Continuing the topic about AWS: VPC Flow Logs, NAT Gateways, and Kubernetes Pods – a detailed overview. There we analyzed how to work with VPC Flow Logs in general, and learned how we can get information about traffic to/from Kubernetes Pods. But there is one problem when using Flow Logs with CloudWatch Logs – the… Read More »
I’ve already written a little about Pritunl before – Pritunl: Running a VPN in Kubernetes. Let’s return to this topic again, but this time on EC2 in AWS, without Kubernetes. So, what we need to do is to run some kind of VPN service for the project to have access to Kubernetes APIs/Kubernetes WorkerNodes/AWS RDS/etc… Read More »
We have a relatively large spending on AWS NAT Gateway Processed Bytes, and it became interesting to know what exactly is processed through it. It would seem that everything is simple – just turn on VPC Flow Logs and see what’s what. But when it comes to AWS Elastic Kubernetes Service and NAT Gateways, things… Read More »
Each WorkerNode in a Kubernetes cluster can have a limited number of Pods running, and this limit is determined by three parameters: CPU: the total number of requests.cpu cannot be more than the number of CPUs on the Node Memory: the total number of requests.memory cannot be more than the Memory on the Node IP:… Read More »
So, now that we’ve been reminded a bit about Terraform’s data types and loops, it’s time to start building something real. The first thing we will deploy with Terraform is the AWS Elastic Kubernetes Service cluster and all the resources associated with it because now it is done with AWS CDK, and in addition to… Read More »
Traffic in AWS is generally quite an interesting and sometimes complicated thing, I once wrote about it in the AWS: Cost optimization – services expenses overview and traffic costs in AWS. Now, it’s time to return to this topic again. So, what’s the problem: in AWS Cost Explorer, I’ve noticed that we have an increase… Read More »
What to do when there is no electricity, mobile communication towers are turned off, and you want to watch the outcasts with Ukrainian cats? That’s right – buy yourself a 3/4G modem with an antenna! In addition, the antenna itself does not need power, and the modem can be inserted into an ordinary power bank,… Read More »
Pritunl is a VPN server with a bunch of advanced security and access control features. In fact, it is just a wrapper over OpenVPN, adding such Access Control Lists to it in the form of Organizations, users, and routes. The task is to deploy a Pritunl test instance in Kubernetesб so we can take a closer… Read More »
After running Pritunl in Minikube, it is not possible to connect to the VPN: … 2022-10-03 13:50:32 TCP/UDP: Preserving recently used remote address: [AF_INET]194.168.3.100:1194 2022-10-03 13:50:32 UDP link local: (not bound) 2022-10-03 13:50:32 UDP link remote: [AF_INET]194.168.3.100:1194 … Check its Kubernetes Service: [simterm] $ kubectl -n pritunl-local get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE… Read More »
AWS VPC Flow Logs allow you to log traffic information between network interfaces in a VPC. Further, these logs can be stored in AWS S3 or sent to AWS CloudWatch Logs, while enabling traffic logging does not affect the performance of the network interface in any way. Let’s briefly review the basic concepts, and available… Read More »