EKS

avatar
Created by
GiganticAngonoka72710

Cards (12)

  • What is Amazon EKS?
    • Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that eliminates the need to install, operate, and maintain your own Kubernetes control plane on Amazon Web Services (AWS). Kubernetes is an open-source system that automates the management, scaling, and deployment of containerized applications.
  • Features of Amazon EKSSecure networking and authentication
    • Amazon EKS integrates your Kubernetes workloads with AWS networking and security services. It also integrates with AWS Identity and Access Management (IAM) to provide authentication for your Kubernetes clusters.
    Easy cluster scaling
    • Amazon EKS enables you to scale your Kubernetes clusters up and down easily based on the demand of your workloads. Amazon EKS supports horizontal Pod autoscaling based on CPU or custom metrics, and cluster autoscaling based on the demand of the entire workload.
  • Core Concepts:
    • EKS Control Plane: Equivalent to the master node in regular Kubernetes architecture.
    • Hosts kube API server, kube controller, and other critical components.
    • Managed entirely by AWS, ensuring high availability without user intervention.
  • Core Concepts:
    • Worker Nodes and Node Groups: EC2 instances grouped for running application workloads.
    • Provisioned by the user after setting up the control plane.
    • Fargate Profiles: Allows deploying Kubernetes applications directly without provisioning EC2 instances.
    • Offers serverless flexibility, minimizing resource wastage.
    • VPC (Virtual Private Cloud): Integral for security and design considerations.
    • Public or private subnets, security groups, and proper architecture play a crucial role.
  • EKS Core Concepts:
  • EKS Cluster Workflow
    • Provisioning:
    • Set up the EKS cluster, comprising the control plane (master) managed by AWS.
    • Create node groups for worker nodes to run application workloads.
    • Application Deployment:
    • Use Kubernetes kubectl CLI to connect and deploy applications.
    • Applications run on worker nodes in the cluster.
    • Control Plane Management:
    • AWS manages the control plane's high availability and replaces unhealthy instances.
  • EKS Control Plane
    • Single-tenant Kubernetes control plane for each cluster.
    • Infrastructure is not shared across clusters.
    • Consists of at least two API servers and three nodes running across three availability zones.
    • AWS automatically detects and replaces unhealthy control plane instances.
  • Worker Nodes and Node Groups
    • Worker nodes are regular EC2 instances specifically designed for Kubernetes from AWS.
    • EKS worker nodes run in the user's AWS account and connect to the cluster's control plane.
    • Design considerations include exposing the cluster API server endpoint to the internet or accessing it internally within the VPC.
  • Fargate Profiles
    • AWS Fargate provides on-demand, right-sized compute capacity for containers.
    • Eliminates the need to provision, configure, or scale virtual machine groups.
    • Each pod on Fargate has its isolation boundary, ensuring resource separation.
    • Fargate controller schedules and manages Fargate profiles.
  • VPC (Virtual Private Cloud)
    • EKS uses AWS VPC network policies to restrict traffic between control plane components.
    • Decision on how to access the cluster API server endpoints from worker nodes.
    • Control plane components are isolated, ensuring security and reliability.
    • Kubernetes RBAC policies control communication between EKS clusters.
  • EKS Clusters:
    All instances in a node group must:
    • Be the same instance type
    • Be running the same AMI
    • Use the same EKS worker node IAM role
  • EKS Clusters: