In this tutorial, we will show you how to use Platform9 Managed Kubernetes (PMK) to set up your own shared Kubernetes cluster on AWS. We’re following the design considerations and best practices we’ve outlined in a companion article “Setting up Shared Kubernetes Clusters: Considerations and Best Practices” (to be published shortly).
This article assumes that the reader is already familiar with the basics of Kubernetes. If you’re not, the Kubernetes documentation provides a clear explanation that should get you started. In addition, we have posted a number of videos on YouTube covering all aspects of setting up and managing Kubernetes.
Cluster Setup with Platform9
Let’s cover how you can deploy a shared Kubernetes cluster for your team.
Platform9 Managed Kubernetes (PMK) supports a number of different platforms for installing Kubernetes, including fully managed bare metal, virtual machines, AWS and Azure. For the purposes of this demo, we’re going to use AWS, and we’ll use the PMK Web UI to deploy our cluster. Instructions for other clouds are available in our documentation site here.
Configuring Platform9 on AWS EC2 is generally very simple, but there are a few prerequisites.
- If you don’t already have one, you will need to sign up for an AWS account. We won’t cover all of those steps here, since the AWS sign-up page does an excellent job.
- You will also need to create a platform9 free managed Kubernetes account. Signup takes just a couple of steps.
Create your account to follow this tutorial
- Once your AWS account is up and running, you should then follow the best practices outlined in the AWS documentation to properly configure and secure the account. This includes things such as strong passwords, enabling MFA, and the creation of IAM users so that you do not use the root user for day-to-day tasks.
If you are using a multi-account structure such as with AWS Organizations, it’s recommended that you not use the master billing or AWS Organizations account to set up your new infrastructure. Instead, create a sub-account for this purpose.
- Configure your account for Platform9 access, which is fully covered in Platform9’s Prerequisites for AWS Native Clusters. In short, you will need the following:
- An IAM user for Platform9. We named ours “Platform9” so it was easily identifiable. Instructions for creating the user can be found in Amazon’s doc Creating an IAM user in your AWS account.
- When creating the user, you should note the Access Key and Secret Key, since you will need them when you add the AWS cloud provider to Platform9 via the console. AWS has documented this under Understanding and getting your AWS credentials.
- Once your new IAM user has been created, you will need to attach this downloadable policy provided by Platform9 and attach it directly to the user. Instructions on how to do that are covered in Amazon’s IAM documentation under Adding and removing IAM identity permissions.
- Create an EC2 keypair before you add the cloud provider in the Platform9 web UI. To make the EC2 keypair easy to find, we simply named it “Platform9”.
- Next, you will need a Route53 domain name that’s already configured. We have a domain we maintain for testing purposes, so it’s already set up for us. If you don’t already have one, you can find instructions in the AWS Route53 documentation under Getting started with Amazon Route 53.
- Finally, choose an AWS region where you have sufficient resources available to deploy the infrastructure necessary for your new Kubernetes cluster. In our case, we are using the us-west-2 (Oregon) region. See this note in the Platform9 documentation on AWS account limits.
Adding a Cloud Provider in Platform9
The next step to creating a cluster is to add a Cloud Provider in the Platform9 UI. Full instructions can be found in the Platform9 docs under AWS Cloud Provider Management, but we’ll cover them at a high level below.
- After signing up for a free account, log into the dashboard (see below):
- Click on the Add Cloud button in the UI. You will then see the following screen, where you will do the following:
- Select the Cloud Provider Type. We chose AWS.
- If you followed the prerequisites earlier, you should already have added an IAM user, attached the Platform9 provided policy, and made a note of the Access Key ID and Secret Access Key. If you haven’t done that yet, please see above since you will need those to continue.
- Input a Cloud Provider Name. We named ours AWS.
- Input the Access Key ID and Secret Access Key in the appropriate boxes.
- Once done, click Next.
- You will see a screen testing cloud provider access. Once access has been validated, click Close.
- You are now presented with a screen to choose the following:
- An AWS region in which to deploy the cluster. We chose us-west-2.
- The Route53 domain name previously configured during the prerequisites section above.
- The EC2 keypair (SSH key), also previously configured.
- Once you’ve selected these, click Complete.
Creating the Cluster
The next steps will walk through creating a shared Kubernetes cluster for your team.
- In the upper left corner of the Platform9 UI, click Dashboard.
- Click Add Cluster.
- Next, select Amazon Web Services, then Advanced Cluster Setup.
- On the Create a Custom Cluster screen, input the following:
- Under Cluster Configuration, give your cluster a meaningful name.
- Select a cloud provider, which should be AWS if you configured it.
- Select a region. We chose us-west-2.
- Select the availability zones where you want your cluster deployed. We selected all AZs for this demo.
- Choose the SSH key which you should have already created.
- For Cluster Template, select Lg – 3 Masters + 5 Workers (t2.large).
- Note, if this is too large for your requirements, you can choose a different cluster template that works better for you. Learn more about test/POC vs production pre-requisites here.
g. Under Cluster Settings, choose the following values:
- Kubernetes Version: 1.19.6-pmk.1625.
- Check Use Route53 for Cluster Access.
- Leave unchecked Make Master nodes Master + Worker.
- Check Privileged Containers.
- Check Enable ETCD Backup.
- Check Monitoring.
- Leave unchecked Enable Auto Scaling.
h. Under ETCD Backup Configuration, accept the defaults and click Next.
- On the Networking screen, select the Route53 domain you should have created during the prerequisites earlier.You can leave all of the other settings at their defaults on this screen, and click Next.
6. On the Advanced Configuration screen, accept all the default settings and click Next.
- Review your settings, and click Complete.
- It will take a few minutes for the cluster to initialize. Once cluster creation is complete, in the left side of the UI, click Infrastructure and you will see your new cluster.
You will want to add users so they can view, and perform actions on your cluster.
- In the upper left corner of the UI, click Dashboard.
- Next, click Add User.
- Fill in the email and display name, and select Send activation email to the user.
- Click Next.
- Check the service box, then select the appropriate role for the user. In this case, we are adding another administrator, so that’s what we selected.
- Click Complete.
- Your new user will receive an email with the necessary information for them to log into the dashboard and start working with your cluster.
- At this point, you may wish to or roles. While we won’t cover that in-depth in this article, you can find more information in the Platform9 RBAC documentation.
Finally, to learn more about all the features available to you in Platform9 Managed Kubernetes, see the PMK main documentation that can walk you through all of the features.
For those seeking a turnkey, easy-to-setup solution, Platform9 Managed Kubernetes is an excellent playground for setting up shared Kubernetes clusters and takes minutes–versus hours or days–to get up and running.