Managed Kubernetes in Public Cloud

1. Introduction
2. Terraform Kubernetes Boilerplates
3. GKE vs EKS vs AKS
4. Other Managed Kubernetes
5. AWS EKS (Hosted/Managed Kubernetes on AWS)
   1. EKS Upgrades
   2. EKS and IaC with Crossplane
   3. AWS EKS Vs ECS Vs Fargate
   4. EKS Anywhere (on premises)
   5. EKS Distro (EKS-D)
   6. Testing Kubernetes Canary deployment on EKS
6. AKS Azure Kubernetes Service
   1. AKS Lite
   2. Draft 2 on AKS
7. GKE Google Kubernetes Engine
8. IKS IBM Cloud Kubernetes Service
9. Linode Kubernetes Engine LKE
10. DOKS Digital Ocean Kubernetes
11. Oracle Cloud Kubernetes
12. Provisioning cloud resources (AWS, GCP, Azure) in Kubernetes
13. Kubesphere
14. Giant Swarm
15. Tools for multi-cloud Kubernetes management
16. Videos
17. Tweets

Introduction

• infoworld.com: 6 reasons to switch to managed Kubernetes Managed Kubernetes services have matured to the point where many enterprises are handing over the keys to their clusters. Here we identify some of the main drivers behind that trend.
• Allocatable memory and CPU in Kubernetes Nodes 🌟 Not all CPU and memory in your Kubernetes nodes can be used to run Pods. In this article, you will learn how managed Kubernetes Services such AKS, EKS and GKE reserve resources for workloads, operating systems, daemons and Kubernetes agent.
• armosec.io: Which Managed Kubernetes Is Right for Me? This blog will compare on-premises, or self-hosted,Kubernetes clusters to managed ones, as well as outline your options for Kubernetes in the cloud
• infoworld.com: CNCF survey: Managed Kubernetes becomes the norm Cloud Native Computing Foundation’s latest survey shows that container and Kubernetes usage continues to rise, as managed services ease the operational burden on their teams.
• redhat.com: What architects need to know about managed Kubernetes Should you assemble your own Kubernetes stack or adopt a managed platform such as Red Hat OpenShift? Evaluate the differences.

Terraform Kubernetes Boilerplates

• Terraform Kubernetes Boilerplates 🌟

GKE vs EKS vs AKS

• medium.com: Kubernetes Cloud Services: Comparing GKE, EKS and AKS
• stackrox.com: EKS vs GKE vs AKS - Evaluating Kubernetes in the Cloud
• youtube: Kubernetes Comparison A beautiful comparison of Kubernetes Services from GCP, AWS and Azure by learnk8s.
  • learnk8s.io/research: Comparison of Kubernetes managed services 🌟
• medium: State of Managed Kubernetes 2020 EKS vs. AKS vs. GKE from a Developer’s Perspective
• medium: Managed Kubernetes Services Compared: GKE vs. EKS vs. AKS Comparing the three most popular managed Kubernetes platforms in features and overall experience.
• acloudguru.com: AKS vs EKS vs GKE: Managed Kubernetes services compared

Other Managed Kubernetes

• thenewstack.io: Otomi Container Platform Offers an Integrated Kubernetes Bundle If you want to enjoy the benefits of Kubernetes, configuring and installing the software itself can be just the first of many deeply technical and oftentimes confusing steps. To simplify this, many major cloud providers offer managed Kubernetes services, but even then you may need to install secondary services to handle tasks such as tracing, logging, monitoring, identity access management, and so on. The Otomi Container Platform looks to address this complexity by bundling together more than 30 different Kubernetes add-ons, as well as providing what it calls an “OSX like interface,” and today the project has open sourced a community edition under the Apache 2.0 license.
  • otomi.io 🌟
  • github: Otomi GitOps powered K8s app suite with developer self-service

AWS EKS (Hosted/Managed Kubernetes on AWS)

