external/og-aws
1
0
Fork 0
mirror of https://github.com/nickpoida/og-aws.git synced 2025-02-13 02:12:02 +00:00
Code Issues Releases Wiki Activity

Updated to add basic EKS information, tips and tricks and references … (#623)

Browse source 
* Updated to add basic EKS information, tips and tricks and references to documentation

* Updated typographic and spelling errors that Hugs and Kisses CQuinn identified for me.

* Fixed capitalization of Multiple, not Multipile that Colin wanted

* Updated broken link

* Fixed K8 vs K8s
This commit is contained in:
Justin Brodley 2018-10-04 12:52:19 -07:00 committed by Corey Quinn
parent 3c087be3e2
commit 614fc12f00
1 changed files with 35 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
README.md
View file

@ -47,7 +47,8 @@ Table of Contents
| [RDS Aurora PostgreSQL](#rds-aurora-postgresql) | [📗](#rds-aurora-postgresql-basics) | [📘](#rds-aurora-postgresql-tips) | [📙](#rds-aurora-postgresql-gotchas-and-limitations) |
| [DynamoDB](#dynamodb) | [📗](#dynamodb-basics) | [📘](#dynamodb-tips) | [📙](#dynamodb-gotchas-and-limitations) |
| [ElastiCache](#elasticache) | [📗](#elasticache-basics) | [📘](#elasticache-tips) | [📙](#elasticache-gotchas-and-limitations) |
| [ECS](#ecs) | [📗](#ecs-basics) | [📘](#ecs-tips) | |
| [ECS](#ecs) | [📗](#ecs-basics) | [📘](#ecs-tips) | |
| [EKS](#eks) | [📗](#eks-basics) | [📘](#eks-tips) | [📙](#eks-gotchas-limitations) |
| [Fargate](#fargate) | [📗](#fargate-basics) | [📘](#fargate-tips) | [📙](#fargate-gotchas-and-limitations) |
| [Lambda](#lambda) | [📗](#lambda-basics) | [📘](#lambda-tips) | [📙](#lambda-gotchas-and-limitations) |
| [API Gateway](#api-gateway) | [📗](#api-gateway-basics) | [📘](#api-gateway-tips) | [📙](#api-gateway-gotchas-and-limitations) |
@ -218,6 +219,7 @@ General Information
- 🕍[Elastic Beanstalk](https://aws.amazon.com/elasticbeanstalk/): Fully managed (PaaS) deployment of packaged Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker applications
- 🐥[EFS](#efs): Network filesystem compatible with NFSv4.1
- ⛓🕍[ECS](#ecs): Docker container/cluster management (note Docker can also be used directly, without ECS)
- 🕍 [EKS](#eks): Kubernetes (K8) Docker Container/Cluster management
- ⛓[ECR](https://aws.amazon.com/ecr/): Hosted private Docker registry
- 🐥[Config](https://aws.amazon.com/config/): AWS configuration inventory, history, change notifications
- 🐥[X-Ray](https://aws.amazon.com/xray/): Trace analysis and debugging for distributed applications such as microservices.
@ -236,7 +238,7 @@ General Information
- [Inspector](https://aws.amazon.com/inspector/): Security audit
- [Trusted Advisor](https://aws.amazon.com/premiumsupport/trustedadvisor/): Automated tips on reducing cost or making improvements
- 🐥[Certificate Manager](https://aws.amazon.com/certificate-manager/): Manage SSL/TLS certificates for AWS services
- 🐥⛓[Fargate](https://aws.amazon.com/fargate/): Docker containers management, backend for ECS
- 🐥⛓[Fargate](https://aws.amazon.com/fargate/): Docker containers management, backend for ECS and EKS
- **Compound services:** These are similarly specific, but are full-blown services that tackle complex problems and may tie you in. Usefulness depends on your requirements. If you have large or significant need, you may have these already managed by in-house systems and engineering teams.
- [Machine Learning](https://aws.amazon.com/machine-learning/): Machine learning model training and classification
- [Lex](https://aws.amazon.com/lex/): Automatic speech recognition (ASR) and natural language understanding (NLU)
@ -296,7 +298,7 @@ Many services within AWS can at least be compared with Google Cloud offerings or
| Virtual server | EC2 | Compute Engine (GCE) | | Virtual Machine | DigitalOcean | OpenStack |
| PaaS | Elastic Beanstalk | App Engine | App Engine | Web Apps | Heroku, AppFog, OpenShift | Meteor, AppScale, Cloud Foundry, Convox |
| Serverless, microservices | Lambda, API Gateway | Functions | | Function Apps | PubNub Blocks, Auth0 Webtask | Kong, Tyk |
| Container, cluster manager | ECS, Fargate | Container Engine, Kubernetes | Borg or Omega | Container Service | | Kubernetes, Mesos, Aurora |
| Container, cluster manager | ECS, EKS, Fargate | Container Engine, Kubernetes | Borg or Omega | Container Service | | Kubernetes, Mesos, Aurora |
| Object storage | S3 | Cloud Storage | GFS | Storage Account | DigitalOcean Spaces | Swift, HDFS, Minio |
| Block storage | EBS | Persistent Disk | | Storage Account | DigitalOcean Volumes | NFS |
| SQL datastore | RDS | Cloud SQL | | SQL Database | | MySQL, PostgreSQL |
@ -365,6 +367,7 @@ Its important to know the maturity of each AWS product. Here is a mostly comp
| 🐥[Machine Learning](https://aws.amazon.com/releasenotes/AmazonML?browse=1) | 2015-04 | General | ✓ | | |
| [Lambda](https://aws.amazon.com/releasenotes/AWS-Lambda?browse=1) | 2014-11 | General | ✓ | | ✓ |
| [ECS](https://aws.amazon.com/ecs/release-notes/) | 2014-11 | General | ✓ | ✓ | ✓ |
| [EKS](https://docs.aws.amazon.com/eks/latest/userguide/platform-versions.html) | 2018-06 | General | ✓<sup>[12](#user-content-eks-cli)</sup> | | |
