Kubernetes is a powerful container orchestration tool, but running a complete Kubernetes cluster on bare metal can be complex and resource-intensive. k3s, a lightweight Kubernetes distribution by Rancher Labs, simplifies this process while retaining most of Kubernetes’ powerful features. In this guide, we’ll walk you through deploying a four-node k3s cluster on AWS EC2 instances, launching a MySQL RDS instance on a private subnet, installing k3s on the cluster nodes, deploying a NodePort service to make the pods accessible, and configuring Nginx to route traffic to the pods.
Prerequisites
- AWS account with necessary permissions.
- Basic knowledge of AWS, Kubernetes, and networking concepts.
- AWS CLI and kubectl installed on your local machine.
Step 1: Set Up AWS EC2 Instances
1.1 Create EC2 Instances
- Bastion Host: A t2.micro instance in the public subnet.
- Master Node: A t2.medium instance in the private subnet.
- Worker Nodes: Three t2.small instances in the private subnet.
Ensure the Bastion Host has SSH access to the Master and Worker nodes.
1.2 Security Groups
- Bastion Host Security Group: Allow SSH (port 22) from your IP.
- Master and Worker Nodes Security Group: Allow SSH (port 22) from the Bastion Host and all traffic within the group.
Step 2: Launch a MySQL RDS Instance
Create a MySQL RDS instance in the same VPC and private subnet as your EC2 instances. Ensure that the necessary security group rules are followed to accept connections from the Bastion Host.
Step 3: Install k3s on Cluster Nodes
3.1 SSH into Bastion Host
ssh -i your-key.pem ec2-user@bastion-host-public-ip
3.2 SSH into Master and Worker Nodes from Bastion Host
ssh -i your-key.pem ec2-user@master-node-private-ip
ssh -i your-key.pem ec2-user@worker-node1-private-ip
ssh -i your-key.pem ec2-user@worker-node2-private-ip
ssh -i your-key.pem ec2-user@worker-node3-private-ip
3.3 Install k3s on Master Node
curl -sfL https://get.k3s.io | sh –
3.4 Install k3s on Worker Nodes
First, get the token from the Master Node:
cat /var/lib/rancher/k3s/server/node-token
Then, install k3s on each Worker Node:
curl -sfL https://get.k3s.io | K3S_URL=https://master-node-private-ip:6443 K3S_TOKEN=your-node-token sh –
Step 4: Deploy a NodePort Service
4.1 Create a Deployment
Create a deployment YAML file (e.g., deployment.yaml):
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
– name: my-app
image: your-docker-image
ports:
– containerPort: 80
Deploy the application:
kubectl apply -f deployment.yaml
4.2 Create a NodePort Service
Create a service YAML file (e.g., service.yaml):
apiVersion: v1
kind: Service
metadata:
name: my-app-service
spec:
type: NodePort
selector:
app: my-app
ports:
– port: 80
targetPort: 80
nodePort: 30007
Deploy the service:
kubectl apply -f service.yaml
Step 5: Configure Nginx to Route Traffic to Pods
5.1 Install Nginx on Bastion Host
sudo amazon-linux-extras install nginx1
sudo systemctl start nginx
sudo systemctl enable nginx
5.2 Configure Nginx
Edit the Nginx configuration file:
sudo vi /etc/nginx/nginx.conf
Add the following server block:
server {
listen 80;
location / {
proxy_pass http://worker-node1-private-ip:30007;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Restart Nginx:
sudo systemctl restart nginx
Conclusion
By following this guide, you’ve successfully deployed a four-node k3s Kubernetes cluster on AWS EC2 instances, launched a MySQL RDS instance, installed k3s on the cluster nodes, deployed a NodePort service to make the pods accessible, and configured Nginx to route traffic to the pods. This setup provides a lightweight yet powerful environment for running Kubernetes workloads on bare-metal infrastructure.
References
Using the K3s Kubernetes distribution in an Amazon EKS CI/CD pipeline