DevOps Classroom notes 11/Feb/2024

Upgrading k8s Clusters – Manually kubeadm

• Process
  
• Refer Here for backing up etcd
• Refer Here for cordon, drain, upgrade, uncordon
• Restore in the cases of failure Refer Here

Managed K8s Clusters – AKS

• Refer Here for AKS SKUs
• Features:
  • Networking:
    • CNI Support
      • Azure AKS CNI
      • kubenet
      • cilium
      • Bring your own CNI
    • Vnet integrations
    • DNS:
      • CORE DNS (Integration)
    • Ingress
      • Nginx
      • azure application gateway
    • Load Balancing
  • Storage:
    • Storage Classes:
      • azure disk
      • azure file share
      • azure netapp etc
    • Automatic snapshots
  • Automatic Upgrades
  • Autoscaling
    • Cluster Autoscaling with vmss
    • Keda autoscaling
  • Monitoring
    • Integrated with Azure Monitor
    • Integrate with Prometheus and Grafana
  • Authentication & Authorization
    • Microsoft Entra (Azure AD)

Managed K8s Clusters – EKS

• Features:
  • Networking
    • CNI:
      • VPC – CNI
      • Refer Here other compatible CNI’s
    • VPC integrated
    • DNS
    • Ingress: Application Load Balancer Refer Here
  • Storage:
    • Refer Here for CSI Drivers
  • Refer Here for upgrades
  • Autoscaling
    • Cluster Autoscaling with autoscaling groups
    • Karpenter
  • Monitoring
    • Native Prometheus
    • Cloud Watch
  • Autentication and Authorization
    • EKS API => to integrate IAM Users
    • ConfigMap => to integrate IAM Users

Annotations

• Annotations are also name value pairs like labels with a different purpose,
• Annotations are used
  • to interact with tooling
  • change behaviours
• Refer Here for annotations of aks ingress and Refer Here for annotations on eks load balancer

AKS Cluster Cluster

• Lets create a standard cluster

az aks create --resource-group myResourceGroup --name myAKSCluster --enable-managed-identity --node-count 2 --generate-ssh-keys --tier standard

EKS Cluster

• Refer Here for eksctl
• EKSCTL Cluster config

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: basic-cluster
  region: us-west-2

nodeGroups:
  - name: ng-1
    instanceType: t2.large
    desiredCapacity: 2

Ingress

• Services expose the ports of certain pods grouped by labels using
  • cluster ip (internal k8s cluster)
  • node port
  • load balancer
  • external name
• In K8s to perform layer 7 loadbalancing we need
  • ingress:
    • rules to perform routing (path or name)
  • ingress controller
    • This actually does routing
    • we need to add this to k8s cluster
    • Refer Here for list of ingress controllers
• Azure AKS Ingress controller Refer Here
• Refer Here for offical docs of ingress
• Ingress example