SlideShare a Scribd company logo

Operationalizing Amazon EKS

Jim Bugwadia
Jim Bugwadia

Kubernetes can be complex to manage at enterprise scale! Cloud provider services like Amazon EKS solves the challenge of bringing up a Kubernetes control plane. However, production Kubernetes requires multi-layer security, access controls, load-balancing, monitoring, logging, governance, secrets management, policy management, and several other considerations. In this fast paced talk, we will cover how enterprises can address each of these areas and discuss best practices to fast track deployments.

1 of 37
Download to read offline
Operationalizing Amazon EKS Jim Bugwadia - @JimBugwadia
2 Kubernetes is the new Cloud OS Use Containers & Microservices Leverage Open Source Innovation Adopt a Dev-Ops Culture
3 …but remains complex to manage at scale! Source: Market Pulse Survey of Kubernetes Adoption Management complexity is the biggest hurdle overall to wider adoption
4 Agenda • Overview • What Amazon EKS provides • What else is needed • Demo & discussion
5 About me • Founder and CEO at Nirmata • Developing large-scale distributed systems since the early 90’s (Go, Java, JS, C++) • Core focus on centralized management for complex systems @JimBugwadia jim@nirmata.com
Multi-Cloud Kubernetes Management with Nirmata! 6 Service Mgmt VisibilityGovernance Compliance Optimization The Nirmata Platform Change Mgmt. Audit Logs Health Capacity Isolation Policies TuningDiscovery Managed Kubernetes GKE AKS EKS PKS Custom Kubernetes Bare Metal vSphere GPUs Cloud-Native Applications Cluster Services Traditional Applications Cluster Services Your Cloud Nirmata Cloud or Private Edition Your Apps
Amazon EKS 7
8 Amazon EKS https://eksworkshop.com/
9 EKS worker node connectivity https://eksworkshop.com/
10 EKS Install 1. eksctl o Command line that creates a new VPC and EKS o eksctl.io 2. Terraform, etc. o AWS provider (https://learn.hashicorp.com/terraform/aws/eks-intro) 3. Nirmata o Policy based cluster and add-on management o https://try.nirmata.io
11 Sample EKS install steps…
Install demo 12
13 EKS Core Features • Networking o VPC networking support o Elastic Load Balancing o Service Mesh (AWS AppMesh) o Service Registry (AWS CloudMap) • Managed Control Plane • Integrated with IAM • Logging (AWS CloudTrail) • Storage o GP2 (AWS EBS) o CSI drivers for EFS and FSx (Lustre) in alpha
Operationalizing Kubernetes 14
15 Areas to address 1. Cluster Management 2. Usage and Workload management
16 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork
17 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Security
18 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Logging Monitoring Security
19 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Version Control Image Registry Ingress Build Tools Logging Monitoring Security Policy Management
20 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Version Control Image Registry Ingress Build Tools Logging Monitoring Security Policy Management
21 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Version Control Image Registry Ingress Build Tools Logging Monitoring Security Policy Management
Multi-Cluster Management 22 K8s Management Cluster K8s K8s K8s Kubernetes Clusters Infrastructure Data and Shared Services
23 Challenges 1. Cluster Management • Consistent configuration of clusters • Version control and upgrades all each tool • Security and governance 2. Usage and Workload management
24
25 Namespaces Kubernetes supports multiple virtual clusters backed by the same physical cluster. These virtual clusters are called namespaces. https://kubernetes.io/docs/concepts/over view/working-with-objects/namespaces/
26 Role-based access control (RBAC) • Users are authenticated via OIDC, X.509 certificates, tokens, etc. • The auth result provides user information. However, Users and User Groups are managed externally. • Kubernetes has a fine grained permission model • Role (namespace) / ClusterRole • Roles are mapped to users or groups via role bindings • RoleBinding (namespace) / ClusterRoleBinding
27 Network Policies • By default, Kubernetes pods are “non-isolated” • They accept network connections from any source and can initiate connection requests to any destination • Network Policies define traffic rules for Kubernetes pods • ingress (inbound traffic) • egress (outbound traffic) Network Policy Pod Selector Ingress Ingress Rule Ingress Rule Ingress Rule Egress Ingress Rule Ingress Rule Egress Rule
28 Resource Management • Pods can have resource requests and limits • This allows three quality of service models GuaranteedBurstable • A namespace can have limits and default allocations https://opensource.com/article/18/12/optimizing- kubernetes-resource-allocation-production
29 Kubernetes Virtual Clusters Namespace Limits & Quotas Network Policies Access Controls Workload
30 Kubernetes Virtual Clusters Namespace Limits & Quotas Network Policies Access Controls Workload Security Backups / DR Logging Monitoring Change Mgmt. Ingress Service MeshSecrets
31 Kubernetes Virtual Clusters Namespace Limits & Quotas Network Policies Access Controls Workload
32 One more thing… Pod Security Policy (PSP) o Controls runtime security settings for pods o Enabled at the API Controller o Requires a role binding between pod Service Account and the PSP
33 Policy Management • Policies can provide common configurations and enforce best practices • Kyverno is a open source policy management tool designed for Kubernetes • Kyverno allows you to validate, generate, and enforce configurations per namespace / workload kyverno.io
34 Challenges (recap) 1. Cluster Management • Consistent configuration of clusters • Version control and upgrades all each tool • Security and governance 2. Usage and Workload management • Providing teams with virtual clusters • Providing shared services per virtual cluster • Securing workloads
Virtual Cluster Demo 35
36 Summary • Amazon EKS provide a reliable way of provisioning and managing the Kubernetes control plane • For production enterprise Kubernetes managing cluster add-ons, shared services, and Kubernetes configurations is essential • Nirmata provide an easy way to build self-service secure virtual clusters on EKS (or any other managed K8s service).
Thank-You! https://try.nirmata.io

