Running k8s on EKS

EKS is the new AWS managed Service for Kubernetes launched at last Re-Invent 2018.  EKS is not available in all regions right now. EKS an option for those who don't want to use KOPS.  For this blog post, I will show how to easily set up a kubernetes cluster in AWS using EKS.  EKS has some benefits, first of all, is a managed service that you are not locked in since the API is kubernetes based so you can easily migrate to other kubernetes installation or even other kubernetes installation in other cloud vendor or on-premises.




EKS Benefits
  • Managed Service without lock-in (Kubernetes API, specs, kubectl)
  • There is no Control Plane management (Multi-AZ, Automatic patches, and updates)
  • Secure by Default (Secure and encrypted communications between worker nodes and master)
  • Conformant and Compatible (EKS runs certified kubernetes. Compatible with standard k8s envs)
IMHO this is what most of the companies are looking for, in other words, *Serverless*. 

The Pain Points

I don't want to paint a rosy picture of EKS like any new technology there are problems such as:
  • Poor Documentation - very few docs
  • Lack of Observability - It's a kind of black blocks compared with Kops.
  • When you do something wrong and har to figure it what you did it wrong.
  • Error-Prone - Is very easy to make mistakes(eksctl fix that)
  • In a Long Run is more expensive than running on EC2 with Kops
  • Alpha APIS is not supported. 
It's important to keep in mind that EKS is a very new service and it should get better and the time passes. 

Running Kubernetes in EKS using EKSCTL

EKSCTL is a great tool. Written in go, makes eks cluster creatin way less error-prone and many simples to get a cluster up and running. So let's get started! Basically, we will install the AWS Authenticator and EKSCTL them we can create the cluster and deploy nginx in kubernetes after that we can access the nginx application in the browser(before that you will need to enable the SG access for your IP). Them we destroy the cluster.


Creating a cluster














 Deploying nginx in Kubernetes












Nginx up and running on AWS(Need to enable 80 port SG access)

















Nginx AWS ELB Created by EKS and K8s with EKSCTL



 K8s Nodes Running on EC2 via EKS and EKSCTL





















Destroying the cluster







Cheers,
Diego Pacheco

Popular posts from this blog

Kafka Streams with Java 15

Image
Kafka Streams is a Streaming library similar to Spark and Flink which works with Apache Kafka. Kafka stream can be useful to process historical and near-real-time big data workloads but also for non-realtime analytical computations at scale for the online world as well. Kafka-Streams is elastic, highly scalable, fault-tolerant, and fully integrated with Kafka. You can use Kafka Stream with Java, Scala, Kotlin JVM applications and also have exactly-once processing semantics. Kafka-Streams is being used by the New York Times, Pinterest, Line, Trivago, Zalando, and many other companies. Today I want to share a video of Kafka-Streams running with Kafka 2.6 and Java JDK 15. So Let's get started. 
read more »

Rust and Java Interoperability

Image
Rust does not stop for one second to amaze me. It looks like Rust was designed to talk to every other language so easily. No kidding, it's clear way Web Assembly and rust have lots in common. Java is never an easy lang to interop with. Today I will show how easily we can interop Java & Rust. In order to do so, we will need to use the Java and Rust compilers. For Java, we will not require any other lib than the standard JDK. For Rust, we will need to create a lib project in cargo and we will need to use the crate JNI. I love this feature because java does not allow low-level code on the main language. So if we need to do something low level, efficiently Rust is my first choice, not only for safety reasons but because is really fast.  Let's get started.
read more »

HMAC in Java

Image
In 2018 AWS CTO(Vogels) said : "Security is everyone's job". For the last 2 years, there was so many famous and big data leaks and breaks that made that statement be very true more than ever. Security often could mean worst performance and worst user experience so in order to get it right you really need to think about the designs before jumping into to code and consider performance and user experience has main requirements.  I was thinking about writing about how to do HMAC in Java for a while and recently Redis 6.0.0 come out and to my surprise, there was a refactoring on the password part in order to use HMAC.  Security easily could scare engineers often because it is not something well spread yet but I believe this will change soon. It does not matter if you have to deal with PII Data or not, security is super relevant because everybody is running their workloads at the cloud or with IoT and Edge devices which means more distribution, more code, more points of fail
read more »