You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Choose a region which has the following services available: EC2, EFS, VPS, CloudFormation, KMS, VPC, S3.
51
+
In this tutorial, we use "Oregon(us-west-2)" as example.
52
+
46
53
### Create AWS Account and IAM Account
47
54
48
55
Under each AWS account, we can create multiple [IAM](http://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html) users. This allows us to grant some privileges to each IAM user and to create/operate AWS clusters as an IAM user.
@@ -73,7 +80,8 @@ Please be aware that this tutorial needs the following privileges for the user i
73
80
#### kube-aws
74
81
75
82
[kube-aws](https://github.com/coreos/kube-aws) is a CLI tool to automate cluster deployment to AWS.
76
-
83
+
##### Verify kube-aws integrity
84
+
Note: if you are using a non-official release (e.g RC release) kube-aws, you can skip this setp.
@@ -241,22 +249,23 @@ Paste into following inline policies:
241
249
]
242
250
}
243
251
```
244
-
252
+
`Version` : Its value has to be exactly "2012-10-17".
245
253
`AWS_ACCOUNT_ID`: You can get it from following command line:
246
254
247
255
```
248
256
aws sts get-caller-identity --output text --query Account
249
257
```
250
258
251
-
`MY_CLUSTER_NAME`: Pick a MY_CLUSTER_NAME that you like, you will use it later as well.
259
+
`MY_CLUSTER_NAME`: Pick a MY_CLUSTER_NAME that you like, you will use it later as well.
260
+
Please note, stack name must satisfy regular expression pattern: [a-zA-Z][-a-zA-Z0-9*]*, which means no "_" or "-" in stack name, or kube-aws will throw error in later steps.
252
261
253
262
#### External DNS name
254
263
255
264
When the cluster is created, the controller will expose the TLS-secured API on a DNS name.
256
265
257
266
DNS name should have a CNAME points to cluster DNS name or an A record points to the cluster IP address.
258
267
259
-
We will need to use DNS name later in tutorial.
268
+
We will need to use DNS name later in tutorial. If you don't already own one, you can choose any DNS name (e.g., `paddle`) and modify `/etc/hosts` to associate cluster IP with that DNS name for your local machine. And add name service (route53) in aws to associate the IP to paddle for cluster. We will find the cluster IP in later steps.
260
269
261
270
#### S3 bucket
262
271
@@ -364,6 +373,26 @@ paddle-cl-ElbAPISe-EEOI3EZPR86C-531251350.us-west-2.elb.amazonaws.com. 59 IN A 5
364
373
365
374
In the above output, both ip `54.241.164.52`, `54.67.102.112` will work.
366
375
376
+
*If you own a DNS name*, set the A record to any of the above ip. Then you can skip to the step "Access the cluster".
377
+
378
+
*If you do not own a DNS name*:
379
+
##### Update local DNS association
380
+
Edit `/etc/hosts` to associate above ip with the DNS name.
381
+
##### Add Route53 private name service in VPC
382
+
- Open [Route53 Console](https://console.aws.amazon.com/route53/home)
383
+
- Create hosted zone with following config
384
+
- Domain name: "paddle"
385
+
- Type: "Private hosted zone for amazon VPC"
386
+
- VPC ID: <YourVPCID>
387
+
- Add A record
388
+
- Click on the zone "paddle" just created
389
+
- Click the button "Create record set"
390
+
- Name : leave blank
391
+
- type: "A"
392
+
- Value: <kube-controllerec2privateip>
393
+
- Verify name service
394
+
- Connect to any instance created by kube-aws via ssh
395
+
- Run command "host paddle", see if the ip returned is the private ip of kube-controller
0 commit comments