Furthermore, as you can see in the previous section, the last few logs of kops cluster creation shows that the environment of the client is also ready. It means that kops helps to bind the API server to our host securely as well. We may use the kubectl command like we were in Kubernetes master. What we need to do is install kubectl manually. It would be as simple as installing kops; just download the binary file:
// install kubectl on local
$ curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
$ chmod +x kubectl
$ sudo mv kubectl /usr/local/bin/
// check the nodes in cluster on AWS
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
ip-10-0-39-216.ec2.internal Ready master 2m v1.8.7
ip-10-0-40-26.ec2.internal Ready node 31s v1.8.7
ip-10-0-50-147.ec2.internal Ready node 33s v1.8.7
However, you can still access the nodes in the cluster. Since the cluster is set down in a private network, we will require to login to the bastion server first, and jump to the nodes for the next:
//add private key to ssh authentication agent
$ ssh-add ~/.ssh/id_rsa
//use your private key with flag ā-iā
//we avoid it since the private key is in default location, ~/.ssh/id_rsa
//also use -A option to forward an authentication agent
$ ssh -A [email protected]
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Apr 8 19:37:31 2018 from 10.0.2.167
// access the master node with its private IP
admin@ip-10-0-0-70:~$ ssh 10.0.39.216
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Apr 8 19:36:22 2018 from 10.0.0.70
admin@ip-10-0-39-216:~$