Kubernetes Bare Metal Cluster on AWS with Terraform Infrastructure as Code

The aim of this tutorial is to deploy a functional self-managed Kubernetes cluster on AWS using EC2, install and setup an Ingress controller(HA-Proxy) and run a sample app that will be accessed via public internet on your browser. The infrastructure is automated using Terraform and the cluster setup using Kubespray. Nginx web server will be used as the LoadBalancer running on EC2.

You will learn how to setup a BareMetal cluster securely on AWS and how to limit access to the environment. The tutorial will give you more of a starting place on which you can build to create a production ready cluster while observing the good security practices.

We will walk through all the steps from setup to running the demo application and accessing it on the browser. During my learning journey as a Kubernetes Administrator, I found it hard to get a full tutorial that explained this steps fully, that is why I am sharing this to help any learner out there who may be on the Kubernetes learning journey.

You can find shared snippets of the parts of this tutorial that had longer code portions here: https://gist.github.com/briancollins081/e43e1bf9213a78c7b869443eb0450205

Get the full blog post of the same here:

Chapters:
0:00 Introduction, requirements and the roadmap.
2:34 Preparing AWS account user and policies.
8:20 DNS Configuration – Route53 Hostedzone.
11:57 Configure AWS Credentials and Terraform backend on S3.
15:17 Initialising Terraform setup.
21:27 IaC setup the EC2 module.
32:22 IaC setup EC2 Instance Connect Endpoint module.
41:46 IaC setup IAM user module.
44:10 IaC setup Security Group module.
48:54 IaC sub-modules overview.
50:42 Git: Generating .gitignore file for Terraform.
51:21 Main module – setup the main module variables.
59:23 Configure VPC module code.
1:01:55 Adding security groups code.
1:16:48 Adding IAM user code.
1:18:34 Adding the Bastion Host code.
1:24:06 Adding Master Nodes code.
1:27:25 Adding Worker Nodes code.
1:28:08 Adding Nginx Load Balancer code.
1:41:01 Adding EC2 Instance Connect endpoint.
1:42:37 Generating PEM format SSH Keys.
1:43:57 Debugging local variables and scripts.
1:44:30 Running the Terraform IaC setup.
1:52:07 Debug IAM Permissions Error.
1:55:26 Continue Running Terraform setup.
1:56:36 Add outputs and save project outputs for reference.
2:00:00 Debug LoadBalancer userdata script.
2:11:32 Fixing EC2 Instance Connect configuration.
2:17:40 Setup Kubespray Inventory
2:24:48 Deploying the cluster using Kubespray.
2:29:54 Confirm Kubernetes installation.
2:31:40 Setting up the HA-Proxy ingress controller using Helm.
2:39:33 First demo application.
2:44:39 Second demo using EC2 Instance connect endpoint.
2:51:01 Conclusions and remarks.