Recommended

Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
CodeOps Technologies LLP
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
CodeOps Technologies LLP
 
Kubernetes overview 101
Kubernetes overview 101Kubernetes overview 101
Kubernetes overview 101
Boskey Savla
 
Autoscaling in Kubernetes
Autoscaling in KubernetesAutoscaling in Kubernetes
Autoscaling in Kubernetes
Hrishikesh Deodhar
 
Securing and Automating Kubernetes with Kyverno
Securing and Automating Kubernetes with KyvernoSecuring and Automating Kubernetes with Kyverno
Securing and Automating Kubernetes with Kyverno
Saim Safder
 
Cloud for Kubernetes : Session3
Cloud for Kubernetes : Session3Cloud for Kubernetes : Session3
Cloud for Kubernetes : Session3
WhaTap Labs
 
Microservice deployment using docker image on azure kubernetes service
Microservice deployment using docker image on azure kubernetes serviceMicroservice deployment using docker image on azure kubernetes service
Microservice deployment using docker image on azure kubernetes service
Abhishek Sahu
 

Recommended

Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
CodeOps Technologies LLP
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
CodeOps Technologies LLP
 
Kubernetes overview 101
Kubernetes overview 101Kubernetes overview 101
Kubernetes overview 101
Boskey Savla
 
Autoscaling in Kubernetes
Autoscaling in KubernetesAutoscaling in Kubernetes
Autoscaling in Kubernetes
Hrishikesh Deodhar
 
Securing and Automating Kubernetes with Kyverno
Securing and Automating Kubernetes with KyvernoSecuring and Automating Kubernetes with Kyverno
Securing and Automating Kubernetes with Kyverno
Saim Safder
 
Cloud for Kubernetes : Session3
Cloud for Kubernetes : Session3Cloud for Kubernetes : Session3
Cloud for Kubernetes : Session3
WhaTap Labs
 
