Amazon EKS Blueprints Streamline Bootstrapping Kubernetes Clusters – InfoQ.com

Amazon EKS Blueprints Streamline Bootstrapping Kubernetes Clusters – InfoQ.com

Live Webinar and Q&A: Web Server and Reverse-Proxy Cache 101 (Live Webinar June 16th, 2022) Register Now
Facilitating the Spread of Knowledge and Innovation in Professional Software Development


Avdi Grimm describes the future of development, which is already here. Get a tour of a devcontainer, and contrast it with a deployment container.
Wesley Reisz talks to Oren Eini about the history of RavenDB. RavenDB is a fully transactional NoSQL Document database that implements both CP and AP guarantees at different times. The two discuss those CP/AP distributed systems challenges, the choice of implementation language (C#), and the current plans for RavenDB 6.0, which includes a server-side sharding implementation.
Katharine Jarmul discusses utilizing new distributed data science and machine learning models, such as federated learning, to learn from data at the edge.
In this podcast Shane Hastie spoke to Sara Rossio Chief Product Officer at G2, about how product people and technical people collaborate to build great products that people love.
A thorough implementation of policy management tools is required for effective compliance and security management in a DevOps environment. Companies that accept policy management in DevSecOps as a way of development and have adopted some level of policy management best practices tend to operate more efficiently.
Learn how cloud architectures achieve cost savings, improve reliability & deliver value. Register Now.
Learn how to migrate an application to serverless and what are the common mistakes to avoid. Register Now.
Understand the emerging software trends you should pay attention to. Attend in-person on Oct 24-28, 2022.
InfoQ Homepage News Amazon EKS Blueprints Streamline Bootstrapping Kubernetes Clusters
May 28, 2022 2 min read
by
Matt Campbell
AWS has released EKS Blueprints, a collection of infrastructure as code (IaC) modules to simplify configuring and deploying EKS clusters. EKS Blueprints are currently implemented in both HashiCorp Terraform and AWS Cloud Development Kit (CDK). The blueprints have support for a number of open-source add-ons including Prometheus, Nginx, and Argo CD.
The blueprints provide a fully bootstrapped, open-sourced approach to configuring EKS clusters. The bootstrapping takes care of configuring the appropriate IAM policies, roles, and service accounts as needed by the included add-ons. The blueprint can contain configuration for the state of the EKS cluster including the control plane and worker nodes. Once a blueprint is configured it can be used to deploy the same EKS environment across multiple regions or accounts.
EKS Blueprints can be used to configure and manage administrator teams and application teams. Administrator teams are able to access and administrer the cluster while application teams manage workloads running in cluster namespaces. A form of "soft multi-tenancy" can be used to allow multiple teams to run workloads within the same cluster. As described by Kevin Coleman, Apoorva Kulkarni, Mikhail Shapirove, and Vara Bonthu, "soft multi-tenancy leverages native Kubernetes constructs (for example, namespaces, roles, role bindings, and network policies) to create logical separation between tenants."
EKS Blueprints provides two sample Argo CD repositories showing how to manage workload configuration and add-on configuration. The following example shows how to set up an EKS cluster with Argo CD that includes two application resources leveraging the sample repositories:
EKS Blueprints is able to provision both EKS and self-managed add-ons into an EKS cluster. Amazon EKS add-ons are curated and managed by Amazon. They include the latest security patches and bug fixes and have been validated by Amazon to work with EKS. For cases where an Amazon EKS add-on is available but a self-managed version is already in use, the Amazon version can be installed instead.
The add-on points to an open-source, upstream Helm repository. EKS Blueprints include default IAM roles for service accounts for each add-on that makes requests to the AWS APIs. These defaults can be overridden as needed.
The Amazon EKS managed configuration fields for Amazon EKS add-ons can be updated via the Amazon EKS API. Configuration fields not managed by EKS can be adjusted through the Kubernetes cluster once the add-on starts. These changes will not be overridden by Amazon EKS as they make use of the Kubernetes server-side apply feature. Amazon EKS add-ons can be used with any 1.18 or later Amazon EKS cluster.
The release also includes a number of partner add-ons from companies such as Datadog, HashiCorp, and Snyk. HashiCorp has released a Vault add-on that deploys Vault instances into Kubernetes. This simplifies accessing Vault in EKS by enabling Vault in the workflow as illustrated below:
EKS Blueprints for both Terraform and CDK are available via GitHub. EKS Blueprints is free to use with costs only being incurred for the deployed resources.

Becoming an editor for InfoQ was one of the best decisions of my career. It has challenged me and helped me grow in so many ways. We’d love to have more people join our team.

Uncover emerging trends and practices from domain experts. Attend in-person at QCon San Francisco (October 24-28, 2022).
A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

We protect your privacy.
You need to Register an InfoQ account or or login to post comments. But there’s so much more behind being registered.
Get the most out of the InfoQ experience.
Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

We protect your privacy.
Real-world technical talks. No product pitches.
Practical ideas to inspire you and your team.
QCon San Francisco – Oct 24-28, In-person.

QCon San Francisco brings together the world’s most innovative senior software engineers across multiple domains to share their real-world implementation of emerging trends and practices.
Uncover emerging software trends and practices to solve your complex engineering challenges, without the product pitches.Save your spot now
InfoQ.com and all content copyright © 2006-2022 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we’ve ever worked with.
Privacy Notice, Terms And Conditions, Cookie Policy

source


Leave a Reply

Your email address will not be published.