Kops is one of the most common Kubernetes provision tool. It is certified CNCF project. Kops officially supports AWS and has beta support for GCE and Openstack.
In this blog post, I will briefly discuss hidden gems of the kops that might be useful provisioning your Kubernetes cluster. It doesn't mean that no-one knows what I mentioned here, it means that it is very useful information but not very common.
Kops supports adding your custom scripts to instance groups. So you can install any tool, application before kops provisions the kubernetes.
spec: additionalUserData: - name: script.sh type: text/x-shellscript content: | #!/bin/sh echo "Hello World.
My use case for additionalUserData is assigning static ip to my instances. I have small script that assigns static ip when the machine starts so my kubernetes cluster nodes get assigned AWS Elastic IPs.
One of the great feature of Kubernetes is audit logs. So you can see what is going on in your cluster. You can log every action in your cluster and see what changes are applied. In Kops you can specify audit log file in cluster configuration as following:
spec: kubeAPIServer: auditLogPath: /var/log/kube-apiserver-audit.log auditLogMaxAge: 10 auditLogMaxBackups: 1 auditLogMaxSize: 100 auditPolicyFile: /srv/kubernetes/audit.yaml
It is possible to create instance group from spot instances. You can specify maxPrice in your instance group configuration.
spec: image: kope.io/k8s-1.8-debian-jessie-amd64-hvm-ebs-2018-02-08 machineType: t2.medium maxPrice: "0.20"
It is possible to define advanced spot instance configuration. You can find more info from here.
If you are using AWS then you can enable detailed monitoring for your instances. In Kops it can be enabled in instance groups.
spec: detailedInstanceMonitoring: true
You can see more information and pricing from here.
Starting from Kops 1.17, it is possible to specify kernel parameters.
apiVersion: kops.k8s.io/v1alpha2 kind: InstanceGroup metadata: name: nodes spec: sysctlParameters: - fs.pipe-user-pages-soft=524288 - net.ipv4.tcp_keepalive_time=200
It might be very simple command but Kops has validate command that validates the cluster and its health.
kops validate cluster
Cluster information can be dumped by:
kops toolbox dump
This blog post explained some of the useful features of the Kops. If you have other hidden gems please put a comment and I would be very happy update the blogpost with your name and make a collaborative work!