Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

EKS New features - Re:invent 2022 recap at AWSUGNL Benelux

Download as PPTX, PDF

Amazon EKS has introduced new features to improve reliability, security, and performance. VPC Lattice now automatically handles network connectivity and traffic management between Kubernetes clusters across multiple VPCs and accounts. The EKS add-on configuration has also been enhanced to allow for easier lifecycle management and customization. Additionally, managed add-ons like VPC_CNI, CoreDNS, and KubeProxy can now be deployed and configured as part of EKS blueprints using infrastructure as code tools.

1 of 12

1

Amazon EKS New Features AWS re:Invent Community re:Cap Jan 18th 2023, Netherlands Masoom Tulsiani Consulting Architect

2

Consulting Architect Rackspace Technology Masoom Tulsiani 2 • Kubernetes evangelism • Technical blogs • EKS/ECS blueprints • IaC Terraform • Landing zones • Organizing community events @CloudJedi_

3

Amazon EKS: Managed container orchestration service by AWS, offering profile types of Fargate & EC2 instances (Managed Node Groups) What is Amazon EKS? Profile types Amazon Elastic Kubernetes Service 3

4

Customer pain points: reliability, performance, operational excellence & security • Cluster upgrades • Managing custom add-ons • Networking Multi-cluster/shared cluster Amazon EKS customer pain points 4

5

• Amazon EKS add-on adds support for CoreDNS for Node types (EC2 & Fargate). • Advanced configuration • Lifecycle management & custom configuration Amazon EKS add-on improvements • vpc-cni • CoreDNS • kube-proxy • EBS CSI Amazon EKS add-on configuration 5 aws eks describe-addon --cluster-name my-cluster --addon-name coredns --query "addon.addonVersion" --output text # Output v1.8.0-eksbuild.1 aws eks create-addon --cluster-name my- cluster --addon-name vpc-cni --addon-version version-number --service-account-role-arn arn:aws:iam::111122223333:role/role-name --configuration-values '{"resources":{"limits":{"cpu":"100m"}}}' -- resolve-conflicts OVERWRITE 1

6

ACK tool: Manage AWS service resources from Kubernetes • Allow AWS users to use the Kubernetes API • Harness AWS • Cloud-native control & always up to date • Custom resource definitions (CRDs) • Build scalable and highly-available Kubernetes applications Support for new services AWS controllers for Kubernetes (ACK) 6 2 New AWS services support in releases • GA for ACK controller for EMR on EKS • Relational Database Service (RDS), AWS Lambda, AWS Step Functions, Managed Service for Prometheus (AMP), Key Management Service (KMS), Sagemaker Amazon Relational Database Service (Amazon RDS) AWS Lambda AWS Step Functions AWS Key Management Service (AWS KMS) Amazon SageMaker Amazon Managed Service for Prometheus EMR engine

7

Part of EKS Blueprint Managed ELB Part of EKS blueprint - ALB - NLB Load balancer controller & EKS blueprints 7 3 AWS Load Balancer controller manages a) Application load balancers: Kubernetes ingress b) Network load balancers: Kubernetes service objects of type load balancer Annotations: service.beta.kubernetes.io/aws-load-balancer-type: ”alb-ip” service.beta.kubernetes.io/aws-load-balancer-type: ”nlb-ip"

8

Bridges network connectivity with application layer proxy. • Network connectivity • Traffic management: through k8s gateway native API. • Applies granular access permissions • Observability: Monitoring and troubleshoot service-to-service communication • Service discovery • Load balancing • Authentication & authorization Layer 7 application networking + service mesh VPC Lattice 8 4

9

Lattice helps to solve multi- cluster challenges • K8s gateway native API. • No Custom Resource Definition (CRD) • VPC Lattice automatically handles network connectivity between VPCs and accounts and network address translation between IPv4, IPv6, and overlapping IP addresses. Multi-cluster challenges Overlapping IP addresses VPC Lattice 9 4 Multi-cluster, multi-VPC K8s Source: AWS re:Invent 2022 - [NEW] Introducing Amazon VPC Lattice: Simplifying app networking (NET215)

10

Amazon EKS improvements in reliability, security & performance Highlight summary 10 Reliability, performance, operational excellence & security • Cluster updation & creation: Faster updates average time to update a cluster reduced form 40 mins to <10 mins. • VPC Lattice automatically handles service to service communication, network connectivity between VPCs and accounts and advanced granular traffic controls. • EKS add-on configuration improvement in lifecycle management & modify configuration any time during or post add on deployment. • EKS Managed Add-ons: VPC_CNI, CoreDNS, & KubeProxy are now part of EKS Blueprints, possible to manage it via IaC Terraform & Cloudformation.

