Let’s continue with AWS CDK and Python. I’m not writing because I like CDK, but because there are quite a few examples on the Internet for AWS CDK with Python, so let them at least be here. So, we have a cluster – AWS: CDK and Python – building an EKS cluster, and general… Read More »
Storing access data in Kubernetes Secrets has an important drawback, because they are only available within the Kubernetes cluster itself. To make them available to external services, we can use Hashicorp Vault and integrate it with Kubernetes using solutions such as vault-k8sor use services from AWS – Secrets Manager or Parameter Store. Integrating AWS Secrets Manager and Parameter… Read More »
So we have an AWS EKS cluster built with AWS CDK and Python – AWS: CDK and Python – building an EKS cluster, and general impressions of CDK, and we have an idea of how IRSA works – AWS: EKS, OpenID Connect, and ServiceAccounts. The next step after deploying the cluster is to configure the… Read More »
So, Terraform is great, but so far in our project, we have decided to create the first AWS EKS clusters using the AWS CDK, because firstly, it is already on the project, and secondly, it is very interesting to try a new tool. Today we will see what came out of it, and how… Read More »
Currently, I’m setting up a new EKS cluster. Among other things, I’m running ExternalDNS on it, which uses a Kubernetes ServiceAccount to authenticate to AWS in order to be able to make changes to the domain zone in Route53. However, I forgot to configure the Identity Provider in AWS IAM and ExternalDNS threw an… Read More »
I’ve heard a lot about VictoriaMetrics for a long time, and finally, it’s time to try it out. So, in a nutshell – VictoriaMetrics is “Prometheus on steroids” and is fully compatible with it – can use its configuration files, exporters, PromQL, etc. So for me who has always used Prometheus, the first question… Read More »
Recently, I got a new interesting task – to build a dashboard in Grafana that would display the status of our development process and its performance, that is, the efficiency of our DevOps processes. This is necessary because we are trying to build “true continuous deployment” so that the code automatically enters Production, and… Read More »
Collecting logs in Grafana Loki with Kubernetes is very simple – we just launch Promtail in DaemonSet, configure it to read all data from /var/logs – and that’s it (in fact, we don’t specify anything at all – everything works out of the box from the Helm chart). But what about CloudWatch Logs? On my new… Read More »
I need to plan the use of Terraform in a new project, and this includes planning the file structure for the project, how to create a backend (i.e. bootstrap) and other resources needed to get started, and think about working with multiple environments and AWS accounts. In general, this post was originally written purely… Read More »
The AWS Cloud Development Kit (AWS CDK) allows you to describe an infrastructure using the programming languages TypeScript, JavaScript, Python, Java, C#, or Go. Under the hood, CDK creates a CloudFormation stack with the resources described in your code. The answer to the question “Our CDK, when is Terraform?” can be found here – 4 ultimate… Read More »