Microservice deployment using docker image on azure kubernetes service
Microservice deployment using docker image on azure kubernetes serviceMicroservice deployment using docker image on azure kubernetes service
Microservice deployment using docker image on azure kubernetes service
Abhishek Sahu
 
Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
CodeOps Technologies LLP
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
Ajeet Singh
 
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
SlideTeam
 
Kubernetes DevOps - Atul - Microsoft - CC18
Kubernetes DevOps - Atul - Microsoft - CC18Kubernetes DevOps - Atul - Microsoft - CC18
Kubernetes DevOps - Atul - Microsoft - CC18
CodeOps Technologies LLP
 
Kubernetes And Istio and Azure AKS DevOps
Kubernetes And Istio and Azure AKS DevOpsKubernetes And Istio and Azure AKS DevOps
Kubernetes And Istio and Azure AKS DevOps
Ofir Makmal
 
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Davide Benvegnù
 
Driving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete DeckDriving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete Deck
SlideTeam
 
Container DevOps in Azure
Container DevOps in AzureContainer DevOps in Azure
Container DevOps in Azure
Microsoft Tech Community
 
Making sense of containers, docker and Kubernetes on Azure.
Making sense of containers, docker and Kubernetes on Azure.Making sense of containers, docker and Kubernetes on Azure.
Making sense of containers, docker and Kubernetes on Azure.
Nills Franssens
 
Best Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes ServicesBest Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes Services
QAware GmbH
 
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Simone Morellato
 
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
SlideTeam
 
Production ready tooling for microservices on kubernetes
Production ready tooling for microservices on kubernetesProduction ready tooling for microservices on kubernetes
Production ready tooling for microservices on kubernetes
Chandresh Pancholi
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CD
Stfalcon Meetups
 
Securing Kubernetes Workloads
Securing Kubernetes WorkloadsSecuring Kubernetes Workloads
Securing Kubernetes Workloads
Jim Bugwadia
 
Moving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesMoving Applications into Azure Kubernetes
Moving Applications into Azure Kubernetes
Hussein Salman
 
Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4
WhaTap Labs
 
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
CodeOps Technologies LLP
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
CodeOps Technologies LLP
 
Virtual Kubernetes Clusters on Amazon EKS
Virtual Kubernetes Clusters on Amazon EKSVirtual Kubernetes Clusters on Amazon EKS
Virtual Kubernetes Clusters on Amazon EKS
Jim Bugwadia
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 

More Related Content

What's hot

Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
CodeOps Technologies LLP
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
Ajeet Singh
 
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
SlideTeam
 
Kubernetes DevOps - Atul - Microsoft - CC18
Kubernetes DevOps - Atul - Microsoft - CC18Kubernetes DevOps - Atul - Microsoft - CC18
Kubernetes DevOps - Atul - Microsoft - CC18
CodeOps Technologies LLP
 
Kubernetes And Istio and Azure AKS DevOps
Kubernetes And Istio and Azure AKS DevOpsKubernetes And Istio and Azure AKS DevOps
Kubernetes And Istio and Azure AKS DevOps
Ofir Makmal
 
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Davide Benvegnù
 
Driving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete DeckDriving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete Deck
SlideTeam
 
Container DevOps in Azure
Container DevOps in AzureContainer DevOps in Azure
Container DevOps in Azure
Microsoft Tech Community
 
Making sense of containers, docker and Kubernetes on Azure.
Making sense of containers, docker and Kubernetes on Azure.Making sense of containers, docker and Kubernetes on Azure.
Making sense of containers, docker and Kubernetes on Azure.
Nills Franssens
 
Best Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes ServicesBest Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes Services
QAware GmbH
 
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Simone Morellato
 
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
SlideTeam
 
Production ready tooling for microservices on kubernetes
Production ready tooling for microservices on kubernetesProduction ready tooling for microservices on kubernetes
Production ready tooling for microservices on kubernetes
Chandresh Pancholi
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CD
Stfalcon Meetups
 