11

Q&A 11 @CloudJedi_

12

EKS New features - Re:invent 2022 recap at AWSUGNL Benelux

More Related Content

EKS New features - Re:invent 2022 recap at AWSUGNL Benelux

  • 1. Amazon EKS New Features AWS re:Invent Community re:Cap Jan 18th 2023, Netherlands Masoom Tulsiani Consulting Architect
  • 2. Consulting Architect Rackspace Technology Masoom Tulsiani 2 • Kubernetes evangelism • Technical blogs • EKS/ECS blueprints • IaC Terraform • Landing zones • Organizing community events @CloudJedi_
  • 3. Amazon EKS: Managed container orchestration service by AWS, offering profile types of Fargate & EC2 instances (Managed Node Groups) What is Amazon EKS? Profile types Amazon Elastic Kubernetes Service 3
  • 4. Customer pain points: reliability, performance, operational excellence & security • Cluster upgrades • Managing custom add-ons • Networking Multi-cluster/shared cluster Amazon EKS customer pain points 4
  • 5. • Amazon EKS add-on adds support for CoreDNS for Node types (EC2 & Fargate). • Advanced configuration • Lifecycle management & custom configuration Amazon EKS add-on improvements • vpc-cni • CoreDNS • kube-proxy • EBS CSI Amazon EKS add-on configuration 5 aws eks describe-addon --cluster-name my-cluster --addon-name coredns --query "addon.addonVersion" --output text # Output v1.8.0-eksbuild.1 aws eks create-addon --cluster-name my- cluster --addon-name vpc-cni --addon-version version-number --service-account-role-arn arn:aws:iam::111122223333:role/role-name --configuration-values '{"resources":{"limits":{"cpu":"100m"}}}' -- resolve-conflicts OVERWRITE 1
  • 6. ACK tool: Manage AWS service resources from Kubernetes • Allow AWS users to use the Kubernetes API • Harness AWS • Cloud-native control & always up to date • Custom resource definitions (CRDs) • Build scalable and highly-available Kubernetes applications Support for new services AWS controllers for Kubernetes (ACK) 6 2 New AWS services support in releases • GA for ACK controller for EMR on EKS • Relational Database Service (RDS), AWS Lambda, AWS Step Functions, Managed Service for Prometheus (AMP), Key Management Service (KMS), Sagemaker Amazon Relational Database Service (Amazon RDS) AWS Lambda AWS Step Functions AWS Key Management Service (AWS KMS) Amazon SageMaker Amazon Managed Service for Prometheus EMR engine
  • 7. Part of EKS Blueprint Managed ELB Part of EKS blueprint - ALB - NLB Load balancer controller & EKS blueprints 7 3 AWS Load Balancer controller manages a) Application load balancers: Kubernetes ingress b) Network load balancers: Kubernetes service objects of type load balancer Annotations: service.beta.kubernetes.io/aws-load-balancer-type: ”alb-ip” service.beta.kubernetes.io/aws-load-balancer-type: ”nlb-ip"
  • 8. Bridges network connectivity with application layer proxy. • Network connectivity • Traffic management: through k8s gateway native API. • Applies granular access permissions • Observability: Monitoring and troubleshoot service-to-service communication • Service discovery • Load balancing • Authentication & authorization Layer 7 application networking + service mesh VPC Lattice 8 4
  • 9. Lattice helps to solve multi- cluster challenges • K8s gateway native API. • No Custom Resource Definition (CRD) • VPC Lattice automatically handles network connectivity between VPCs and accounts and network address translation between IPv4, IPv6, and overlapping IP addresses. Multi-cluster challenges Overlapping IP addresses VPC Lattice 9 4 Multi-cluster, multi-VPC K8s Source: AWS re:Invent 2022 - [NEW] Introducing Amazon VPC Lattice: Simplifying app networking (NET215)
  • 10. Amazon EKS improvements in reliability, security & performance Highlight summary 10 Reliability, performance, operational excellence & security • Cluster updation & creation: Faster updates average time to update a cluster reduced form 40 mins to <10 mins. • VPC Lattice automatically handles service to service communication, network connectivity between VPCs and accounts and advanced granular traffic controls. • EKS add-on configuration improvement in lifecycle management & modify configuration any time during or post add on deployment. • EKS Managed Add-ons: VPC_CNI, CoreDNS, & KubeProxy are now part of EKS Blueprints, possible to manage it via IaC Terraform & Cloudformation.