what and why In a previous post, I walked through an infrastructure deployment of a Kubernetes stack to AWS.. I have come back to it a few times, attempting to clean up the documentation, clean up the process, and improving the accessibility of the overall project. This time, I wanted to modernize it to match the current major release of Kubernetes. But there were other reasons and by modernizing this, it would allow me to explore some interesting topics like NGINX ingress controllers, Prometheus, OAuth integration, Istio, Helm, and Kubernetes Operators.

Note - I have updated this for Kubernetes 1.7.x. Deploying Kubernetes, complete with an OpenVPN access point, a CFSSL x509 certificate generation service, and an internal Kubernetes cluster DNS, complete with a Weave CNI daemonset, and kube-dns, the Kubernetes internal DNS resolver. It is a two part process; first, using Terraform, it builds the AWS infrastructure, including VPC settings, IAM roles, security groups, instances, etc. Once the infrastructure is deployed, Ansible is then used to configure the system accordingly.