Tag: aws

Total 5 Posts
kubernetes, aws, security

Integrating AWS IAM and Kubernetes with kube2iam

Containers deployed on top of Kubernetes sometimes requires easy access to AWS services. You have a few options to configure this. Most common is providing AWS access credentials to a particular pod or updating existing worker nodes IAM role with additional access rules. Pods in the AWS environment, by default, have the same access rules as underlying nodes. However, both solutions are a terrible practice, because there are projects that resolve this issue more elegantly. Two most popular are kube2iam ...

kubernetes, ingress, aws

AWS ALB Ingress Controller for Kubernetes

More than one year ago CoreOS introduced AWS ALB (Application Load Balancer) support for Kubernetes. This project was born out of Ticketmaster's tight relationship with CoreOS. It was in an alpha state for a long time, so I waited for some beta/stable release to put my hands on it. The project is donated to Kubernetes SIG-AWS on June 1, 2018, and now there is a lot more activity. A few months ago the first stable version got released. Let's ...

kubernetes, ingress, aws

AWS Cost Savings by Utilizing Kubernetes Ingress with Classic ELB

A few months ago I wrote an article about Kubernetes Nginx Ingress Controller. That article is actually the second most popular post on this blog. It's focused on using Kubernetes ingress for on-premises deployments. But, most of the users run Kubernetes on AWS and other public cloud providers. The problem is that for each service with LoadBalancer type, AWS will create the new ELB. And that can be pricey. With Kubernetes ingress you will need only one. How Does it ...

kubernetes, aws

Kubernetes Cluster Autoscaling on AWS

Running a production Kubernetes cluster is not that easy. Also, unless you use cloud resources smart, you will be spending much money. You only want to use resources that are needed. When you deploy Kubernetes cluster on AWS, you define min and max number of instances per autoscaling group. You want to watch Kubernetes cluster and on insufficient resources to scale up. Also to scale down when you have underutilized nodes. The piece of software that will help you with ...

aws, show me

Terraform and AWS Spot Instances

Terraform is my tool of choice for cloud provisioning. The difference compared to the similar tools for cloud provisioning is that Terraform saves the state. Terraform supports AWS and can provision spot instances also. Spot instances are great to save some money in the cloud. They could be used for any service, but it is really hard to manage stateful services like databases. If you have a stateless service spot instances are a great choice. You need to automate spot ...