Elastic Kubernetes Services (EKS)
eksctl
- eksctl is a cli tool developed by Weaveworks & is easiest way to deploy all components needed to run EKS
- Refer Here for official site of eksctl
- eksctl defaults to creating a cluster with following default paramters
- An autogenerated cluster name
- Two m5.large worker nodes
- Use of official AWS EKS AMI
us-west-2defaul region- dedicated vpc
- Network information
- dedicated vpc
192.168.0.0/16with three private, three public subnets - NAT Gateway & Internet gateway to enable acess needed for container images & communication to AWS S3 and ECR API
- Two security groups are setup for eks cluster
- Ingress internode group SG: Allows nodes to communicate with each other on all ports
- Control Plane security group: Allows communication between the control plane and worker node groups
- dedicated vpc
- One node group containing two m5.large nodes is default, but how many pods can that node run? AWS has a formula based on the node type and number of interfaces and Ip Adddresses it supports.
((Number of network interfaces for the instance type) * (Number of Ip Addresses per network interface -1)) + 2 - m5 large can support a maximum of 29 pods
AWS VPC CNI
- This is an open source implementation of CNI built for AWS
- This includes native AWS Services like VPC Flow logs, VPC routing policies, security groups for network traffic isolation
- Refer Here for VPC CNI
- Two components of VPC CNI
- CNI Plugin: responsible for host and pod’s network stack
- ipamd: IPAM dameon responsible for maintaining warm pool of available IP addresses and assign and IP to pod
- refer class room video for demonstration of the above
