DEV Community: Farhan Ahmed

Create basic cluster with Kubeadm on AWS EC2 Instance

Farhan Ahmed — Sat, 05 Jul 2025 10:11:00 +0000

Installing Kubernetes 1.31 and create a cluster using `kubeadm` (with Containerd and Calico CNI), here's for setting up a basic cluster (1 master + N workers):

🖥️ EC2 Instance Setup for Kubeadm

Follow these steps to launch and configure EC2 instances for setting up a Kubernetes cluster using kubeadm.

✅ Step 1: Launch EC2 Instances

Login to AWS Console
Navigate to EC2 > Instances > Launch Instance
Configure the instance as below:

| Setting | Value |
| ------------------ | -------------------------------- |
| Name | Kubernetes |
| OS | Ubuntu 24.04 LTS |
| Instance Type | t3.medium |
| Key Pair | Create or select an existing |
| Security Group | Create or select one (see below) |

🔐 Step 2: Create Security Group

Go to VPC > Security > Security Groups
Click Create Security Group
Configure like below:
- Security Group Name: kubernetes-security

🔽 Inbound Rules

Type	Protocol	Port Range	Source	Description
SSH	TCP	22	Anywhere (0.0.0.0/0)	For SSH access
All Traffic	All	All	Custom (your VPC CIDR)	Allow all communication between nodes

📝 Note: If you're testing, you can temporarily use Anywhere for "All Traffic" but limit it for production.

🔼 Outbound Rules

Type	Protocol	Port Range	Destination	Description
All Traffic	All	All	Anywhere (0.0.0.0/0)	Allow all outgoing traffic

🛠️ Step 3: Finalize Instance Launch

On the Launch Instance page, under Number of Instances of summary section, set it to 2

🔸 One will be used as Control Plane, the other as Worker Node

Select the kubernetes-security group you just created.
Use the same key pair for both instances.
Once the instances are launched, rename them for clarity:
- controlplane
- workernode

example:

Prerequisites for Using Kubeadm

Before using Kubeadm to initialize your Kubernetes cluster, ensure that the following requirements are available:

Operating System: Ubuntu, CentOS, or other Linux distributions (with a supported kernel version).
At least 2 GB of RAM for the master node.
At least 1 CPU (for both the master and worker nodes).

Connect both instances and walkthrough below detailed guide.

🚀 Setup Kubeadm on EC2 instances

Ensure these are done on all nodes (control plane and workers):

🧱 1. Update System Packages

sudo apt-get update
sudo apt-get upgrade -y

📦 2. Install Required Packages

sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common gnupg2

🔧 3. Disable Swap (Required for K8s)

sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

✅ Why? Kubernetes requires swap to be disabled for optimal memory management.

📦 4. Install and Configure `containerd`

sudo apt-get install -y containerd
sudo mkdir -p /etc/containerd
sudo containerd config default | sudo tee /etc/containerd/config.toml > /dev/null

Enable SystemdCgroup:

sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml

Restart and enable service:

sudo systemctl restart containerd
sudo systemctl enable containerd

📦 5. Add Kubernetes v1.31 APT Repository

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key |
sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

📦 6. Install Kubernetes Components

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

✅ apt-mark hold ensures these packages aren’t upgraded unintentionally.

🧠 7. Load Required Kernel Modules

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

sudo modprobe overlay
sudo modprobe br_netfilter

🌐 8. Configure Network Settings for Kubernetes

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF

sudo sysctl --system

[!NOTE] Kubernetes Setup Script
The above can be saved as kubernetes-setup.sh file.
You can run this on worker nodes to avoid redundancy.

🧭 Next Steps (Master Node)

1️⃣ Initialize Kubernetes Control Plane

sudo kubeadm init --pod-network-cidr=192.168.0.0/16 --apiserver-advertise-address=$PRIVATE_IP

2️⃣ Set up `kubectl` for your user

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

3️⃣ Install Calico CNI (For v1.31 Compatibility)

kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.28.1/manifests/custom-resources.yaml
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.28.1/manifests/calico.yaml

4️⃣ Check pods Status

kubectl get pods -A

5️⃣ Verify Kubernetes Cluster Status

kubectl get nodes

🧩 Join Worker Nodes

📍 1. Run the same setup script on all worker nodes.

