Installing
Prerequisite
kubectl is required, see here.
macOS and Linux From Homebrew
brew update && brew install kops
The kops binary is also available via our releases.
GitHub Releases
Linux
curl -Lo kops https://github.com/kubernetes/kops/releases/download/$(curl -s https://api.github.com/repos/kubernetes/kops/releases/latest | grep tag_name | cut -d '"' -f 4)/kops-linux-amd64 chmod +x kops sudo mv kops /usr/local/bin/kops
macOS
curl -Lo kops https://github.com/kubernetes/kops/releases/download/$(curl -s https://api.github.com/repos/kubernetes/kops/releases/latest | grep tag_name | cut -d '"' -f 4)/kops-darwin-amd64 chmod +x kops sudo mv kops /usr/local/bin/kops
Windows
Get
kops-windows-amd64from our releases.Rename
kops-windows-amd64tokops.exeand store it in a preferred path.Make sure the path you chose is added to your
pathenvironment variable.
Setup your environment
AWS
In order to correctly prepare your AWS account for kops, we require you to install the AWS CLI tools, and have API credentials for an account that has the permissions to create a new IAM account for kops later in the guide.
Once you've installed the AWS CLI tools and have correctly setup your system to use the official AWS methods of registering security credentials as defined here we'll be ready to run kops, as it uses the Go AWS SDK.
Setup IAM user
In order to build clusters within AWS we'll create a dedicated IAM user for kops. This user requires API credentials in order to use kops. Create the user, and credentials, using the AWS console.
The kops user will require the following IAM permissions to function properly:
AmazonEC2FullAccess
AmazonRoute53FullAccess
AmazonSQSFullAccess
AmazonS3FullAccess
IAMFullAccess
AmazonVPCFullAccess
AmazonEventBridgeFullAccess
You can create the kOps IAM user from the command line using the following:
aws iam create-group --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonEC2FullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonRoute53FullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/IAMFullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonVPCFullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonSQSFullAccess --group-name kops
aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess --group-name kops
aws iam create-user --user-name kops
aws iam add-user-to-group --user-name kops --group-name kops
aws iam create-access-key --user-name kops
You should record the SecretAccessKey and AccessKeyID in the returned JSON output, and then use them below:
# configure the aws client to use your new IAM user
aws configure # Use your new access and secret key here
aws iam list-users # you should see a list of all your IAM users here
# Because "aws configure" doesn't export these vars for kops to use, we export them now
export AWS_ACCESS_KEY_ID=$(aws configure get aws_access_key_id)
export AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)
Kubernetes Cluster Installation
Please follow the steps carefully and read each command before executing.
Create S3 bucket for storing the KOPS objects.
aws s3api create-bucket --bucket kops-mys3bucketname-storage --region us-east-1
Create the cluster
kops create cluster --name=demok8scluster.k8s.local --state=s3://kops-mys3bucketname-storage --zones=us-east-1a --node-count=1 --node-size=t2.micro --master-size=t2.micro --master-volume-size=8 --node-volume-size=8
Important: Edit the configuration as there are multiple resources created which won't fall into the free tier.
kops edit cluster demok8scluster.k8s.local
Build the cluster
kops update cluster demok8scluster.k8s.local --yes --state=s3://kops-abhi-storage
This will take a few minutes to create............
After a few mins, run the below command to verify the cluster installation.
kops validate cluster demok8scluster.k8s.local