| [KMS](https://aws.amazon.com/releasenotes/AWS-KMS?browse=1) | 2014-11 | General | ✓ | | ✓ |
| [CodeDeploy](https://aws.amazon.com/releasenotes/AWS-CodeDeploy?browse=1) | 2014-11 | General | ✓ | | |
| [Kinesis](https://aws.amazon.com/releasenotes/Amazon-Kinesis?browse=1) | 2013-12 | General | ✓ | | ✓<sup>[11](#user-content-pci-kinesis)</sup> |
@ -417,6 +420,7 @@ Its important to know the maturity of each AWS product. Here is a mostly comp
<a name="user-content-pci-rds">**9**</a>: Includes RDS MySQL, Oracle, PostgreSQL, SQL Server, and MariaDB</br>
<a name="user-content-pci-asg">**10**</a>: Includes Auto-Scaling</br>
<a name="user-content-pci-kinesis">**11**</a>: Streams only</br>
<a name="user-content-eks-cli">**12**</a>: Kubernetes uses a custom CLI for Pod/Service management called kubectl. AWS CLI only handles Kubernetes Master concerns</br>
### Compliance
@ -563,6 +567,7 @@ This guide is about AWS, not DevOps or server configuration management in genera
- A consequence of this is that you need fewer AMIs and boot scripts; for most deployments, the only boot script you need is a template that fetches an exported docker image and runs it.
- Companies that are embracing [microservice architectures](http://martinfowler.com/articles/microservices.html) will often turn to container-based deployments.
- AWS launched [ECS](https://aws.amazon.com/ecs/) as a service to manage clusters via Docker in late 2014, though many people still deploy Docker directly themselves. See the [ECS section](#ecs) for more details.
- AWS launched [EKS](https://aws.amazon.com/eks/) as a service to manage Kubernetes Clusters mid 2018, though many people still deploy ECS or use Docker directly themselves. See the [EKS section](#eks) for more details.
### Visibility
@ -1435,6 +1440,33 @@ ECS
🚧 [*Please help expand this incomplete section.*](CONTRIBUTING.md)
EKS
---
### EKS Basics
- 📒 [Homepage](https://aws.amazon.com/eks/) ∙ [User guide](http://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html) ∙ [FAQ](https://aws.amazon.com/eks/faq/) ∙ [Pricing](https://aws.amazon.com/eks/pricing/)
- EKS (Elastic Kubernetes Service) is a new service (launched June 2018) that provides managed Kubernetes Masters in a Highly Available pair to deploy K8s Services and Pods on top of EC2 based Kubernetes nodes.
- See the [Containers and AWS](#containers-and-aws) section for more context on containers.
- EKS is AWS's solution to hosting Kubernetes natively on AWS. It is not a replacement for ECS directly but is in response to the large market dominance of Kubernetes.
- EKS does not launch EC2 nodes and would have to be configured and setup either manually or via Cloudformation (or other automation solution)
- EKS management is done through a utility called kubectl, and with Kube configuration files. These files will need to be configured to speak with the K8s Master with a certificate and URL
- EKS authentication is integrated with IAM roles/permissions via a custom plugin for kubectl called aws-iam-authenticator (formerly heptio-authenticator-aws) https://github.com/kubernetes-sigs/aws-iam-authenticator
### EKS Tips
- If you do not already have kubectl configured, it is now included in the AWSCLI packages. This is the simplest way to install kubectl and the assocated iam authenticator plugin
- Multiple clusters can be supported by using different kubeconfig files
### EKS Alternatives and Lock-in
- [ECS](#ecs) Amazon's native Container Scheduled platform released in 2014. If you don't utilize containers today and are looking to get started, ECS is an excellent product.
- [Kubernetes](https://kubernetes.io): Extensive container platform. Available as a hosted solution on Google Cloud (https://cloud.google.com/container-engine/), AWS (https://tectonic.com/), Digital Ocean (https://www.digitalocean.com/products/kubernetes/) and Azure (https://azure.microsoft.com/en-us/services/kubernetes-service/). AWS have a Kubernetes Quickstart (https://aws.amazon.com/quickstart/architecture/heptio-kubernetes/) developed in collaboration with Heptio.
- [Nomad](https://www.nomadproject.io/): Orchestrator/Scheduler, tightly integrated in the Hashicorp stack (Consul, Vault, etc).
### EKS Gotchas and Limitations
- Pods and Service configurations can rapidly consume IP addresses inside a VPC. Proper care and maintenance should be applied to ensure IP exhaustion does not occur
- There is currently no integrated monitoring in Cloudwatch for EKS pods or services, you will need to deploy a monitoring system that supports kubernetes such as Prometheus.
- Autoscaling based off CPU/Memory of a node is limited as you will not be aware of pending services/pods that cannot start. As this is not queryable via EKS API's, you would need to write this in Lambda with kubectl, this may be a security concern for some organizations.
- Prometheus (https://prometheus.io/) is a very popular monitoring solution for K8s, metrics and alerts can be used to send events to Lambda, SQS or other solutions to take autoscaling actions.
Fargate
-------