Self-managed Kubernetes in Amazon Web Services (AWS)

    Value

    Managing your own Kubernetes cluster (as opposed to using a managed-Kubernetes service like EKS), gives you the most flexibility in configuring Calico and Kubernetes. Calico combines flexible networking capabilities with “run-anywhere” security enforcement to provide a solution with native Linux kernel performance and true cloud-native scalability.

    Kubernetes Operations (kops) is a cluster management tool that handles provisioning cluster VMs and installing Kubernetes. It has built-in support for using Calico as the Kubernetes networking provider.

    Before you begin…

    There are many ways to install and manage Kubernetes in AWS. Using Kubernetes Operations (kops) is a good default choice for most people, as it gives you access to all of Calico’s . However, there are other options that may work better for your environment.

    To use kops to create a cluster with Calico networking and network policy:

    1. Install kops on your workstation.

    3. Be sure to and export its name:

    4. Configure kops to use Calico for networking.
      The easiest way to do this is to pass to kops when creating the cluster. For example:

      Or, you you can add to your cluster config. Run kops edit cluster and set the following networking configuration.

    The geeky details of what you get:

    You can further customize the Calico install with options listed in the kops documentation.

    Other options and tools

    Amazon VPC CNI plugin

    Set your kops cluster configuration to:

    Then install Calico for network policy only after the cluster is up and ready.

    The geeky details of what you get:

    PolicyIPAMCNIOverlayRoutingDatastore

    Kubespray

    Kubespray is a tool for provisioning and managing Kubernetes clusters with support for multiple clouds including Amazon Web Services. Calico is the default networking provider, or you can set the variable to . See the for more details.

    Next steps

    Required