Scribd
Upload
342 views11 pages

DevOps AWS EKS Setup Guide

This document summarizes a DevOps configuration using AWS services like IAM, EKS, ELB, Route53, VPC, and EBS. It describes how these services are used to provision and manage a Kubernetes cluster hosting applications. Key components include IAM for access management, EKS for the Kubernetes cluster, ELB for load balancing, Route53 for DNS, VPC for networking, and EBS for database storage. The document also provides commands for interacting with the Kubernetes cluster and links to configuration sources.

Uploaded by

Owais Ahmed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
342 views11 pages

DevOps AWS EKS Setup Guide

This document summarizes a DevOps configuration using AWS services like IAM, EKS, ELB, Route53, VPC, and EBS. It describes how these services are used to provision and manage a Kubernetes cluster hosting applications. Key components include IAM for access management, EKS for the Kubernetes cluster, ELB for load balancing, Route53 for DNS, VPC for networking, and EBS for database storage. The document also provides commands for interacting with the Kubernetes cluster and links to configuration sources.

Uploaded by

Owais Ahmed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

DevOps KT

2019-12-11
AWS
ACM
VPC IAM
(SSL Cert)

Verify https
certificate

EBS
(DB Storage)
*.h2- CNAME nginx
nirvana.com

Route53 ELB EKS


(DNS) (Load (Kubernetes)
Balancer)

Site-to-Site
(VPN Tunnel)
Identity Access Management
● Managed Manually
● User Permissions
● Service Permissions
● Username/Password OR Access Key/Secret Key
Kubernetes Service(EKS)
● .kubernetes\cluster\eks-cluster.yaml
ELB (Load Balancer)
● .kubernetes\config\common\nginx.controller.yaml
● https://github.com/kubernetes/ingress-nginx
● Provisions ELB
○ Single public entrypoint
○ HTTPS terminations
● On Cluster Component
○ Subdomain mapping - subway-hydro.h2-nirvana.com
○ Forced https
Route53 (DNS)
● .kubernetes\config\aws\external-dns.yaml
● https://github.com/kubernetes-sigs/external-dns
● DNS
● Watches for subdomains and updates route53
● All subdomains go to the same place!
○ ELB/Nginx
VPC (Virtual Private Cloud)
● Semi-Manual Management
● Everything Networking
● VPC 1 to 1 with Region (us-east2)
● Subnets 1 to 1 with Availability Zone (us-east2-a, us-east2-b)
● Private/Public Subnets
● Subnets contains resources like EC2 instances
VPN Tunnel
● Managed Manually
● Route Cluster Traffic to 10.101.10.136/32 (northstar ip) through tunnel
Databases (EBS)
● .kubernetes\config\aws\storage.yaml
● https://github.com/kubernetes-sigs/aws-ebs-csi-driver
● Database Service runs on-cluster, Storage runs off-cluster

Access:

1. Follow this guide to get cluster access


2. kubectl port-forward -n develop svc/$SERVICE-postgres 9090:5432
3. Use Pgadmin to connect to postgres:docker@localhost:9090

Alternative: Should we allow public internet access to our DBs instead?


Kubectl commands
● kubectl get ns
● kubectl get svc -n develop
● kubectl get pods –n develop
● kubectl get deploy –n develop
● kubectl get cm –n develop
● kubectl get ingress –n develop
● kubectl get secrets –n develop

OR
https://www.kontena.io/
Sources
● AWS
○ https://us-east-2.console.aws.amazon.com/console/home?region=us-east-2#
● Nirvana Config
○ https://github.com/h2-nirvana/nirvana/tree/develop/.kubernetes

Next Month
● Deploying to Kubernetes with helm (https://helm.sh/)
● Tenancy
○ https://github.com/h2-nirvana/helm-charts
○ https://github.com/h2-nirvana/helm-repository
○ https://github.com/h2-nirvana/Tenancy

You might also like