Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes(AWS))

Kyle Bai
January 08, 2020
Technology
0
64

Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes(AWS))

How does AMIS build self-hosted Kubernetes on AWS, and use Fargate for EKS.

Kyle Bai

January 08, 2020
Tweet

More Decks by Kyle Bai

See All by Kyle Bai
讓 Jenkins 老爺爺掌舵帶領開發者航向美好新世界
kairen
1
130
AWS Startup 2020 - AMIS
kairen
0
38
學習 Kubernetes 不是為了成為 YAML Engineer
kairen
0
230
How to make your container:Kubernetes is a bit more secure
kairen
0
130
Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes
kairen
0
43
Chatbot as a Service on Container(Kubernetes)
kairen
0
770
IT IRONMAN 2020
kairen
0
49
Advanced Kubernetes For UMC
kairen
0
110
Practical Kubernetes For UMC
kairen
0
51

Other Decks in Technology

See All in Technology
Pedestrian-Centric大規模交通安全映像解析向けWoven Traffic Safety (WTS) データセットの紹介
kbuster
0
140
元インフラエンジニアに成る / Human Resources to Human Relations
bobtani
1
280
Tebiki株式会社 エンジニア採用資料
tebiki
0
4k
Data and AI Governance: Existing Challenges and Emerging Trends
scotthsieh825
0
140
Databricksを活用してDELISH KITCHENのレシピレコメンドを開発した話
furu8
0
240
Let's get started with Ruby && Rails Tips
sinsoku
0
190
コンパウンドスタートアップのためのスケーラブルでセキュアなInfrastructure as Codeパイプラインを考える / Scalable and Secure Infrastructure as Code Pipeline for a Compound Startup
yuyatakeyama
3
1.7k
SPI原点回帰論:事業課題とFour Keysの結節点を見出す実践的ソフトウェアプロセス改善 / DevOpsDays Tokyo 2024
visional_engineering_and_design
4
1.1k
エンタープライズ環境下での Active Directory の運用 TIPS
tamaiyutaro
1
1.4k
OpenShiftはじめの一歩から継続的なチャレンジ
mame500
0
250
Tableau事例紹介 / Tableau Case Study of Eureka
kazuya_araki_tokyo
1
170
疲弊しない!AWSセキュリティ統制の考え方 #devio_osakaday1
masahirokawahara
6
5.8k

Featured

See All Featured
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
Designing with Data
zakiwarfel
95
4.8k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.9k
Product Roadmaps are Hard
iamctodd
43
9.7k
We Have a Design System, Now What?
morganepeng
42
6.7k
Put a Button on it: Removing Barriers to Going Fast.
kastner
58
3k
Creatively Recalculating Your Daily Design Routine
revolveconf
209
11k
The Cost Of JavaScript in 2023
addyosmani
13
3.8k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
5
1.5k
Adopting Sorbet at Scale
ufuk
67
8.6k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.8k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
114
18k

Transcript

  1. @k2r2bai TAI P E I 開 發 者交 流 之夜

  2. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. @k2r2bai Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes Kyle Bai Site Reliability Engineer AMIS Cloud Native Taiwan User Group

  3. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. @k2r2bai About Me ⽩凱仁(Kyle Bai) • SRE at AMIS. • OSS Contributor. • Certified Kubernetes Administrator/Developer. • Co-organizer of Cloud Native Taiwan User Group. • Interested in emerging technologies. GitHub: kairen([email protected]) Blog: https://k2r2bai.com

  4. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Motivations • Infrastructure as code • Vishwakarma • Live Demo Agenda Today I would like to talk about

  5. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Motivations

  6. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop Enterprise IT Public Cloud Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  7. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop Enterprise IT Public Cloud Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  8. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers Laptop Enterprise IT Public Cloud

  9. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop (Dev) Enterprise IT (Staging) Public Cloud (Production) Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  10. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production

  11. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production US EU AP …

  12. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production US EU AP …

  13. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev

  14. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev TW US Staging

  15. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev TW US Staging AP … US EU Production

  16. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Infrastructure as code

  17. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. “Infrastructure-as-code (IaC) is the concept of writing code to represent your infrastructure requirements and using an IaC tool to apply those changes to your cloud/on-prem environment.”

  18. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Create/change/destroy infrastructure resources such as compute, storage, networking components or platform services like database, Kubernetes cluster etc. • Deploy/update applications on top of the infrastructure. • Manage the configurations used by the applications. • Versioning infrastructure. The problems IaC tools can solve

  19. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  20. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  21. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  22. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Terraform is the only tool to focus solely on creating, destroying and managing infrastructure components. You use the Hashicorp Configuration Language (HCL) to describe the infrastructure resources you need. • Provider • Provisioner • Modules • Plan phase • Apply phase Terraform

  23. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. example

  24. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  25. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. CLI / SDK / Console Region A Region B Region C ... Terraform CLI Region A Region B Region C ...

  26. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  27. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. NGINX

  28. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Vishwakarma

  29. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Kubernetes solutions on AWS Kubespray RKE Kops Kube-aws Typhoon EKS CoreOS Tectonic LinuxKit Matchbox KubeNow Bootkube kubeadm-dind-cluster Minikube PKS Kubeadm KIND KRIB

  30. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Challenges to build Kubrnetes

  31. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Maintain all AWS resources(ex: EC2 instance, VPC). • Kubernetes node(worker) scalability. • Kubernetes components upgrade. • Logging and Monitoring. • Configuration management. Challenges to build Kubrnetes on AWS

  32. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Network environment customize. • Align company compliance. • Audit. • Security. • Topology. • ... • Cost. • Clusters have different topology. • Want more specific features. Why build Kubernetes by ourselves?

  33. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Vishwakarma can be used to create a Kubernetes cluster in AWS by leveraging HashiCorp Terraform and CoreOS. And there are two kind of Kubernetes master within vishwakarma, one leverages AWS EKS, the other one is ElastiKube (Self-Hosted). Vishwakarma hXps://github.com/getamis/vishwakarma

  34. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. ElastiKube is a highly configurable Terraform module with building blocks. The motivation to build ElastiKube is that we need: • Robust and HA Kubernetes master nodes. • Pluggable HA worker nodes with different instance types. • Configurable Kubernetes resources during bootstrapping. • Standalone and HA etcd. • Use CoreOS Container Linux on all host machines. • Use Ignition for provisioning Container Linux. What's ElastiKube?

  35. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  36. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Agility: The ability to easily and atomically update software is the only way to improve internet security. • Portability: Containers turn apps into integral units that can migrate easily between machines and between providers. • Security: Today’s VM-focused workflow ties the OS directly to the apps on the box. Moving dependencies out of the OS and into a container dramatically reduces complexity. • Make sure that all resources are IMMUTABLE! Why do we use CoreOS?

  37. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Ignition is the utility used by CoreOS Container Linux, Fedora CoreOS, and RHEL CoreOS to manipulate disks during the initramfs. This includes partitioning disks, formatting partitions, writing files (regular files, systemd units, etc.), and configuring users. Ignition

  38. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  39. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Live Demo

  40. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. What’s Going On?

  41. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Self-hosting Kubernetes

  42. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Fargate for EKS

  43. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  44. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  45. Thank you! @k2r2bai © 2020, Amazon Web Services, Inc. or

    its affiliates. All rights reserved. Kyle Bai [email protected]