Kubernetes auf AWS

Transcript

1. Kubernetes auf AWS wie deploye ich meinen EKS Cluster richtig?

   Jonas Bechstein | @jobe93 Markus Zimmermann | @markus_zm

2. Containers on AWS

3. Containers on AWS Elastic Beanstalk Elastic Container Service Fargate Elastic

   Kubernetes Service

4. Containers on AWS Elastic Beanstalk Elastic Container Service Fargate Elastic

   Kubernetes Service

5. Kubernetes 101 https://medium.com/@tsuyoshiushio/kubernetes-in-three-diagrams-6aba8432541c

6. Kubernetes 101 https://medium.com/@tsuyoshiushio/kubernetes-in-three-diagrams-6aba8432541c

7. EKS Source: Instana

8. IAM Authentication apiVersion: v1 kind: ConfigMap metadata: name: aws-auth namespace:

   kube-system data: mapRoles: | - rolearn: worker-role username: system:node:{{EC2PrivateDNSName}} groups: - system:bootstrappers - system:nodes - rolearn: ci-role username: admin:{{SessionName}} groups: - system:masters - rolearn: ops-guy Username: admin:{{SessionName}} groups: - system:masters

9. Access to AWS services kube2iam IAM Roles for Service Accounts

10. Requirements

11. Networking

12. Master Plane

13. None
14. None
15. None

16. Worker Nodes

17. None

18. Automatic Deployments

19. None

20. AWS Cloudformation

21. None
22. None

23. Differences Cloudformation does not support all settings e.g. Logs, Private

    Networking eksctl separate tool - not really IaaS and isolated from Cloudformation Terraform multi-cloud compatible and most feature rich

24. Feature Comparison Cloudformation Terraform eksctl State management Cluster creation Add

    IAM user Auto scaling VPC Cluster config Cluster services upgrade Config Control plane logging

25. Non-functional Comparison Cloudformation Terraform eksctl Release velocity Deployment velocity Support

    API Stability Extendability

26. Self managed Node Groups vs managed Node Groups

27. Advantages Managed Nodegroups Easier creation Health monitoring through EKS API

    Node draining Upgrade cluster versions Rolling update Force update

28. No automatic patches No custom AMI - only Amazon Linux

    Can only change size of root volume No spot instances and one instance type per group No kubelet customization Disadvantages of Managed Nodegroups

29. Scaling Change DesiredSize and MaxSize of Managed Nodegroups Update Stack

    Can also use Cluster Autoscaler

30. Cluster Upgrades Update release version in managed nodegroup to upgrade

    cluster Change of value in config Use button in Console Update cluster services

31. Logging Multiple ways Fluentd to Cloudwatch Fluentd to ELK stack

    Managed Logging service e.g. Datadog

32. AppMesh

33. Recommendations Choose solution based on your current IaaS tooling Quick

    prototyping with eksctl Terraform most feature-rich for third-party services

34. Photo by Emily Morter on Unsplash

35. talks.cosee.biz blog.cosee.biz TechTalk am 27. Februar zum Thema: React und

    Firebase Romina Marsico | @romina_marsico [email protected]