Deploy a Production‑Ready Kubernetes Cluster on AWS with Kops

kops provides one of the simplest ways to set up a Kubernetes cluster on AWS, making it ideal for training classes or quick test environments.

Route53 DNS configuration

Register a domain (or use an existing one) and create a sub‑domain in AWS Route53, e.g., k8s.devopscoach.org. Ensure the sub‑domain resolves publicly (e.g., dig NS k8s.devopscoach.org) so that kops can automatically add the required A records.

Tool preparation

Launch a small Amazon AMI instance (e.g., t2.micro) in the target region and attach an IAM role with the following policies:

AmazonEC2FullAccess

AmazonRoute53FullAccess

AmazonS3FullAccess

IAMFullAccess

AmazonVPCFullAccess

On the instance, install kubectl and kops:

curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
sudo chmod +x kubectl
sudo mv kubectl /usr/local/bin/kubectl

wget https://github.com/kubernetes/kops/releases/download/1.8.0/kops-linux-amd64
sudo chmod +x kops-linux-amd64
sudo mv kops-linux-amd64 /usr/local/bin/kops

SSH key generation

Create an SSH key pair for accessing the EC2 instances:

ssh-keygen

Create an S3 bucket for the state store

The bucket holds the cluster configuration. Create it and export the path:

aws s3 mb s3://clusters.k8s.devopscoach.org
export KOPS_STATE_STORE=s3://clusters.k8s.devopscoach.org

Create the Kubernetes cluster

Run the following command (replace parameters as needed):

kops create cluster --cloud=aws --zones=ap-northeast-1a --name=dev.k8s.devopscoach.org --dns-zone=k8s.devopscoach.org --dns public

Review the preview, then apply the changes:

kops update cluster dev.k8s.devopscoach.org --yes

The update process creates VPCs, IAM profiles, certificates, and DNS records. After completion, kops sets the kubectl context to the new cluster.

Validate the cluster

kops validate cluster
kubectl get nodes --show-labels

The output shows one master (m3.medium) and two worker nodes (t2.medium) all in Ready state.

Deploy and expose a sample service

kubectl run sample-nginx --image=nginx --replicas=2 --port=80
kubectl expose deployment sample-nginx --port=80 --type=LoadBalancer

The LoadBalancer type creates an ELB; the service becomes reachable via the ELB DNS name.

Delete the cluster

kops delete cluster --name=dev.k8s.devopscoach.org --yes

Advanced usage – high‑availability architecture

kops also supports creating HA clusters with multiple master and worker Auto Scaling Groups. The following diagram illustrates a typical HA setup.

For further details, refer to the official kops documentation and the AWS blog posts linked in the original article.