We have a Docker image with the eksctl tool included. We also have an ЕС2 with Linux with the eksctl. There is an AWS IAM Instance Profile attached to this EC2 with the AdminAccess policy assigned. On this ЕС2 we have Jenkins running in a Docker container, and it spawns its jobs inside in additional… Read More »
The task is: create automation to roll out an AWS Elastic Kubernetes Service cluster from scratch. Will use: Ansible: to automate CloudFormation stack creation and to execute eksctl with necessary parameters CloudFormation with NestedStacks: to create an infrastructure – VPC, subnets, SecurityGroups, IAM-roles, etc eksctl: to create a cluster itself using resources created by CloudFormation… Read More »
AWS ALB Ingress Controller for Kubernetes – is a Kubernetes controller which actually controls AWS Application Load Balancers (ALB) in an AWS account when an Ingress resource with the kubernetes.io/ingress.class: alb annotation is created in a Kubernetes cluster. This Ingress resource in its turn describes an ALB Listeners configuration with SSL termination or traffic routing… Read More »
The next task is to add a new user who will have access to check pods state and watch logs – any other operations must be prohibited. AWS EKS uses AWS IAM for authentification in a Kubernetes cluster (check the Kubernetes: part 4 – AWS EKS authentification, aws-iam-authenticator and AWS IAM post for details), bot… Read More »
Nested Stacks in AWS CloudFormation are stacks, created from another, a “parent”, stack using AWS::CloudFormation::Stack. The main idea behind the Nested Stacks is to avoid writing superfluous code and to make templates reusable. Instead, a template is created only once, stored in an S3 bucket, and during stacks creation – you just refer to it.… Read More »
Gorush is a Go-written application which we are planning to use to send push notifications to our mobile clients. The project’s home – https://github.com/appleboy/gorush The service will be running in our Kubernetes cluster in a dedicated namespace and must be accessible within the cluster’s VPC only, so we will use an Internal ALB from AWS.… Read More »
We are using AWS VPC DNS and sometimes facing with errors like “php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution“. The only advice from AWS tech. support was to configure a local dnsmasq service to act as a local DNS cache, but I did this already year ago and this issue happens once in 1-2-3… Read More »
Our data-analytics team eventually started to play with an AWS Redshift cluster instead of the MariaDB RDS service. Actually, the current task is to spin up a simple Proof of Concept Redshift’s cluster in the AWS. Let’s do it quickly, without details – if this will go to the Production, I’ll add another post with… Read More »
Vertica is a data warehouse solution intended to store petabytes amount of data. The task, for now, is to spin up a kind of Proof of Concept for Vertica on an AWS EC2 to take a closer look at its setup and to give it to data-analytics to play with it a bit. Vertica has… Read More »
We have a picture in an AWS S3 bucket which updated, but AWS CloudFront still returns its old version. To remove it from the CloudFront cache – need to create an object’s invalidation. It can be created via AWS Console web-UI or by using AWS CLI. In the AWS Console – go to the desired… Read More »