Tag Archives: AWS

AWS Elastic Kubernetes Service: RBAC Authorization via AWS IAM and RBAC Groups

25 November 2023
 

 We have two new projects in the Elastic Kubernetes Service (см. AWS Elastic Kubernetes Service: a cluster creation automation, part 1 – CloudFormation), each project lives in its own separate Namespace. In addition, there are two users, developers, who need to be given access to these two Namespaces, but only to Pods in them and… Read More »

Grafana Loki: collecting AWS LoadBalancer logs from S3 with Promtail Lambda

25 November 2023
 

 Currently, we are able to collect our API Gateway logs from the CloudWatch Logs to Grafana Loki, see. Loki: collecting logs from CloudWatch Logs using Lambda Promtail. But in the process of migrating to Kubernetes, we have Application Load Balancers that can only write logs to S3, and we need to learn how to collect… Read More »

Karpenter: the Beta version – an overview of changes, and upgrade from v0.30.0 to v0.32.1

5 November 2023
 

 So, Karpenter has made another big step towards the release, and in version 0.32 it has moved from Alpha to Beta. Let’s take a quick look at the changes – and they are quite significant – and then upgrade to EKS from Karpneter Terraform module and Karpenter Helm chart. The process of installing Karpenter was… Read More »

GitHub Actions: deploying Dev/Prod environments with Terraform

30 September 2023
 

 Now that we have Terraform code ready to deploy an AWS Elastic Kubernetes Service cluster (see Terraform: Building EKS, part 1 – VPC, Subnets and Endpoints and subsequent parts), it’s time to think about automation, that is, creating pipelines in CI/CD that would create new environments for testing features, or deploy updates to the Dev/Prod… Read More »

Terraform: building EKS, part 4 – installing controllers

16 September 2023
 

  The last, fourth part, in which we will install the rest of the controllers and add a couple of useful little things. All the parts: Terraform: building EKS, part 1 – VPC, Subnets and Endpoints Terraform: building EKS, part 2 – an EKS cluster, WorkerNodes, and IAM Terraform: building EKS, part 3 – Karpenter… Read More »

Terraform: building EKS, part 3 – Karpenter installation

16 September 2023
 

 This is the third part of deploying an AWS Elastic Kubernetes Service cluster with Terraform, in which we will add Karpenter to our cluster. I’ve decided to post this separately because it’s quite a long post. And in the next and final (hopefully!), the fourth part, we will add the rest – all kinds of… Read More »

Terraform: Building EKS, part 2 – an EKS cluster, WorkerNodes, and IAM

10 September 2023
 

  We continue the topic of deploying an AWS Elastic Kubernetes Service cluster using Terraform. In the first part, we prepared an AWS VPC. In this part, we’ll deploy the EKS cluster itself, and will configure AIM for it, and in the next parts, we’ll install Karpenter and the rest of the controllers. All the… Read More »

Terraform: Building EKS, part 1 – VPC, Subnets and Endpoints

10 September 2023
 

  So, now that we’ve been reminded a bit about Terraform’s data types and loops, it’s time to start building something real. The first thing we will deploy with Terraform is the AWS Elastic Kubernetes Service cluster and all the resources associated with it because now it is done with AWS CDK, and in addition… Read More »

Terraform: dynamic remote state with AWS S3 and multiple environments by directory

3 September 2023
 

  Following the series of posts about preparing to use Terraform on a project. So, in the first part, we thought about how to organize the preparation of the backend for the project, that is, to perform its bootstrap, and a bit – how to manage the Dev/Prod environments in general, see Terraform: Getting started… Read More »

Terraform: remote state with AWS S3, and state locking with DynamoDB

3 September 2023
 

  We are preparing to transfer infrastructure management from AWS CDK to Terraform. I’ve already wrote about planning it in the Terraform: planning a new project with Dev/Prod environments post, but there I didn’t wrote about one very important option – creating a lock for state files. State file locking is used to avoid situations… Read More »