• dzone: kops vs EKS
• udemy.com: amazon eks starter kubernetes on aws
• eksctl: EKS installer
  • medium.com/@thapliyal705: Create Amazon EKS Cluster from scratch using eksctl
• medium: Implementing Kubernetes Cluster using AWS EKS (AWS Managed Kubernetes)
• Amazon EKS Security Best Practices
• thenewstack.io: Install and Configure OpenEBS on Amazon Elastic Kubernetes Service
• cloudonaut.io: Scaling Container Clusters on AWS: ECS and EKS 🌟
• magalix.com: Deploying Kubernetes Cluster With EKS 🌟 Fargate Deployment vs. Linux Workload
• Deploying Infrastructure (FrontEnd + BackEnd) on AWS using Amazon EKS
• EKS Service Accounts Explained In AWS you can assign IAM permissions to pods in your cluster. This article explains how it works.
• medium: Building the CI/CD of the Future, Creating the EKS Cluster 🌟
• Announcing the AWS Controllers for Kubernetes Preview
• daveops.xyz: Administrar usuarios en EKS
• aws.github.io: AWS Controllers for Kubernetes
• stacksimplify.com: AWS ALB Ingress Service - Basics 🌟
• Kubernetes PVCs with EFS provisioner
• Using Helm with Amazon EKS without kubeconfigs
• Running spot instances effectively with Amazon EKS
• medium: Designing a Kubernetes Cluster with Amazon EKS From Scratch 🌟
• en.sokube.ch: AWS + Kubernetes = AWS Elastic Kubernetes Service (EKS) 🌟
• aws.amazon.com: Operating a multi-regional stateless application using Amazon EKS
• clickittech.com: Amazon ECS vs EKS : The Best Container Orchestration Platform 🌟
• POKE - Provision Opinionated Kubernetes on EKS Poke is infrastructure as software to provision EKS cluster in an opinianated way. Code is written in nodejs utilising pulumi framework. It is opinionated in such a way to improve security and simplicity.Consider this similar to terraform module. This package can be used to provision eks clusters declaratively with immutability and repeatability.
• clickittech.com: Kubernetes Multi tenancy with Amazon EKS: Best practices and considerations
• automateinfra.com: Getting Started with Amazon Elastic kubernetes Service (AWS EKS)
• medium: Run Kubernetes Production Environment on EC2 Spot Instances With Zero Downtime: A Complete Guide
• releaseops.io: Scaling Kubernetes Deployments in AWS with Container Insights Metrics
• medium: Create Kubernetes Cluster On AWS EKS Setup AWS credentials and install kubectl, eksctl on Ubuntu. Create Kubernetes cluster using eksctl.
• Amazon EKS Price Reduction
• cloudonaut.io: Scaling Container Clusters on AWS: ECS and EKS 🌟
• Amazon EKS Best Practices Guide for Security 🌟
• info.acloud.guru: Scaling the hottest app in tech on AWS and Kubernetes
• itnext.io: Using AWS NLB manually targeting an EKS Service exposing UDP traffic
• Amazon EKS Now Supports EC2 Inf1 Instances
• Create a pipeline with canary deployments for Amazon EKS with AWS App Mesh 🌟
• medium: Using Helm with Amazon EKS without kubeconfigs
• linkedin.com: Amazon EKS Distro (EKS-D): The Kubernetes Distribution Used by Amazon EKS 🌟
• aws.amazon.com: Introducing Federated Amazon EKS Clusters on AWS
• medium: How to Deploy an EKS stack in AWS?
• aws.amazon.com: Fluent Bit Integration in CloudWatch Container Insights for EKS
• Optimizing Your Kubernetes Clusters with Rancher and Amazon EKS 🌟
• clickittech.com: Amazon ECS vs EKS : The Best Container Orchestration Platform 🌟
• faun.pub: Upgrading and Scaling Kubernetes cluster in AWS
• youtube/StackSimplify: Kubernetes Deployments on AWS EKS | Amazon Elastic Kubernetes Service | Amazon EKS 🌟
• cloudify.co: Simplifying Hybrid Cloud Deployments With AWS EKS And Outpost
• eksworkshop.com 🌟
• cast.ai: AWS EKS vs. ECS vs. Fargate: Where to manage your Kubernetes?
• cast.ai: 8 best practices to reduce your AWS bill for Kubernetes
• aws whitepapers: Architecting Amazon EKS for PCI DSS Compliance (pdf) 🌟🌟
• github.com/aws/eks-charts 🌟 Amazon EKS Helm chart repository
• AWS Load Balancer Controller 🌟
  • Setup External DNS
• particule.io: Create Kubernetes federated clusters on AWS
• aws.github.io/aws-eks-best-practices 🌟 The primary goal of this project is to offer a set of best practices for day 2 operations for Amazon EKS.
  • aws.github.io/aws-eks-best-practices: Networking in EKS
• betterprogramming.pub: Amazon EKS Is Eating My IPs! Understand how AWS EKS manages IP addresses and what you can do about it
• engineering.salesforce.com: Optimizing EKS networking for scale
• blog.usejournal.com: Spice up Your Kubernetes Environment with AWS Lambda 🌟 In this blog you will learn a simple yet effective and secure way to integrate AWS Lambda with an existing Kubernetes environment without codes changes.
