How to setup Kubernetes Master HA on AWS

To configure an HA master, you should follow the High Availability Kubernetes Cluster document, in particular making sure you have replicated storage across failure domains and a load balancer in front of your replicated apiservers.

Setting up HA controllers for kubernetes is not trivial and I can't provide all the details here but I'll outline what was successful for me.

1. Use kube-aws to set up a single-controller cluster: https://coreos.com/kubernetes/docs/latest/kubernetes-on-aws.html. This will create CloudFormation stack templates and cloud-config templates that you can use as a starting point.
2. Go the AWS CloudFormation Management Console, click the "Template" tab and copy out the complete stack configuration. Alternatively, use $ kube-aws up --export to generate the cloudformation stack file.
3. User the userdata cloud-config templates generated by kube-aws and replace the variables with actual values. This guide will help you determine what those values should be: https://coreos.com/kubernetes/docs/latest/getting-started.html. In my case I ended up with four cloud-configs:
   • cloud-config-controller-0
   • cloud-config-controller-1
   • cloud-config-controller-2
   • cloud-config-worker
4. Validate your new cloud-configs here: https://coreos.com/validate/

5. Insert your cloud-configs into the CloudFormation stack config. First compress and encode your cloud config:

   $ gzip -k cloud-config-controller-0$ cat cloud-config-controller-0.gz | base64 > cloud-config-controller-0.enc

   Now copy the content into your encoded cloud-config into the CloudFormation config. Look for the UserData key for the appropriate InstanceController. (I added additional InstanceController objects for the additional controllers.)

6. Update the stack at the AWS CloudFormation Management Console using your newly created CloudFormation config.

You will also need to generate TLS asssets: https://coreos.com/kubernetes/docs/latest/openssl.html. These assets will have to be compressed and encoded (same gzip and base64 as above), then inserted into your userdata cloud-configs.

When debugging on the server, journalctl is your friend:

$ journalctl -u oem-cloudinit  # to debug problems with your cloud-config$ journalctl -u etcd2$ journalctl -u kubelet

Hope that helps.

There is also kops project

From the project README:

Operate HA Kubernetes the Kubernetes Way

also:

We like to think of it as kubectl for clusters

Download the latest release, e.g.:

cd ~/optwget https://github.com/kubernetes/kops/releases/download/v1.4.1/kops-linux-amd64mv kops-linux-amd64 kopschmod +x kopsln -s ~/opt/kops ~/bin/kops

See kops usage, especially:

• kops create cluster
• kops update cluster

Assuming you already have s3://my-kops bucket and kops.example.com hosted zone.

Create configuration:

kops create cluster --state=s3://my-kops --cloud=aws \    --name=kops.example.com \    --dns-zone=kops.example.com \    --ssh-public-key=~/.ssh/my_rsa.pub \    --master-size=t2.medium \    --master-zones=eu-west-1a,eu-west-1b,eu-west-1c \    --network-cidr=10.0.0.0/22 \    --node-count=3 \    --node-size=t2.micro \    --zones=eu-west-1a,eu-west-1b,eu-west-1c

Edit configuration:

kops edit cluster --state=s3://my-kops

Export terraform scripts:

kops update cluster --state=s3://my-kops --name=kops.example.com --target=terraform

Apply changes directly:

kops update cluster --state=s3://my-kops --name=kops.example.com --yes

List cluster:

kops get cluster --state s3://my-kops

Delete cluster:

kops delete cluster --state s3://my-kops --name=kops.identityservice.co.uk --yes