Tag Archives: AWS

Kubernetes: load-testing and high-load tuning – problems and solutions

4 September 2020
 

 Actually, this post was planned as a short note about using NodeAffinity for Kubernetes Pod: But then, as often happens, after starting writing about one thing, I faced another, and then another one, and as a result – I made this long-read post about Kubernetes load-testing. So, I’ve started about NodeAffinity, but then wondered how… Read More »

Prometheus: yet-another-cloudwatch-exporter – collecting AWS CloudWatch metrics

23 July 2020
 

 Currently, to collect metrics from the AWS CloudWatch we are using AWS’s own cloudwatch-exporter, see the Prometheus: CloudWatch exporter — сбор метрик из AWS и графики в Grafana post (in Rus), but it has a few gaps: it’s written in Java, so uses CPU/memory of the monitoring host doesn’t scrapes AWS tags from resources uses… Read More »

AWS Elastic Kubernetes Service: a cluster creation automation, part 2 – Ansible, eksctl

1 May 2020
 

 The first part – AWS Elastic Kubernetes Service: a cluster creation automation, part 1 – CloudFormation. To remind the whole idea is to create an automation process to create an EKS cluster: Ansible uses the cloudformation module to create an infrastructure by using an Outputs of the CloudFormation stack created – Ansible from a template will… Read More »

AWS: eksctl – “Put http://169.254.169.254/latest/api/token: net/http: request canceled”

26 April 2020
 

 We have a Docker image with the eksctl tool included. We also have an ЕС2 with Linux with the eksctl. There is an AWS IAM Instance Profile attached to this EC2 with the AdminAccess policy assigned. On this ЕС2 we have Jenkins running in a Docker container, and it spawns its jobs inside in additional… Read More »

AWS Elastic Kubernetes Service: a cluster creation automation, part 1 – CloudFormation

24 April 2020
 

 The task is: create automation to roll out an AWS Elastic Kubernetes Service cluster from scratch. Will use: Ansible: to automate CloudFormation stack creation and to execute eksctl with necessary parameters CloudFormation with NestedStacks: to create an infrastructure – VPC, subnets, SecurityGroups, IAM-roles, etc eksctl: to create a cluster itself using resources created by CloudFormation… Read More »

AWS Elastic Kubernetes Service: running ALB Ingress controller

21 April 2020
 

 AWS ALB Ingress Controller for Kubernetes – is a Kubernetes controller which actually controls AWS Application Load Balancers (ALB) in an AWS account when an Ingress resource with the kubernetes.io/ingress.class: alb annotation is created in a Kubernetes cluster. This Ingress resource in its turn describes an ALB Listeners configuration with SSL termination or traffic routing… Read More »

Kubernetes: part 5 — RBAC authorization with a Role and RoleBinding example

26 March 2020
 

 The next task is to add a new user who will have access to check pods state and watch logs – any other operations must be prohibited. AWS EKS uses AWS IAM for authentification in a Kubernetes cluster (check the Kubernetes: part 4 – AWS EKS authentification, aws-iam-authenticator and AWS IAM post for details), bot… Read More »

AWS: CloudFormation – Nested Stacks and stacks parameters Import/Export

29 February 2020
 

 Nested Stacks in AWS CloudFormation are stacks, created from another, a “parent”, stack using AWS::CloudFormation::Stack. The main idea behind the Nested Stacks is to avoid writing superfluous code and to make templates reusable. Instead, a template is created only once, stored in an S3 bucket, and during stacks creation – you just refer to it.… Read More »

Kubernetes: running a push-server with Gorush behind an AWS LoadBalancer

6 February 2020
 

 Gorush is a Go-written application which we are planning to use to send push notifications to our mobile clients. The project’s home – https://github.com/appleboy/gorush The service will be running in our Kubernetes cluster in a dedicated namespace and must be accessible within the cluster’s VPC only, so we will use an Internal ALB from AWS.… Read More »

dnsmasq: AWS – “Temporary failure in name resolution”, logs, debug and dnsmasq cache size

28 October 2019
 

 We are using AWS VPC DNS and sometimes facing with errors like “php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution“. The only advice from AWS tech. support was to configure a local dnsmasq service to act as a local DNS cache, but I did this already year ago and this issue happens once in 1-2-3… Read More »