• azon EKS Pod Identity Webhook Amazon EKS Pod Identity Webhook
• Chaos engineering on Amazon EKS using AWS Fault Injection Simulator
• pages.awscloud.com: GitOps on AWS for High Performing Team Operations (eBook) Realize the full value of Kubernetes by leveraging GitOps to manage operational complexity
• thenewstack.io: Deploy Gremlin to Amazon EKS Using AWS CloudFormation
• aws.amazon.com: Easy as one-two-three policy management with Kyverno on Amazon EKS 🌟
• nextlinklabs.com: Handling Auth in EKS Clusters: Setting Up Kubernetes User Access Using AWS IAM
• neal-davis.medium.com: ECS vs EC2 vs Lambda 🌟
• faun.pub: Kubernetes Multi-tenancy with Amazon EKS: Best practices and considerations 🌟
• nginx.com: Deploying NGINX Ingress Controller on Amazon EKS: How We Tested
• hackerxone.com: 13 Steps Guide to Create Kubernetes Cluster on AWS
• hackerxone.com: Steps to Create Amazon EKS node group on Amazon web Service (AWS)
• dev.to: EKS IAM Deep Dive 🌟
• aws.plainenglish.io: 6 Tips to Improve Availability with AWS Load Balancers and Kubernetes
• aws.amazon.com: Using Prometheus Adapter to autoscale applications running on Amazon EKS
• youtube: CloudGeeks - Terraform Eks Kubernetes RDS Secrets Manager Eksctl Cloudformation ALB Controller (Redmine App) - quickbooks2018/eks-redmin
• aws.amazon.com: Kubernetes Ingress with AWS ALB Ingress Controller
• automateinfra.com: The Ultimate Guide on AWS EKS for Beginners (Easiest Way)
• aws/aws-node-termination-handler 🌟 Gracefully handle EC2 instance shutdown within Kubernetes
• howtoforge.com: How to Create a Kubernetes Cluster with AWS CLI
• blog.searce.com: Optimise cost for AWS EKS cluster using Spotinst 🌟
• thenewstack.io: How We Built Preview Environments on Kubernetes and AWS
• aws.amazon.com: Mount Amazon EFS file systems cross-account from Amazon EKS, and utilize AWS Organizations more effectively
• Onfido’s Journey to a Multi-Cluster Amazon EKS Architecture In this article, you will learn how moving to an active/active cluster architecture has allowed Onfido to shift traffic away from an Amazon EKS cluster when performing infrastructure maintenance.
• medium.com/@abhinav.ittekot: Granting IAM permissions to pods in EKS using OIDC
• medium.com/@ishana98dadhich: Integrating AWS Secret Manager with EKS and use Secrets inside the Pods: Part-1 This blog provides you enough details on how you can use secrets (managed by AWS Secrets Manager) inside AWS EKS pods.
• medium.com/@radha.sable25: Enabling IAM users/roles Access on Amazon EKS cluster
• aws.amazon.com: Continuous Delivery of Amazon EKS Clusters Using AWS CDK and CDK Pipelines
• medium.com/avmconsulting-blog: Installing Vault On EKS With TLS And Persistent Storage
• dzone.com: How to Use AWS IAM Role on AWS EKS PODs 🌟 A native-AWS way to attach an IAM role into the Kubernetes POD, without third-party software, reducing latency and improving your EKS security.
• aws.amazon.com: Troubleshooting Amazon EKS API servers with Prometheus
• AWS Controllers for Kubernetes (ACK) 🌟 AWS Controllers for Kubernetes (ACK) lets you define & use AWS service resources directly from Kubernetes. With ACK, you can take advantage of AWS managed services for your applications without needing to define resources outside of the cluster.
• itnext.io: Deploy Kubernetes (K8s) on Amazon AWS using mixed on-demand and spot instances 🌟
• github.com/awslabs: Kubernetes Migration Factory User Guide 🌟 Kubernetes Migrations Factory (KMF) is a tool developed for migrating docker containers to Amazon EKS. The Kubernetes Migration Factory solution is an orchestration platform for migrating containers to Amazon EKS at scale.
• github.com/aws-ia/terraform-aws-eks-blueprints (examples) 🌟🌟🌟
• akintola-lonlon.medium.com: AWS Kubernetes: The #1 Rule You Need To Master Before Going To Production. This is the most important thing to consider before going to production on EKS.
• amod-kadam.medium.com: Are there two Load Balancer Controllers with EKS? 🌟 In this article, you will learn how AWS provision different types of load balancers (Classic vs Network) to expose your applications depending on the annotations that you use.
• aws.amazon.com: Streaming Kubernetes Events in Slack This post describes how you can send events from your Kubernetes cluster to a Slack channel using BotKube, a messaging bot for monitoring and debugging Kubernetes clusters.
