maintaining configuration data.

2. Worker Node (Data Plane): Executes containers and hosts the actual application workloads.

 

Within Kubernetes, the smallest deployable unit is a pod, which can contain multiple containers functioning together as a microservice.

Managed Kubernetes Solutions

Cloud providers offer managed Kubernetes services, such as AWS Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). With these services, you pay for control plane management while customizing data-plane resources (virtual machines) based on your application requirements.

Assumptions and Environment

For our deployment, we’ll make the following assumptions:

1. AWS Cloud Deployment:

• We’ll set up our Kubernetes cluster on AWS.
• You have a valid AWS account (including free tier accounts).
• We’ve chosen the AWS Asia Pacific (Mumbai) region (ap-south-1), but you can select any region.

 

2. Default VPC and Subnets:

• We’ll use the default VPC and subnets created during your account setup.
• Ensure that the subnet has internet gateway (IG) access.

 

3. Operating System:

• We’ll use Ubuntu 18.04 LTS (Bionic) as the OS for both master and worker nodes.
• Ubuntu 18.04 LTS supports 64-bit (x86) virtual machines.

 

4. Instance Types:

• OS Installation: t2.micro (1 vCPU + 1 GB RAM) – 1 instance
• Kubernetes Cluster: t3a.medium (2 vCPU + 4 GB RAM) – 2 instances

 

5. EBS Volume:

We’ll allocate a 10 GB io1 EBS volume.

 

6. User Setup:

We’ll create a dedicated user named “jenkins” for administering and monitoring the Kubernetes cluster.

Note that we won’t use the default “ubuntu” user for security reasons.

Part 1

Step 1: Creating an SSH Key Pair for EC2 Instance 

Follow these steps to create an SSH key pair for secure access to your EC2 instance:

1. Name Your Key Pair:

• Log in to the AWS Console.
• Navigate to Services > EC2.
• Under Network & Security, click on Key pairs.
• Click the Create key pair button.
• Enter the following details:
  • Name: jenkins
  • Key pair type: RSA
  • Private key file format: .pem
  • Tags (optional):
    • Key: Name
    • Value: jenkins_ssh_key_pair
• Click Create key pair.

 

2. Download the Key:

• IMPORTANT: This is a one-time download. Save the key as “jenkins.pem” on your desktop or laptop.
• The key will be used for SSH authentication during Docker and Kubernetes installation.

 

3. Platform Compatibility:

• Linux and Mac users: Use the .pem file format.
• Windows PowerShell users: Use the .pem file format.
• Windows PuTTY/Cygwin users: Use the .ppk file format.

 

4. Generate the Public Key (Linux/Mac):

• Open your terminal.
• Set appropriate permissions for the key file:

$ chmod 700 "jenkins.pem"

• Generate the public key:

$ ssh-keygen -y -f "jenkins.pem"

• Keep this public key handy for creating a new user in the OS for Docker and Kubernetes configuration.

 

5. Windows Users:

• Refer to the following articles for generating the public key using the “.ppk” file format:
• Using PuTTYGen
• Difference Between PEM and PPK

 

This completes the SSH key creation process. 

Step 2: Configuring Security Groups for EC2 Instances

To ensure secure access to your EC2 instance, follow these steps to configure the default security group:

1. Access the AWS Console:

• Log in to your Amazon Web Services (AWS) account.
• Navigate to Services > EC2.

 

2. Edit Inbound Rules for Default Security Group:

• In the left navigation pane, click on Network & Security > Security Groups.
• Locate and select the default security group.
• Go to the Inbound rules tab and click Edit inbound rules.
• Add the following rule:
  • Type: SSH
  • Protocol: TCP (defaults to 22)
  • Port: 22 (defaults to 22)
  • Source: 0.0.0.0/0 (allows connections from any IP)
  • Description: Port for SSH (you can provide any name or value)
• Click Save rules.

 

3. Important Note:

• While using 0.0.0.0/0 is acceptable for development and testing environments, it is not recommended for production systems due to security risks.

Below is a screenshot of the security group with SSH port.