Securing Kubernetes Workloads
Securing Kubernetes WorkloadsSecuring Kubernetes Workloads
Securing Kubernetes Workloads
Jim Bugwadia
 
Moving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesMoving Applications into Azure Kubernetes
Moving Applications into Azure Kubernetes
Hussein Salman
 
Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4
WhaTap Labs
 
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
CodeOps Technologies LLP
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
CodeOps Technologies LLP
 

What's hot (20)

Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
Containers and OpenStack - A Happy Marriage - Madhuri - Intel - CC18
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
 
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
 
Kubernetes DevOps - Atul - Microsoft - CC18
Kubernetes DevOps - Atul - Microsoft - CC18Kubernetes DevOps - Atul - Microsoft - CC18
Kubernetes DevOps - Atul - Microsoft - CC18
 
Kubernetes And Istio and Azure AKS DevOps
Kubernetes And Istio and Azure AKS DevOpsKubernetes And Istio and Azure AKS DevOps
Kubernetes And Istio and Azure AKS DevOps
 
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
Consolidating Infrastructure with Azure Kubernetes Service - MS Online Tech F...
 
Driving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete DeckDriving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete Deck
 
Container DevOps in Azure
Container DevOps in AzureContainer DevOps in Azure
Container DevOps in Azure
 
Making sense of containers, docker and Kubernetes on Azure.
Making sense of containers, docker and Kubernetes on Azure.Making sense of containers, docker and Kubernetes on Azure.
Making sense of containers, docker and Kubernetes on Azure.
 
Best Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes ServicesBest Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes Services
 
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
 
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
 
Production ready tooling for microservices on kubernetes
Production ready tooling for microservices on kubernetesProduction ready tooling for microservices on kubernetes
Production ready tooling for microservices on kubernetes
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CD
 
Securing Kubernetes Workloads
Securing Kubernetes WorkloadsSecuring Kubernetes Workloads
Securing Kubernetes Workloads
 
Moving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesMoving Applications into Azure Kubernetes
Moving Applications into Azure Kubernetes
 
Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4
 
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
Evolve or Fall Behind: Driving Transformation with Containers - Sai Vennam - ...
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
 

Similar to Operationalizing Amazon EKS

Virtual Kubernetes Clusters on Amazon EKS
Virtual Kubernetes Clusters on Amazon EKSVirtual Kubernetes Clusters on Amazon EKS
Virtual Kubernetes Clusters on Amazon EKS
Jim Bugwadia
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Kubernetes on on on on on on on on on on on on on on Azure Deck.pptx
Kubernetes on on on on on on on on on on on on on on Azure Deck.pptxKubernetes on on on on on on on on on on on on on on Azure Deck.pptx
Kubernetes on on on on on on on on on on on on on on Azure Deck.pptx
HectorSebastianMendo
 
Kubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch IIKubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch II
PT Datacomm Diangraha
 
Openshift Workshop
Openshift Workshop Openshift Workshop
Openshift Workshop
PT Datacomm Diangraha
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang Nguyen
Trang Nguyen
 
Rancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in actionRancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in action
OpenNebula Project
 
Rancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in actionRancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in action
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Introducción a Microservicios, SUSE CaaS Platform y Kubernetes
Introducción a Microservicios, SUSE CaaS Platform y KubernetesIntroducción a Microservicios, SUSE CaaS Platform y Kubernetes
Introducción a Microservicios, SUSE CaaS Platform y Kubernetes
SUSE España
 
Kubernetes integration with ODL
Kubernetes integration with ODLKubernetes integration with ODL
Kubernetes integration with ODL
Prem Sankar Gopannan
 
oci-container-engine-oke-100.pdf
oci-container-engine-oke-100.pdfoci-container-engine-oke-100.pdf
oci-container-engine-oke-100.pdf
NandiniSinghal16
 
01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx
TamalBanerjee16
 
Cloud Native DevOps
Cloud Native DevOpsCloud Native DevOps
Cloud Native DevOps
Jim Bugwadia
 