• joachim8675309.medium.com: ExternalDNS with EKS and Route53 After deploying a web app on Kubernetes, you might need to update the DNS records. ExternalDNS can automate this process and this tutorial demonstrates how to set up and configure this on Amazon EKS using Amazon Route 53 DNS zones.
• aws-quickstart/cdk-eks-blueprints: Amazon EKS Blueprints for CDK This repository contains the source code for the eks-blueprints NPM module that can be used to configure and manage complete EKS clusters that are fully bootstrapped with the operational software that is needed to deploy and operate workloads
• dev.to: One technique to save your AWS EKS IP addresses 10x To increase the number of available IP addresses in your EKS cluster you can:
  • Assign address prefixes to your ENI and
  • Enable the CNI custom networking feature
• aws.amazon.com: Autoscaling EKS on Fargate with custom metrics What follows is a step-by-step guide on configuring the Horizontal Pod Autoscaler with metrics provided by Prometheus to automatically scale pods running on Amazon EKS on AWS Fargate.
  • Autoscaling is an approach to automatically scale up or down workloads based on the resource usage. In Kubernetes, the Horizontal Pod Autoscaler (HPA) can scale pods based on observed CPU utilization and memory usage. Starting with Kubernetes 1.7, an aggregation layer was introduced that allows third-party applications to extend the Kubernetes API by registering themselves as API add-ons. Such an add-on can implement the Custom Metrics API and enable HPA access to arbitrary metrics. What follows is a step-by-step guide on configuring HPA with metrics provided by Prometheus to automatically scale pods running on Amazon EKS on AWS Fargate.
• opssorry.substack.com: GitOps: A Simple Approach to using AWS Secrets Manager with Kubernetes 🌟
• aws.github.io/aws-eks-best-practices: Amazon EKS Best Practices Guides 🌟🌟🌟 Welcome to the EKS Best Practices Guides. The primary goal of this project is to offer a set of best practices for day 2 operations for Amazon EKS. We elected to publish this guidance to GitHub so we could iterate quickly, provide timely and effective recommendations for variety of concerns, and easily incorporate suggestions from the broader community.
  • Amazon EKS Best Practices Guide for Networking Intro to Amazon VPC Container Network Interface (VPC CNI) in the context of Kubernetes cluster networking. VPC CNI is the default networking plugin supported by EKS. The VPC CNI is highly configurable to support different use cases.
• medium.com/@chandranathmondal: Self-service Amazon EKS Cluster provisioning with Kubernetes configuration applied 🌟
• AWS and Kubecost collaborate to deliver cost monitoring for EKS customers
• eng.grip.security: Enabling AWS IAM Group Access to an EKS Cluster Using RBAC There is no standardized method for providing IAM group access to an EKS cluster or namespace. In this article, you will learn how you can use an IAM role to authenticate the user group automatically and transparently when kubectl is being used.
• medium.com/@andriikrymus: DNS config for EKS Elastic Kubernetes Service provide coredns add-on for k8s. Unfortunately, this add-on lucks of configuration options (for example, nodeSelector). In this article, you will learn how to patch it, and configure it the way you want it.
• cast.ai: EKS Security Checklist: 10 Best Practices for a Secure Cluster
• github.com/kubernetes-sigs/aws-load-balancer-controller AWS Load Balancer Controller is a controller to help manage Elastic Load Balancers for a Kubernetes cluster. It satisfies:
  • Ingress resources by provisioning Application Load Balancers
  • Service resources by provisioning Network Load Balancers
• thenewstack.io: Amazon Web Services Gears Elastic Kubernetes Service for Batch Work AWS Batch is ideal for developers looking for a more simplified workflow when it comes to managing Kubernetes clusters and pods to use with their batch jobs.
• silvr.medium.com: Using Kyverno To Enforce AWS Load Balancer Annotations For Centralized Logging To S3 In this tutorial, you’ll learn how to use Kyverno to automatically configure annotations that enable access logs for an AWS Network Load Balancer (NLB) to be forwarded to an S3 bucket for a service of type LoadBalancer.
• blog.jimmyray.io: Kubernetes Workload Identity with AWS SDK for Go v2 Using AWS SDK for Go v2 and AWS IAM Roles for Service Accounts. In this article, you’ll learn how to use the AWS SDK for Go v2 and AWS IAM Roles for Service Accounts to grant permissions to access AWS services from wuthin Kubernetes
