Category Archives: Networking

Kubernetes: a single AWS Load Balancer for different Kubernetes Ingresses

21 December 2024
 

  One day, we looked at our AWS costs on AWS Load Balancers, and understood that we needed to decrease the spends a bit. What we wanted was to have one LoadBalancer, and through it to route requests to different Kubernetes Ingresses and Services in different Namespaces. The first thing that came to mind was… Read More »

VictoriaLogs: a Grafana dashboard for AWS VPC Flow Logs – migrating from Grafana Loki

7 December 2024
 

  In the previous post – AWS: VPC Flow Logs – logs to S3 and Grafana dashboard with Loki, we created a Grafana dashboard that displays NAT Gateway traffic usage statistics. What we were interested in there was which Kubernetes Pods use the most bytes, because it directly affects our AWS Costs. And everything appears… Read More »

AWS: VPC Flow Logs – logs to S3 and Grafana dashboard with Loki

7 December 2024
 

 Continuing the topic about AWS: VPC Flow Logs, NAT Gateways, and Kubernetes Pods – a detailed overview. There we analyzed how to work with VPC Flow Logs in general, and learned how we can get information about traffic to/from Kubernetes Pods. But there is one problem when using Flow Logs with CloudWatch Logs – the… Read More »

Pritunl: launching a VPN in AWS on EC2 with Terraform

23 June 2024
 

  I’ve already written a little about Pritunl before – Pritunl: Running a VPN in Kubernetes. Let’s return to this topic again, but this time on EC2 in AWS, without Kubernetes. So, what we need to do is to run some kind of VPN service for the project to have access to Kubernetes APIs/Kubernetes WorkerNodes/AWS… Read More »

AWS: VPC Flow Logs, NAT Gateways, and Kubernetes Pods – a detailed overview

5 May 2024
 

 We have a relatively large spending on AWS NAT Gateway Processed Bytes, and it became interesting to know what exactly is processed through it. It would seem that everything is simple – just turn on VPC Flow Logs and see what’s what. But when it comes to AWS Elastic Kubernetes Service and NAT Gateways, things… Read More »

AWS: VPC Prefix and the maximum of Pods on Kubernetes WorkerNodes

29 February 2024
 

 Each WorkerNode in a Kubernetes cluster can have a limited number of Pods running, and this limit is determined by three parameters: CPU: the total number of requests.cpu cannot be more than the number of CPUs on the Node Memory: the total number of requests.memory cannot be more than the Memory on the Node IP:… Read More »

Terraform: Building EKS, part 1 – VPC, Subnets and Endpoints

10 September 2023
 

  So, now that we’ve been reminded a bit about Terraform’s data types and loops, it’s time to start building something real. The first thing we will deploy with Terraform is the AWS Elastic Kubernetes Service cluster and all the resources associated with it because now it is done with AWS CDK, and in addition… Read More »

AWS: Grafana Loki, InterZone traffic in AWS, and Kubernetes nodeAffinity

19 August 2023
 

  Traffic in AWS is generally quite an interesting and sometimes complicated thing, I once wrote about it in the AWS: Cost optimization – services expenses overview and traffic costs in AWS. Now, it’s time to return to this topic again. So, what’s the problem: in AWS Cost Explorer, I’ve noticed that we have an… Read More »

Pritunl: running VPN in Kubernetes

5 October 2022
 

  Pritunl is a VPN server with a bunch of advanced security and access control features. In fact, it is just a wrapper over OpenVPN, adding such Access Control Lists to it in the form of Organizations, users, and routes. The task is to deploy a Pritunl test instance in Kubernetesб so we can take a… Read More »