Kubernetes

Deploy EKS Cluster Endpoint.

이민석's avatar
이민석
Mar 06, 2024
Deploy EKS Cluster Endpoint.
Contents
IntroduceTopic

Introduce

Thank you for clicking through to my arcticle. I've been a DevOps engineer for 2 years in dev-team of 7 engineers.

My name is MINSEOK, LEE, but I use Unchaptered as an alias on the interenet. So, you can call me anythings "MINSEOK, LEE" or "Unchaptered" to ask something.

This article is based on learning content of 1 week, AEWS 2.
 

In the previous lab, Deploy Amazon EKS and NodeGroups using CloudFormation, we implemented EKS Cluster and Endpoint as public-public.

However, this approach exposes you to security risks.

  1. Request from kubectl to kube-apiserver is going through public internet.

  2. Request from kube-proxy to kube-apiserver is going through public internet.

The purpose of this article is gradually change the default public-public to the more secure public-private and private-private methods as 3 type of cluster endpoint case.

We will also validate this by using a network tool(cli), rather than just implementing it.
 

Topic

In this article, I reinforce EKS Cluster Endpoint security from public-public to private-private.

Also, I'll verify that the network flows are actually same by we expected.

  1. EKS Cluster Endpoint as Public-Public

  2. EKS Cluster Endpoint as Public-Private

  3. EKS Cluster Endpoint as Private-Private

Share article

More articles

See more posts

Availability with Pod, Master Node, Worker Node

이민석's avatar
March 7, 2024
Availability with Pod, Master Node, Worker Node

When should you use for_each and count?

이민석's avatar
March 6, 2024
When should you use for_each and count?

What's diff Amazon EKS Cluster Endpoint 3 kind of Types?

이민석's avatar
March 6, 2024
What's diff Amazon EKS Cluster Endpoint 3 kind of Types?

What's diff among Managed Node Groups, Self Managed Nodes, Fargate?

이민석's avatar
March 6, 2024
What's diff among Managed Node Groups, Self Managed Nodes, Fargate?

Unchaptered

RSS·Powered by Inblog