Daily Archives: 11/25/2023

AWS Elastic Kubernetes Service: RBAC Authorization via AWS IAM and RBAC Groups

25 November 2023
 

 We have two new projects in the Elastic Kubernetes Service (см. AWS Elastic Kubernetes Service: a cluster creation automation, part 1 – CloudFormation), each project lives in its own separate Namespace. In addition, there are two users, developers, who need to be given access to these two Namespaces, but only to Pods in them and… Read More »

Grafana Loki: collecting AWS LoadBalancer logs from S3 with Promtail Lambda

25 November 2023
 

 Currently, we are able to collect our API Gateway logs from the CloudWatch Logs to Grafana Loki, see. Loki: collecting logs from CloudWatch Logs using Lambda Promtail. But in the process of migrating to Kubernetes, we have Application Load Balancers that can only write logs to S3, and we need to learn how to collect… Read More »

Kubernetes: ensuring High Availability for Pods

25 November 2023
 

 We have a Kubernetes cluster, where WorkerNodes are scaled by Karpenter, and Karpenter has the disruption.consolidationPolicy=WhenUnderutilized parameter for its NodePool, and this means, that Karpenter will try to “consolidate” the placement of pods on Nodes in order to maximize the use of CPU and Memory resources. In general, everything works, but this leads to the… Read More »