148422597X Kubernetes Management Design Patterns [Vohra 2017-01-29] {E559F6BB}
Share Embed Flag
Download ePaper

148422597X Kubernetes Management Design Patterns [Vohra 2017-01-29] {E559F6BB}

marco.cirilli
from marco.cirilli More from this publisher
19.06.2021 Views

Chapter 2 ■ Kubernetes on CoreOS on AWSThe key pair is created and access permissions are set as shown in Figure 2-4.Figure 2-4. Creating the key pairOn the AWS console the kubernetes-coreos key pair should be listed, as shown in Figure 2-5.Figure 2-5. Listing the key pair in the EC2 consoleCreating a KMS KeyNext, create a KMS key, which is used to encrypt and decrypt cluster TLS assets and is identified by anAmazon Resource Name (ARN) string. Use the aws CLI to create a KMS key for region us-east-1.aws kms --region=us-east-1 create-key --description="kube-aws assets"A KMS key is created as shown in Figure 2-6. Copy the KeyMetadata.Arn string arn:aws:kms:us-east-1:672593526685:key/b7209ba2-cb87-4ccf-8401-5c6fd4fb9f9b to be used later to initialize the clusterCloudFormation.28

Chapter 2 ■ Kubernetes on CoreOS on AWSFigure 2-6. Creating a KMS keySetting Up an External DNS NameNext you need to register a domain name with a domain registrar, as we shall be using the domain’s externalDNS name to make the cluster API accessible. We have used the external DNS name NOSQLSEARCH.COM. TheNOSQLSEARCH.COM domain is not usable for all users, and different users would need to register a differentdomain name with a domain registry. Or, use a domain that is already registered.Creating the ClusterCreating a cluster requires the following procedure:1. Create an asset directory.2. Initialize the CloudFormation stack.3. Render the contents of the asset directory.4. Customize the cluster optionally in the cluster.yaml file.5. Validate the CloudFormation stack and the cloud-config user data files.6. Launch the CloudFormation stack.We shall discuss each of these stages next.Creating an Asset DirectoryCreate a directory on the Amazon Linux EC2 instance for the generated assets. Then cd (change directory) tothe asset directory:mkdir coreos-clustercd coreos-cluster29

Chapter 2 ■ Kubernetes on CoreOS on AWS

The key pair is created and access permissions are set as shown in Figure 2-4.

Figure 2-4. Creating the key pair

On the AWS console the kubernetes-coreos key pair should be listed, as shown in Figure 2-5.

Figure 2-5. Listing the key pair in the EC2 console

Creating a KMS Key

Next, create a KMS key, which is used to encrypt and decrypt cluster TLS assets and is identified by an

Amazon Resource Name (ARN) string. Use the aws CLI to create a KMS key for region us-east-1.

aws kms --region=us-east-1 create-key --description="kube-aws assets"

A KMS key is created as shown in Figure 2-6. Copy the KeyMetadata.Arn string arn:aws:kms:us-east-

1:672593526685:key/b7209ba2-cb87-4ccf-8401-5c6fd4fb9f9b to be used later to initialize the cluster

CloudFormation.

28

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!