Scenario:

You have create VPC, subnets (private and public), Route53, Security groups etc. Now you want to create kubernetes cluster in this VPC. Using kops you can easily do that.

Solution:

Use the kops statement and pass the information into it. This will create cluster.yaml to show all the resources kops will create in VPC. That way you can make sure that nothing unwanted is created or assigned. Once satisfied with the cluster.yaml, you can execute kops command without dry-run option.

kops create cluster \
   --name="<replace with clustername>" \
   --cloud-labels="Product=<productname>" \
   --cloud="aws" \
   --network-cidr="<CIDR range> \
   --networking="weave" \
   --master-zones="<replace with zones for master>" \
   --zones="<replace with availability zones>" \
   --master-size="t2.medium" \
   --master-count="3" \
   --node-size="t2.large" \
   --node-count="3" \
   --ssh-public-key=<public key for master,node,bastion> \
   --state="s3://<s3 bucket name for state>" \
   --topology="private" \
   --api-loadbalancer-type="internal" \
   --kubernetes-version="<cluster version>" \
   --ssh-access="<IP range to allow ssh access>" \
   --subnets="<replace private subnet IDs>" \
   --dns-zone="<route53 dns zone>" \
   --bastion="true" \
   --master-security-groups="<replace existing SG Id for Master>" \
   --node-security-groups="<replace existing SG Id for Node>" \
   --utility-subnets="<replace public subnet IDs for bastion>" \
   --vpc="<replace VPC Id>" \
   --dns="private" \
   --dry-run -o yaml > cluster.yaml

 

It will look something like below after replacing values

   kops create cluster \
   --name="test.demo.local" \
   --cloud-labels="Product=test-cloud" \
   --cloud="aws" \
   --network-cidr="10.10.10.0/21" \
   --networking="weave" \
   --master-zones="ap-southeast-2a,ap-southeast-2b,ap-southeast-2c" \
   --zones="ap-southeast-2a,ap-southeast-2b,ap-southeast-2c" \
   --master-size="t2.medium" \
   --master-count="3" \
   --node-size="t2.large" \
   --node-count="3" \
   --ssh-public-key=~/.ssh/key.pub \
   --state="s3://kops.test.demo" \
   --topology="private" \
   --api-loadbalancer-type="internal" \
   --kubernetes-version="1.17.10" \
   --ssh-access="10.10.0.0/16" \
   --subnets="subnet-0ced12342,subnet-036dw235fwr32,subnet-0w54fgrgt45232" \
   --dns-zone="Z02R4EFDSTFDWERWFF" \
   --bastion="true" \
   --master-security-groups="sg-3fd5543fevd5rve" \
   --node-security-groups="sg-023frt5dfsthtb" \
   --utility-subnets="subnet-09infdsjtr2fdf5fe,subnet-43sf54dfsafwe43rg,subnet-04ft4vfdgbthrhgv" \
   --vpc="vpc-03rrtgvtr5525tfvdfv" \
   --dns="private" \
   --dry-run -o yaml > cluster.yaml

After verifying the cluster.yaml, remove the –dry-run option and execute the kops statement.