How to use kops to create a Kubernetes cluster on AWS without the usage of the ELB service?

1/11/2019

I'm just learning Kubernetes and I'd like to avoid spending money on Elastic Load Balancing while running it on AWS.

Here's the command I use to install Kubernetes:

kops create cluster \
    --cloud aws \
    --name ${MY_KUBE_NAME}.k8s.local \
    --state s3://${MY_KUBE_NAME} \
    --master-count 1 \
    --master-size ${MY_KUBE_MASTER_AWS_INSTANCE_SIZE} \
    --master-volume-size ${MY_KUBE_MASTER_AWS_VOLUME_SIZE} \
    --master-zones ${MY_KUBE_AWS_ZONE} \
    --zones ${MY_KUBE_AWS_ZONE} \
    --node-count 1 \
    --node-size ${MY_KUBE_WORKER_AWS_INSTANCE_SIZE} \
    --node-volume-size ${MY_KUBE_WORKER_AWS_VOLUME_SIZE}

After running that command I can see a load balancer gets created through Amazon's ELB service.

Generally, that all worked well for me and then I could use kubectl to monitor and manage my cluster and also install Kubernetes Dashboard with its help. But one thing I don't like is that kops makes use of ELB. That was ok in the beginning and I used the URL provided by the load balancer to access the dashboard. Now I believe I can avoid using ELB to cut down my expenses on AWS. Could you please tell me how I can use kops create cluster without any ELB but still be able to connect to my cluster and dashboard from my local machine?

-- Susha
amazon-web-services
kops
kubernetes

1 Answer

1/11/2019

The LB is needed to talk to the kube-apiserver which runs on the master. You can bypass that by deleting the ELB from the AWS console and modifying your configs to talk directly to the public or private IP of your master. You might have to re-issue your certificates on the master so that you can talk to the new IP address. Kops creates an ELB because that's more a standard 'production' ready type of practice and also it's compatible if you have more than one master. In other words, it's still recommended to have that ELB.

As far as the dashboard, generally, the dashboard is exposed as a Kubernetes LoadBalancer Service in AWS that creates an ELB. You can simply delete the service and the load balancer should be deleted.

$ kubectl delete svc <your-dashboard-svc>

Now if you want to avoid creating a load balancer on a service you just create a service with a ClusterIP or a NodePort. Then you can access your service using something like kubectl proxy.

-- Rico
Source: StackOverflow