Professional Documents
Culture Documents
mini_project
mini_project
Date - 10/07/24
Objective :
This task involves using Terraform to provision the necessary AWS resources for a two-node
Kubernetes cluster(1 Control Plane and 1 Worker Node).
Scenario :
Your client requires a Kubernetes cluster deployed on AWS. This task focuses on the initial
infrastructure provisioning using Terraform. The DevOps team will handle the Kubernetes cluster
deployment itself.
Constraints :
- Use Terraform for provisioning the resources.
- Reference the official Kubernetes documentation for hardware recommendations for control
plane and worker nodes.
- Use Ubuntu 20.04 as a Operating System in your instances.
- Make Sure necessary port numbers are opened in the Security Group for the kubernetes cluster
to work.
Completion Criteria:
- Terraform configuration is created to define two EC2 instances for a Kubernetes cluster.
- The chosen instance types are appropriate based on Kubernetes recommendations and client
requirements.
- The Terraform code is applied, and two EC2 instances are provisioned in your AWS account with
the selected AMI and security group configurations.
Solution :
1 . Make sure you have any cli of linux .
And Configure aws with accesss key and secreat key and region name .
make sure you have made user in aws with appropriate access .
4 . Then make main.tf file for creating the resources on the aws like instance , vpc ,
security group ,etc.
provider "aws" {
region = "us-west-2"
variable "aws_region" {
default = "us-west-2"
variable "instance_type" {
default = "t2.medium"
variable "key_name" {
name = "/aws/service/canonical/ubuntu/server/20.04/stable/current/amd64/hvm/ebs-gp2/ami-id"
}
cidr_block = "10.0.0.0/16"
vpc_id = aws_vpc.main.id
vpc_id = aws_vpc.main.id
cidr_block = "10.0.1.0/24"
map_public_ip_on_launch = true
vpc_id = aws_vpc.main.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.main.id
subnet_id = aws_subnet.public_subnet.id
route_table_id = aws_route_table.public.id
vpc_id = aws_vpc.main.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ingress {
from_port = 6443
to_port = 6443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 2379
to_port = 2380
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ingress {
from_port = 10250
to_port = 10252
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ingress {
from_port = 30000
to_port = 32767
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
egress {
from_port = 0
to_port =0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
ami = data.aws_ssm_parameter.ubuntu_ami.value
instance_type = var.instance_type
subnet_id = aws_subnet.public_subnet.id
key_name = var.key_name
vpc_security_group_ids = [aws_security_group.k8s_cluster.id]
tags = {
Name = "K8s-Master"
ami = data.aws_ssm_parameter.ubuntu_ami.value
instance_type = var.instance_type
subnet_id = aws_subnet.public_subnet.id
key_name = var.key_name
vpc_security_group_ids = [aws_security_group.k8s_cluster.id]
tags = {
Name = "K8s-Worker"
vi k8s.sh
sudo vi /etc/containerd/config.toml
Enable_plugins = [“containerd”]
sudo systemctl restart docker
sudo systemctl restart containerd
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes
12 . make sure that your all system pods are up and running .
1 . Open the worker node and Install k8s.sh script here , as same like Master
node .
-----------On worker node (Instance 1)------------------------------
sudo vi /etc/containerd/config.toml
Enable_plugins = [“containerd”]
sudo systemctl restart docker
sudo systemctl restart containerd
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
12 . copy the joining the token and paste it on worker node (instance 2 )
13 . Then check the nodes on master that worker node is connected or not by
following command .