Elastic Kubernetes Service (EKS) is a service under the Amazon Web Services (AWS) umbrella that provides managed Kubernetes service. It significantly reduces the time to deploy, manage, and scale the infrastructure required to run production-scale Kubernetes clusters.
AWS has simplified EKS networking significantly with its container network interface (CNI) plugin. With no network overlays, a Kubernetes pod (container) gets an IP address from the same Virtual Private Cloud (VPC) allocated subnet as would an Elastic Compute Cloud (EC2) instance. This means that any workload, be it a container, lambda, or EC2 instance, can now…
At Salesforce, we use Kubernetes to orchestrate our services layer and recently ran into a use case where we wanted to apply and manage certain common objects across Kubernetes namespaces. Since there’s no native solution to share objects across namespaces or the concept of a global object, we used Kubernetes’ extensibility to solve the problem. In this post, I’ll shed light on how we accomplished this.
Namespaced objects in Kubernetes aren’t designed to be shared across logical boundaries. If you want to share a certain object across multiple namespaces, you must scope the object at the cluster level. The inability…
Plugins are a native way of extending the
kubectlclient functionality in Kubernetes.
kubectl CLI client written in Golang to interact with the Kubernetes control plane. Its simple to use, modular & extensible.
This means that a Kubernetes developer can build custom plugins to add new features to the
kubectl client's functionality. Plugins extend
kubectl with new sub-commands, allowing for new and custom features not included in the main distribution of
Since the functionality of the client can be extended to pretty much anything that exposes a programmatic interface (APIs), I thought why not write a plugin to control a Tesla…
3rd week of January, 2020 has been quite productive. I managed to clear both Kubernetes certifications offered by the Cloud Native Computing Foundation (CNCF); Certified Kubernetes Application Developer (CKAD) & Certified Kubernetes Administrator (CKA).
Both these exams are quite different from other industry certifications; mainly due to the fact that both are performance-based exams & will test your problem-solving skills while debugging real issues. There are NO multiple-choice questions & each exercise requires you to interact with the Kubernetes cluster in some way.
Ever since I posted on LinkedIn, some of my connections wanted to understand how I managed to…
Helm (a tiller or wheel & any associated equipment for steering a ship or boat) is a package manager for Kubernetes. It was inspired by the Homebrew project & helps developers to easily package & distribute complex microservices that run on the Kubernetes platform.
Amazon Elastic Kubernetes Service (EKS) makes it easy to deploy, manage, & scale containerized applications using Kubernetes on AWS.
EKS uses Identity & access management (IAM) to provide authentication to your Kubernetes (K8s) cluster through the AWS IAM Authenticator for Kubernetes, but it still relies on native K8s Role-Based Access Control (RBAC) for authorization.
This means that IAM is only used for authentication of valid IAM entities. All permissions for interacting with your EKS cluster’s K8s APIs are managed through the native K8s RBAC system.