How to deploy Kubernetes cluster on AWS using KOPS

Kubernetes is an open source, container orchestration platform. Applications packaged as Docker images can be easily deployed, scaled, and managed in a Kubernetes cluster.

In this blog post, I will take you through how we can deploy Kubernetes cluster on AWS using KOPS.

Prerequisites :

  • Prepare the client vm
  • Prepare AWS environment

Prepare the client vm

I am using Ubuntu Server 18.04 as my client vm where I will be installing Kubectl, AWS cli and KOPS cli

Step 1: Install Kubectl

First step in preparing the client vm is to install Kubectl. Kubectl is a command-line tool that helps us to interact with the Kubernetes cluster.

Run the below steps to install Kubectl in the Ubuntu client vm.

curl -LO$(curl -s  

 chmod +x ./kubectl   

 sudo mv ./kubectl /usr/local/bin/kubectl 

Step 2: Install AWS-Cli

Next step is to install AWS-cli. The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. The easiest way to install aws-cli is to use pip in a virtual environment.

Run the below commands to install AWS-Cli tool in the client vm.

sudo apt install python-pip

pip install awscli

export PATH=$PATH:~/.local/bin

Note: You can run aws help and confirm the installation has completed successfully. For AWS Cli command reference, please refer

Step 3: Install KOPS Cli

KOPS is a command-line tool that helps us to create, destroy, upgrade and maintain production-grade, highly available, Kubernetes clusters. Currently it is only supported by AWS.

Run the below commands to install KOPS.

curl -Lo kops$(curl -s | grep tag_name | cut -d '"' -f 4)/kops-linux-amd64

chmod +x ./kops

sudo mv ./kops /usr/local/bin/

Note: You can run kops and confirm the installation has completed successfully.

Prepare AWS environment

Step 1: Create IAM user

To create a new user, Login to AWS console > IAM > Users > Add user. The kops IAM user requires the following IAM permissions to function properly.

  • AmazonEC2FullAccess
  • AmazonRoute53FullAccess
  • AmazonS3FullAccess
  • IAMFullAccess
  • AmazonVPCFullAccess

Note: Make a note of AWS Access Key ID and the AWS Secret Access Key. You need this while you configure AWS in the next step

Step 2: AWS Configure

Run aws configure from the Client machine where you have installed AWS cli. Update the below information to configure.

  • AWS Access Key ID
  • AWS Secret Access Key
  • Default region name
  • Default output format

Note: You can run ‘aws ec2 describe-regions‘ from the client machine to get all the region information

Step 3: Configure Route 53 Domain

The next step is to configure a DNS for Kubernetes. Kubernetes makes use of the DNS for discovery within the cluster so that you can reach out kubernetes-API-server from client machines. We will now create a Hosted Private zone.

Run the below commands to create a hosted zone in the AWS Route 53

aws route53 create-hosted-zone --name <The name of the domain> --caller-reference <A unique string that identifies the request> --hosted-zone-config PrivateZone=true --vpc VPCRegion=<VPC region>, VPCId=<vpc-XXXXXXXX>
For Eg: aws route53 create-hosted-zone --name --caller-reference 2019-08-05-07:15 --hosted-zone-config PrivateZone=true --vpc VPCRegion=us-east-2,VPCId=vpc-0be40060

Step 4: Create a S3 bucket

In the next step, we will create a Amazon S3 bucket for storing the Kubernetes cluster configurations. We can create the S3 bucket by logging into the Amazon console > services > Storage > S3 > Create bucket.

You can also create the S3 bucket by running the below command.

aws s3 mb s3://<mybucket> 

For Eg: aws s3 mb s3://

Note: You can specify –region <Region-Name> so that it creates a bucket in a region specified by the --region parameter

Run the below command to create an environment variable that KOPS uses during cluster creating. This makes sure that KOPS uses the right storage.

export KOPS_STATE_STORE=s3://

Creating Kubernetes cluster

Step 1: Create Kubernetes cluster configuration

Before starting, run ssh-keygen command and generate SSH keys or it will throw out an error

kops create cluster --cloud=aws --zones=us-east-2a --dns private
  • –cloud > Cloud provider to use
  • –zones > Zones in which to run the cluster
  • –name > Name of the cluster
  • –dns-zone > DNS hosted zone to use
  • –dns > DNS hosted zone public|private

For more options, please review

Note: Run aws ec2 describe-availability-zones --region us-east-2 command to get the zones in the region

Step 2: Configure Kubernetes cluster

Run the kops update cluster command to configure the Kubernetes cluster

kops update cluster --name --yes

Your Kubernetes cluster is now getting started. You can run kops validate cluster command to check the status

Login to your AWS console and you will see the master and worker nodes created as EC2 instances as below.

Review the Amazon S3 bucket you created. You will see the kubernetes files there.

You can now run kubectl and start working on your Kubernetes cluster

Have you noticed the version of Kubernetes nodes running is 1.12.8. How do we upgrade the Kubernetes version?

To know more about how to upgrade the Kubernetes cluster, review how-to-upgrade-kubernetes-cluster-on-aws-using-kops

Comments are closed.

Create a website or blog at

Up ↑

%d bloggers like this: