kops-aws-install-demo.sh

git clone https://github.com/vfarcic/k8s-specs.git

cd k8s-specs

git pull

open "https://console.aws.amazon.com/iam/home#/security_credential"

export AWS_ACCESS_KEY_ID=[...]

export AWS_SECRET_ACCESS_KEY=[...]

export AWS_DEFAULT_REGION=us-east-2

aws iam create-group --group-name kops

aws iam attach-group-policy --group-name kops \
    --policy-arn arn:aws:iam::aws:policy/AmazonEC2FullAccess

aws iam attach-group-policy --group-name kops \
    --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess

aws iam attach-group-policy --group-name kops \
    --policy-arn arn:aws:iam::aws:policy/AmazonVPCFullAccess

aws iam attach-group-policy --group-name kops \
    --policy-arn arn:aws:iam::aws:policy/IAMFullAccess

aws iam create-user --user-name kops

aws iam add-user-to-group --user-name kops --group-name kops

aws iam create-access-key --user-name kops >kops-creds

cat kops-creds

export AWS_ACCESS_KEY_ID=$(cat kops-creds | \
    jq -r '.AccessKey.AccessKeyId')

export AWS_SECRET_ACCESS_KEY=$(cat kops-creds | \
    jq -r '.AccessKey.SecretAccessKey')

aws ec2 describe-availability-zones --region $AWS_DEFAULT_REGION

# If Windows, use `'\r'` instead `'\n'`
export ZONES=$(aws ec2 describe-availability-zones \
    --region $AWS_DEFAULT_REGION | jq -r \
    '.AvailabilityZones[].ZoneName' | tr '\n' ',' | tr -d ' ')

ZONES=${ZONES%?}

echo $ZONES

mkdir -p cluster

cd cluster

aws ec2 create-key-pair --key-name devops23 \
    | jq -r '.KeyMaterial' >devops23.pem

chmod 400 devops23.pem

ssh-keygen -y -f devops23.pem >devops23.pub

export NAME=devops23.k8s.local

export BUCKET_NAME=devops23-$(date +%s)

aws s3api create-bucket --bucket $BUCKET_NAME \
    --create-bucket-configuration \
    LocationConstraint=$AWS_DEFAULT_REGION

export KOPS_STATE_STORE=s3://$BUCKET_NAME

mkdir config

# Windows only
alias kops="docker run -it --rm \
    -v $PWD/devops23.pub:/devops23.pub \
    -v $PWD/config:/config \
    -e KUBECONFIG=/config/kubecfg.yaml \
    -e NAME=$NAME -e ZONES=$ZONES \
    -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \
    -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \
    -e KOPS_STATE_STORE=$KOPS_STATE_STORE \
    vfarcic/kops"

kops create cluster --name $NAME --master-count 3 --node-count 1 \
    --node-size t2.small --master-size t2.small --zones $ZONES \
    --master-zones $ZONES --ssh-public-key devops23.pub \
    --networking kubenet --kubernetes-version v1.8.4 --yes

# Windows only
kops export kubecfg --name ${NAME}

# Windows only
export KUBECONFIG=$PWD/config/kubecfg.yaml

kops get cluster

kubectl cluster-info

kops validate cluster

Getting an error:
aws ec2 describe-availability-zones --region $AWS_DEFAULT_REGION
An error occurred (UnauthorizedOperation) when calling the DescribeAvailabilityZones operation: Youare not authorized to perform this operation.

Resolved the following error by using the GUI:
Getting an error:
aws ec2 describe-availability-zones --region $AWS_DEFAULT_REGION
An error occurred (UnauthorizedOperation) when calling the DescribeAvailabilityZones operation: Youare not authorized to perform this operation.

Im getting on the kube dns pod "1 dns.go:174] Waiting for services and endpoints to be initialized from apiserver..." , tried this numerous times, new cluster, pod goes into CrashLoopBackOff

Make sure your KOPS version is up to date, error from kubedns was due to be using kops 1.7 to install k8s 1,.8

Shouldn't -e NAME=$NAME in kops alias be -e KOPS_CLUSTER_NAME=$NAME ?

I am trying to export the zones by this command:
export ZONES=$(aws ec2 describe-availability-zones
--region $AWS_DEFAULT_REGION | jq -r
'.AvailabilityZones[].ZoneName' | tr '\r ',' | tr -d ' ')

But didn't work, the output:
parse error: Invalid numeric literal at line 1, column 18

OS: Windows 10

Can you run the following and paste the output?

echo "aws ec2 describe-availability-zones --region $AWS_DEFAULT_REGION"

aws ec2 describe-availability-zones --region $AWS_DEFAULT_REGION

the output is:
aws ec2 describe-availability-zones --region us-east-2

AVAILABILITYZONES us-east-2 available use2-az1 us-east-2a
AVAILABILITYZONES us-east-2 available use2-az2 us-east-2b
AVAILABILITYZONES us-east-2 available use2-az3 us-east-2c

That's good. It means that aws works correctly that the region is properly defined. It also means that the issue is either with jq or with the tr command. I suspect the latter.

Few more tasks...

Does this work?

aws ec2 describe-availability-zones
--region $AWS_DEFAULT_REGION | jq -r
'.AvailabilityZones[].ZoneName'

The output should be the list of the zones separated by newlines. If that's the case, the tr command is what's failing.

Can you confirm that you're running the commands from GitBash? If you are not, please do. If you are, it seems that there is some incompatibility with how tr works "normally".

In any case, you can take the output of the previous command and manually assign the ZONES variable. All that tr does (in this case) is replacing newlines with commas and removing spaces.

For example, if the output of the previous command is:

zone-1
zone-2
zone-3

... the export command should be:

export ZONES=zone-1,zone-2,zone-3

If you construct it like that, you can continue with the examples.

P.S. I'm freak about automation and do my best to convert any manual action into executable commands/scripts. The command that is failing in your case retrieves the list of zones, reformats them, and assigns them to the variable ZONES. Arguably, that could be easier to do manually if it's something that will be executed only once.

P.P.S. Please let me know if things are not working correctly.

P.P.P.S. You might want to double-check what's the difference in the tr syntax on your machine or you might contribute with a better command that does the same thing on Windows :)