Meetup Geneva - 25th nov 2020
Meetup Geneva - 25th nov 2020Meetup Geneva - 25th nov 2020
Meetup Geneva - 25th nov 2020
Loic Avenel
 
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
NETWAYS
 
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
NETWAYS
 
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveKubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Sanjeev Rampal
 
From Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With KubernetesFrom Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With Kubernetes
Shikha Srivastava
 
Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)
Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)
Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)
Amazon Web Services Korea
 
Building an Enterprise CaaS with Kubernetes and Rancher 2.0
Building an Enterprise CaaS with Kubernetes and Rancher 2.0Building an Enterprise CaaS with Kubernetes and Rancher 2.0
Building an Enterprise CaaS with Kubernetes and Rancher 2.0
Shannon Williams
 

Similar to Operationalizing Amazon EKS (20)

Virtual Kubernetes Clusters on Amazon EKS
Virtual Kubernetes Clusters on Amazon EKSVirtual Kubernetes Clusters on Amazon EKS
Virtual Kubernetes Clusters on Amazon EKS
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
 
Kubernetes on on on on on on on on on on on on on on Azure Deck.pptx
Kubernetes on on on on on on on on on on on on on on Azure Deck.pptxKubernetes on on on on on on on on on on on on on on Azure Deck.pptx
Kubernetes on on on on on on on on on on on on on on Azure Deck.pptx
 
Kubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch IIKubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch II
 
Openshift Workshop
Openshift Workshop Openshift Workshop
Openshift Workshop
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang Nguyen
 
Rancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in actionRancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in action
 
Rancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in actionRancher Labs - Your own PaaS in action
Rancher Labs - Your own PaaS in action
 
Introducción a Microservicios, SUSE CaaS Platform y Kubernetes
Introducción a Microservicios, SUSE CaaS Platform y KubernetesIntroducción a Microservicios, SUSE CaaS Platform y Kubernetes
Introducción a Microservicios, SUSE CaaS Platform y Kubernetes
 
Kubernetes integration with ODL
Kubernetes integration with ODLKubernetes integration with ODL
Kubernetes integration with ODL
 
oci-container-engine-oke-100.pdf
oci-container-engine-oke-100.pdfoci-container-engine-oke-100.pdf
oci-container-engine-oke-100.pdf
 
01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx
 
Cloud Native DevOps
Cloud Native DevOpsCloud Native DevOps
Cloud Native DevOps
 
Meetup Geneva - 25th nov 2020
Meetup Geneva - 25th nov 2020Meetup Geneva - 25th nov 2020
Meetup Geneva - 25th nov 2020
 
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
 
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
 
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveKubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
 
From Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With KubernetesFrom Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With Kubernetes
 
Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)
Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)
Kubernetes/ EKS - 김광영 (AWS 솔루션즈 아키텍트)
 
Building an Enterprise CaaS with Kubernetes and Rancher 2.0
Building an Enterprise CaaS with Kubernetes and Rancher 2.0Building an Enterprise CaaS with Kubernetes and Rancher 2.0
Building an Enterprise CaaS with Kubernetes and Rancher 2.0
 

More from Jim Bugwadia

ISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply ChainsISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply Chains
Jim Bugwadia
 
Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018
Jim Bugwadia
 
Kubernetes for Enterprise DevOps
Kubernetes for Enterprise DevOpsKubernetes for Enterprise DevOps
Kubernetes for Enterprise DevOps
Jim Bugwadia
 
Demystifying Kubernetes for Enterprise DevOps
Demystifying Kubernetes for Enterprise DevOpsDemystifying Kubernetes for Enterprise DevOps
Demystifying Kubernetes for Enterprise DevOps
Jim Bugwadia
 
Multi-cloud Container Management for vRealize Automation
Multi-cloud Container Management for vRealize AutomationMulti-cloud Container Management for vRealize Automation
Multi-cloud Container Management for vRealize Automation
Jim Bugwadia
 
