Skip to content

Instantly share code, notes, and snippets.

@krisnova

krisnova/kubernetes-aws-1.17.md

Last active May 5, 2020 00:05
Show Gist options
  • Save krisnova/db50a1f3fe6698eb00bca7b377d39bc0 to your computer and use it in GitHub Desktop.
Save krisnova/db50a1f3fe6698eb00bca7b377d39bc0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
kubernetes-aws-1.17.md

Kubernetes 1.17 on AWS with Cilium and Falco from scratch

Use these kubeadm configs and watch the live stream for more information on how to set up Kubernetes 1.17 on AWS with Cilium and Falco.

Master node

Kubeadm config

# ---------------------------------------
#
# Kris Nóva <kris@nivenly.com>
#
# Kubeadm Config file for Kubernetes 1.17
#
# ---------------------------------------
apiServer:
  certSANs:
  #
  # This is the DNS you will enter for your master
  # API server
  #
  # -----------
  - fabulous.af
  # -----------
  extraArgs:
    authorization-mode: Node,RBAC
    cloud-provider: aws
    #
    # Enable/Disable privleged containers
    # 
    #allow-privleged: false
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
#
# This is a very important string and is
# necessary to match the tags in the console
# for the instance, routetable, and subnets
#
# key: kubernetes.io/cluster/<name>
# value: <nil>
# 
clusterName: fabulous-af
#
# This is the connection string for the
# master API server
#
# ---------------------------------------
controlPlaneEndpoint: "172.31.16.59:443"
# ---------------------------------------
controllerManager:
  extraArgs:
    cloud-provider: aws
    configure-cloud-routes: "false"
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: v1.17.4
networking:
  dnsDomain: cluster.local
  podSubnet: 10.217.0.0/16 # Required for Cilium
  serviceSubnet: 10.96.0.0/12 # Required for Cilium
scheduler: {}
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
localAPIEndpoint:
  bindPort: 443
nodeRegistration:
  kubeletExtraArgs:
    cloud-provider: aws

Worker node(s)

Kubeadm config

# ---------------------------------------
#
# Kris Nóva <kris@nivenly.com>
#
# Kubeadm Config file for Kubernetes 1.17
#
# ---------------------------------------


apiVersion: kubeadm.k8s.io/v1beta2
kind: JoinConfiguration
discovery:
  bootstrapToken:
    #
    # This is taken from the Kubeadm output
    # This can be generated by running
    # kubeadm token create --print-join-command
    # on the master
    #
    # ----------------------------
    token: nno16s.2r3qc4kq47vgrh21 
    # ----------------------------
    apiServerEndpoint: "172.31.16.59:443"
    unsafeSkipCAVerification: true
    #
    # This is taken from the master as well
    # using the following command (same as above)
    # kubeadm token create --print-join-command
    #
    # ---------------------------------------------------------------------------------------
    caCertHashes: ["sha256:abcdef1234123412312312121234123412312abcabcabcabcabcabca123123123"]
    # ---------------------------------------------------------------------------------------
nodeRegistration:
  #
  # This is the hostname of this machine
  # -------------------
  name: ip-172-31-29-115.us-west-1.compute.internal
  # -------------------
  kubeletExtraArgs:
    cloud-provider: aws
@krisnova
Copy link
Author

krisnova commented May 5, 2020

Update your hostname suckas

sudo hostnamectl set-hostname $(curl -s http://169.254.169.254/latest/meta-data/local-hostname)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment