AEWS 2, Week 2, Restropection

AWS EKS Workshop Study
이민석's avatar
Mar 10, 2024
AEWS 2, Week 2, Restropection

Introduction

AEWS Study Group Week 1, study content and assignments.

The goal is to do all the questions and challenges in the lessions.

Prerequisites

Practices

  • Check pods use secondary IPv4 address.

  • Create pods for testing, nicolkaka/netshoot

  • Communicate each pods using tcpdump.

  • Communication test with each pods.

  • The limitation of pods' amount using 'kube-ops-view'.

Fundamental

Challenges

  • Scale EKS max pods

    • Prefix Delegation + Warm & Min Ip/Prefix Targets

    • Custom Networks

  • Set up security group for each pods.

  • Set up ingress of nlb for udp traffic of game server.

  • Set up multiple ingress pattern in single alb.

  • Expose Amazon EKS pods through cross-acount load balancer.

  • Expose k8s applications, part 2 : AWS Load Balancer Controller

  • Expose k8s applications, part 3 : NGINX Ingress Controller

  • Collect metric "linklocal_allowance_exceeded" of EC@ ENA using prometheus.

  • Leveraging CNI custom networking alongside security groups for pods in Amazon EKS

  • Using AWS Load Balancer Controller for blue/green deployment, canary deployment and A/B testing

  • How to use Application Load Balancer and Amazon Cognito to authenticate users for your Kubernetes web apps

  • EKS에 NodeLocal DNS Cache 설정으로 클러스터의 DNS 성능 향상

  • Addressing latency and data transfer costs on EKS using Istio

  • Deploy a gRPC-based application on an Amazon EKS cluster and access it with an Application Load Balancer

  • Optimize webSocket applications scaling with API Gateway on Amazon EKS

  • Use shared VPC subnets in Amazon EKS

  • Recent changes to the CoreDNS add-on

  • Automating custom networking to solve IPv4 exhaustion in Amazon EKS

  • A deeper look at Ingress Sharing and Target Group Binding in AWS Load Balancer Controller

  • Using Istio Traffic Management on Amazon EKS to Enhance User Experience

  • Getting Started with Istio on Amazon EKS

  • Avoiding Errors & Timeouts with Kubernetes Applications and AWS Load Balancers

  • ALB 경우 인증서 ARN 지정 없이, 자동 발견 가능

    • 방안1(ingress tls),

    • 방안2(ingress rule host)

Share article

Unchaptered