Cloud Native Applications Maturity Model
Cloud Native Applications Maturity ModelCloud Native Applications Maturity Model
Cloud Native Applications Maturity Model
Jim Bugwadia
 
Containerizing Traditional Applications
Containerizing Traditional ApplicationsContainerizing Traditional Applications
Containerizing Traditional Applications
Jim Bugwadia
 
Accelerating DevOps
Accelerating DevOpsAccelerating DevOps
Accelerating DevOps
Jim Bugwadia
 
Microservices on AWS Spot instances
Microservices on AWS Spot instancesMicroservices on AWS Spot instances
Microservices on AWS Spot instances
Jim Bugwadia
 
Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015
Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015
Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015
Jim Bugwadia
 

More from Jim Bugwadia (10)

ISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply ChainsISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply Chains
 
Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018
 
Kubernetes for Enterprise DevOps
Kubernetes for Enterprise DevOpsKubernetes for Enterprise DevOps
Kubernetes for Enterprise DevOps
 
Demystifying Kubernetes for Enterprise DevOps
Demystifying Kubernetes for Enterprise DevOpsDemystifying Kubernetes for Enterprise DevOps
Demystifying Kubernetes for Enterprise DevOps
 
Multi-cloud Container Management for vRealize Automation
Multi-cloud Container Management for vRealize AutomationMulti-cloud Container Management for vRealize Automation
Multi-cloud Container Management for vRealize Automation
 
Cloud Native Applications Maturity Model
Cloud Native Applications Maturity ModelCloud Native Applications Maturity Model
Cloud Native Applications Maturity Model
 
Containerizing Traditional Applications
Containerizing Traditional ApplicationsContainerizing Traditional Applications
Containerizing Traditional Applications
 
Accelerating DevOps
Accelerating DevOpsAccelerating DevOps
Accelerating DevOps
 
Microservices on AWS Spot instances
Microservices on AWS Spot instancesMicroservices on AWS Spot instances
Microservices on AWS Spot instances
 
Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015
Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015
Multi-Cloud Microservices - DevOps Summit Silicon Valley 2015
 

Recently uploaded

A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 

Recently uploaded (20)