[!NOTE]
Like mentioned above, once you create kubernetes-setup.sh file on worker node. Use below command to make script ready to run and use.

chmod +x kubernetes-setup.sh

./kubernetes-setup.sh

📍 2. On master node instance, get the join command:

kubeadm token create --print-join-command

📍 3. Run the join command on worker node

Copy paste the join command generated on MasterNode

sudo kubeadm join <master-ip>:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>

📍 4. Verify from Master

kubectl get nodes

[!Seperate instances for control plane and worker node]
If you're intend to have separate instance for control plane and workernode with separate security groups for your nodes make sure these ports are added as inbound rules.

🔐 AWS EC2 Security Group Settings

Ensure the following ports are open between your EC2 nodes:

Port	Purpose
6443	Kubernetes API Server
2379-2380	etcd
10250	Kubelet API
10251	kube-scheduler
10252	kube-controller-manager
179	Calico BGP

✅ Wrapping Up

That’s it!!! your kubeadm setup on EC2 is ready!

You now have a basic Kubernetes cluster with a control plane and a worker node. This setup is great for getting hands-on experience and understanding how Kubernetes works under the hood.

Feel free to explore more, try deploying apps, and break things to learn.

Thanks for following along. I really hope this guide helped! 🙌

🤝🏻 Stay Connected

If you find the content helpful, consider:

Following me on GitHub
Connecting on LinkedIn
Supporting my work if you find it valuable.

How I Deployed My Portfolio Using AWS S3 + CloudFront + Cloudflare (Free SSL & Email!)

Farhan Ahmed — Sun, 25 May 2025 04:00:00 +0000

Hey there! 👋 I am Farhan, and in this blog, I’ll walk you through how I deployed my personal portfolio website farhanahmed.pro using simple tools from AWS and Cloudflare.

This guide is beginner-friendly. If you're just starting out with web hosting and cloud stuff, you’re in the right place. Let’s go step by step. 🛠️

🌐 What This Project Is

What I wanted for my portfolio:

Fast and secure hosting
My own domain name
Free SSL (HTTPS)
Professional email like hello@farhanahmed.pro

So, I used:

AWS S3 to store my site files (HTML, CSS, JS, images)
AWS CloudFront to serve those files globally (CDN)
AWS ACM (certificate) for free HTTPS
Cloudflare for domain DNS + email routing

✈️ Steps Overview

Host your site files in an S3 bucket (private)
Set up CloudFront (to make the site fast and use HTTPS)
Use ACM (for free HTTPS certificate)
Set up Cloudflare (for DNS and custom email)
Point Cloudflare to AWS

📦 What Are These Tools (In Simple Terms)

🪣 S3 (Simple Storage Service)

Think of it as an online folder where you keep all your website files.
It’s secure and reliable. But by default, files are private.
You upload files like index.html, images, videos, and they stay there until someone requests them via a browser.

💡 Tip: If you're using React or any frontend framework, first run npm run build and upload the dist/ or build/ folder contents.

✅ Steps:

Go to AWS S3 Console
Create two buckets:
- yourdomain.com (main site)
- www.yourdomain.com (redirect bucket)
Go to the main domain bucket → farhanahmed.pro
Under Properties, scroll down
Enable Static Website Hosting
Upload your website files (index.html, images, CSS, etc.)

🚀 CloudFront (CDN)

CloudFront = Content Delivery Network (CDN)

Speeds up your website and protects your S3 bucket
Delivers your content fast anywhere in the world
Enables HTTPS via SSL certificate

🛡️ OAI = Origin Access Identity

Allows only CloudFront to fetch content from your private S3 bucket.

✅ Steps:

Go to CloudFront Console
Click Create Distribution
Choose origin as your main S3 bucket (not the www one)
For Origin Access, select Legacy Access Identity → Create new OAI
CloudFront will update S3 permissions automatically
Choose Redirect HTTP to HTTPS
Attach an ACM Certificate (next step 👇)

🔒 ACM (AWS Certificate Manager)

Provides the lock icon in browsers (HTTPS)
It's free when used with AWS
Boosts trust & security

✅ Steps:

Go to ACM Console
Choose us-east-1 region (Important!)
Click Request a certificate
Add:
- yourdomain.com
- *.yourdomain.com (Wildcard * lets you add subdomains in future)
Choose DNS Validation
Copy the CNAME records ACM gives
Paste them into Cloudflare DNS settings

Example DNS record for validation:

Type	Name	Target	Proxy
CNAME	`_xxxx.yourdomain.com`	`_yyy.acm-validation.aws`	Not Proxied

Wait for status to change to ✅ Issued

Go back to CloudFront and attach this certificate.

🌐 Setup DNS in Cloudflare

✅ Steps:

Go to your Cloudflare dashboard
Add 2 CNAME records like below:

Type	Name	Value	Proxy
CNAME	`@`	`your-cloudfront-domain.com`	Not Proxied
CNAME	`www`	`@`	Not Proxied

Set SSL/TLS to Full or Off (Let AWS handle HTTPS)

📧 Setup Free Email with Cloudflare

Want a professional email like hello@yourdomain.com?

✅ Steps:

Go to Email → Email Routing
Add sender address: hello@yourdomain.com
Set the destination as your personal Gmail (or any inbox)
Cloudflare gives you MX records
Copy-paste those into the DNS tab
Enable Catch-All to receive all mail

Now you’ll receive all emails to your personal inbox!

☁️ Bonus: Using Cloudflare with Domains Bought Elsewhere

Say you bought a domain from Namecheap:

Go to your domain settings
Under Nameservers, set it to Custom DNS
Add Cloudflare’s nameservers:
- xxx.ns.cloudflare.com
- yyy.ns.cloudflare.com
Save the settings

Cloudflare now manages your domain!

🎉 That’s a Wrap!

This was the full journey of hosting my website from scratch using:

✅ S3 for file storage
🚀 CloudFront for performance & HTTPS
🌐 Cloudflare for DNS and email routing

Thanks for reading 🙏

Drop by 👉 https://farhanahmed.pro and feel free to reach out.

Happy building! 💻✨

DEV Community: Farhan Ahmed

Create basic cluster with Kubeadm on AWS EC2 Instance

Installing Kubernetes 1.31 and create a cluster using kubeadm (with Containerd and Calico CNI), here's for setting up a basic cluster (1 master + N workers):

🖥️ EC2 Instance Setup for Kubeadm

✅ Step 1: Launch EC2 Instances

🔐 Step 2: Create Security Group

🔽 Inbound Rules

🔼 Outbound Rules

🛠️ Step 3: Finalize Instance Launch

Prerequisites for Using Kubeadm

🚀 Setup Kubeadm on EC2 instances

🧱 1. Update System Packages

📦 2. Install Required Packages

🔧 3. Disable Swap (Required for K8s)

📦 4. Install and Configure containerd

📦 5. Add Kubernetes v1.31 APT Repository

📦 6. Install Kubernetes Components

🧠 7. Load Required Kernel Modules

🌐 8. Configure Network Settings for Kubernetes

🧭 Next Steps (Master Node)

1️⃣ Initialize Kubernetes Control Plane

2️⃣ Set up kubectl for your user

3️⃣ Install Calico CNI (For v1.31 Compatibility)

4️⃣ Check pods Status

5️⃣ Verify Kubernetes Cluster Status

🧩 Join Worker Nodes

📍 1. Run the same setup script on all worker nodes.

📍 2. On master node instance, get the join command:

📍 3. Run the join command on worker node

📍 4. Verify from Master

🔐 AWS EC2 Security Group Settings

✅ Wrapping Up

🤝🏻 Stay Connected

How I Deployed My Portfolio Using AWS S3 + CloudFront + Cloudflare (Free SSL & Email!)

🌐 What This Project Is

✈️ Steps Overview

📦 What Are These Tools (In Simple Terms)

🪣 S3 (Simple Storage Service)

✅ Steps:

🚀 CloudFront (CDN)

🛡️ OAI = Origin Access Identity

✅ Steps:

🔒 ACM (AWS Certificate Manager)

✅ Steps:

🌐 Setup DNS in Cloudflare

✅ Steps:

📧 Setup Free Email with Cloudflare

✅ Steps:

☁️ Bonus: Using Cloudflare with Domains Bought Elsewhere

🎉 That’s a Wrap!

Installing Kubernetes 1.31 and create a cluster using `kubeadm` (with Containerd and Calico CNI), here's for setting up a basic cluster (1 master + N workers):

📦 4. Install and Configure `containerd`

2️⃣ Set up `kubectl` for your user