Elastic Kubernetes Services (EKS)
- Refer Here for eksctl and Refer Here for installation
- Refer Here for schema of eksctl
- Ensure AWS CLI is installed and user is configured
- To store data in persistent volume ensure you have configured proper iam roles Refer Here
- Refer Here for helm charts
- Find helm charts for setting up
- storage classes
- use aws secrets manager mounting secrets
- AWS Service Integrations
- Network based resources
- Examples
- RDS
- EC2
- ECS
- either create the resources and eks in same network or create a peering connection (private)
- Examples
- Non network based resources
- Examples
- S3
- Dynamodb
- Create vpc endpoints
- Examples
- IAM Roles: Ensure you create necessary iam roles to k8s cluster
- Network based resources
- Refer Here for EKS cluster config
- Cluster Autoscaling: Increasing number of nodes
- AWS provides two options
- cluster autoscaler: is autoscaling (like asg)
- karpenter: it automatically increases number of nodes with fast provisioning Refer Here and Refer Here for steps
- AWS provides two options
- Backups:
- Refer Here for velero
- Refer Here velero with eks
- Upgrades:
Storing Secrets in K8s
- K8s secrets are just encoded values, so we need vaults
- Popular vaults
- Hashicorp vault
- aws secrets manager
- azure key vault
- All the secrets can be mounted with the help of
- CSI Driver
- SecretProvider
AKS
-
AKS Pricing Tier
-
Operations:
- Storage Classes and CSI Refer Here
- Azure Key Vault (Secrets) Refer Here
- Backup:
- Velero (Opensource tool)
- Refer Here for overview and Refer Here for backup natively
- Upgrades: Refer Here
- Integrations:
- Refer Here for Azure SQL
- Azure storage account Refer Here
Service Mesh
- Consider this architecture
- Refer Here for service mesh
- Features
- mTLS
- Circuit breaker
- Traffic Splitting
- A/B Testing
- Retry logic
- Fault injections
- Network Observability
- Tools
- Istio: installation (Refer Here) Custom Resources (Virtual Service, Destination Rules, Gateway)
- linkerd
- Istio: installation (Refer Here) Custom Resources (Virtual Service, Destination Rules, Gateway)
- Istio on Azure Refer Here and on AWS Refer Here