A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 

Operationalizing Amazon EKS

  • 1. Operationalizing Amazon EKS Jim Bugwadia - @JimBugwadia
  • 2. 2 Kubernetes is the new Cloud OS Use Containers & Microservices Leverage Open Source Innovation Adopt a Dev-Ops Culture
  • 3. 3 …but remains complex to manage at scale! Source: Market Pulse Survey of Kubernetes Adoption Management complexity is the biggest hurdle overall to wider adoption
  • 4. 4 Agenda • Overview • What Amazon EKS provides • What else is needed • Demo & discussion
  • 5. 5 About me • Founder and CEO at Nirmata • Developing large-scale distributed systems since the early 90’s (Go, Java, JS, C++) • Core focus on centralized management for complex systems @JimBugwadia jim@nirmata.com
  • 6. Multi-Cloud Kubernetes Management with Nirmata! 6 Service Mgmt VisibilityGovernance Compliance Optimization The Nirmata Platform Change Mgmt. Audit Logs Health Capacity Isolation Policies TuningDiscovery Managed Kubernetes GKE AKS EKS PKS Custom Kubernetes Bare Metal vSphere GPUs Cloud-Native Applications Cluster Services Traditional Applications Cluster Services Your Cloud Nirmata Cloud or Private Edition Your Apps
  • 9. 9 EKS worker node connectivity https://eksworkshop.com/
  • 10. 10 EKS Install 1. eksctl o Command line that creates a new VPC and EKS o eksctl.io 2. Terraform, etc. o AWS provider (https://learn.hashicorp.com/terraform/aws/eks-intro) 3. Nirmata o Policy based cluster and add-on management o https://try.nirmata.io
  • 13. 13 EKS Core Features • Networking o VPC networking support o Elastic Load Balancing o Service Mesh (AWS AppMesh) o Service Registry (AWS CloudMap) • Managed Control Plane • Integrated with IAM • Logging (AWS CloudTrail) • Storage o GP2 (AWS EBS) o CSI drivers for EFS and FSx (Lustre) in alpha
  • 15. 15 Areas to address 1. Cluster Management 2. Usage and Workload management
  • 16. 16 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork
  • 17. 17 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Security
  • 18. 18 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Logging Monitoring Security
  • 19. 19 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Version Control Image Registry Ingress Build Tools Logging Monitoring Security Policy Management
  • 20. 20 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Version Control Image Registry Ingress Build Tools Logging Monitoring Security Policy Management
  • 21. 21 The Enterprise-Wide Kubernetes Stack Compute Kubernetes StorageNetwork Version Control Image Registry Ingress Build Tools Logging Monitoring Security Policy Management
  • 22. Multi-Cluster Management 22 K8s Management Cluster K8s K8s K8s Kubernetes Clusters Infrastructure Data and Shared Services
  • 23. 23 Challenges 1. Cluster Management • Consistent configuration of clusters • Version control and upgrades all each tool • Security and governance 2. Usage and Workload management
  • 24. 24
  • 25. 25 Namespaces Kubernetes supports multiple virtual clusters backed by the same physical cluster. These virtual clusters are called namespaces. https://kubernetes.io/docs/concepts/over view/working-with-objects/namespaces/
  • 26. 26 Role-based access control (RBAC) • Users are authenticated via OIDC, X.509 certificates, tokens, etc. • The auth result provides user information. However, Users and User Groups are managed externally. • Kubernetes has a fine grained permission model • Role (namespace) / ClusterRole • Roles are mapped to users or groups via role bindings • RoleBinding (namespace) / ClusterRoleBinding
  • 27. 27 Network Policies • By default, Kubernetes pods are “non-isolated” • They accept network connections from any source and can initiate connection requests to any destination • Network Policies define traffic rules for Kubernetes pods • ingress (inbound traffic) • egress (outbound traffic) Network Policy Pod Selector Ingress Ingress Rule Ingress Rule Ingress Rule Egress Ingress Rule Ingress Rule Egress Rule
  • 28. 28 Resource Management • Pods can have resource requests and limits • This allows three quality of service models GuaranteedBurstable • A namespace can have limits and default allocations https://opensource.com/article/18/12/optimizing- kubernetes-resource-allocation-production
  • 29. 29 Kubernetes Virtual Clusters Namespace Limits & Quotas Network Policies Access Controls Workload
  • 30. 30 Kubernetes Virtual Clusters Namespace Limits & Quotas Network Policies Access Controls Workload Security Backups / DR Logging Monitoring Change Mgmt. Ingress Service MeshSecrets
  • 31. 31 Kubernetes Virtual Clusters Namespace Limits & Quotas Network Policies Access Controls Workload
  • 32. 32 One more thing… Pod Security Policy (PSP) o Controls runtime security settings for pods o Enabled at the API Controller o Requires a role binding between pod Service Account and the PSP
  • 33. 33 Policy Management • Policies can provide common configurations and enforce best practices • Kyverno is a open source policy management tool designed for Kubernetes • Kyverno allows you to validate, generate, and enforce configurations per namespace / workload kyverno.io
  • 34. 34 Challenges (recap) 1. Cluster Management • Consistent configuration of clusters • Version control and upgrades all each tool • Security and governance 2. Usage and Workload management • Providing teams with virtual clusters • Providing shared services per virtual cluster • Securing workloads
  • 36. 36 Summary • Amazon EKS provide a reliable way of provisioning and managing the Kubernetes control plane • For production enterprise Kubernetes managing cluster add-ons, shared services, and Kubernetes configurations is essential • Nirmata provide an easy way to build self-service secure virtual clusters on EKS (or any other managed K8s service).