• github.com/rebataur/djkube Tool for Django Developers to setup full stack EKS Kubernetes with all necessary tools including DevSecOps in 40 minutes. If you are a Python Django developer then djkube provides you with best user experience in easily running your full-stack Django apps on Kubernetes in AWS with just a few clicks.
• aws.amazon.com: Troubleshooting Amazon EKS API servers with Prometheus and Grafana
• medium.com/geekculture: EKS — Kubernetes — Not Ready nodes Today I’m going to talk about an issue that I encounter a couple of days ago while working on EKS 1.21.
• faun.pub: How to access AWS services from EKS Solutions to access AWS APIs from Kubernetes
• aws.amazon.com: Persistent storage for Kubernetes
• aws.amazon.com: Machine Learning with Kubeflow on Amazon EKS with Amazon EFS
• faun.pub: AWS EKS: The Ultimate Guide To Deploy AWS Load Balancer Controller add-on In this article, you’ll learn how to set up an Ingress Controller on EKS in 5 steps:
  • Creating a cluster with EKSctl
  • Creating the IAM OIDC provider
  • Creating an IAM Policy
  • Creating the Role
  • Installing the ALB Ingress controller
• medium.com/@ankit.wal: Understanding IAM roles for service accounts, IRSA, on AWS EKS A simple visual explanation of how IRSA works to help you understand and remember. IRSA is the AWS EKS native way to allow applications running in EKS pods to access AWS API, using permissions configured in AWS IAM roles. It’s an improvement over the previous architecture of applications running in pods to use the IAM roles of the underlying EKS nodes. Being able to configure access to AWS API per service account tends towards the principle of least privilege, and more secure architecture.
• blog.realvarez.com: Reduce Amazon EKS cost by scaling node groups to zero 🌟 - blog.devops.dev: Reduce Amazon EKS cost by scaling node groups to zero
• dev.to: Autoprovisioning NFS volumes in EKS with CDK
• levelup.gitconnected.com: Running Workflows on windows with Jenkins pipeline and Kubernetes
• nivogt.medium.com: Boost your Kubernetes cluster’s Autoscaler on AWS EKS with Karpenter
• awslabs/eks-node-viewer eks-node-viewer is a tool for visualizing dynamic node usage within a cluster. It was originally developed as an internal tool at AWS for demonstrating consolidation with Karpenter.
• towardsaws.com: Autoscale Kubernetes Metrics Server on Amazon EKS
• aws-samples/hardeneks Runs checks to see if an EKS cluster follows EKS Best Practices.
• faun.pub: Analyze AWS EKS Audit logs with Falco
• docs.aws.amazon.com: Managing Amazon EKS add-ons
• docs.aws.amazon.com: Access container applications privately on Amazon EKS using AWS PrivateLink and a Network Load Balancer AWS Prescriptive Guidance includes patterns for EKS.
• aws.amazon.com: Addressing latency and data transfer costs on EKS using Istio In this blog, you will learn how to use Istio topology-aware routing to reduce latency and data transfer costs between EKS nodes deployed in different Availability Zones
• aws.amazon.com: Addressing IPv4 address exhaustion in Amazon EKS clusters using private NAT gateways This post highlights the advantages of implementing a network architecture with a private NAT Gateway to deploy an Amazon EKS cluster. This enables communication across Amazon EKS clusters deployed to VPCs with overlapping CIDRs.
• hardiks.medium.com: Where should you manage your Kubernetes in 2023? Amazon ECS or EKS
• awstip.com: Amazon Elastic Kubernetes Service (Amazon EKS) — The Only Resource Hub You Ever Need In this article, you will find a collection of links to learn and master Amazon EKS
• awstip.com: Working The Amazon EKS Immersion Workshop — Chapter 1 — Deploying A Microservices Application In A Kubernetes Cluster This 12-part series covers how to provision an EKS cluster, deploy apps, and route traffic into the cluster using Ingress and the AWS Load Balancer controller
• Understanding and Cost Optimizing Amazon EKS Control Plane Logs
• itnext.io: Top 10 Ways to Protect EKS Workloads from Ransomware Here are the top 10 things you should focus on to protect EKS workloads against ransomware and all intrusions
• blog.antoinechoula.ga: Native EKS Ingress with AWS Load Balancer Controller This tutorial will teach you how to install and configure the AWS Load Balancer Controller using Terraform and Helm. You will also learn how to manage multiple ingresses and secure the traffic with SSL/TLS
• devopslearning.medium.com: Lesson learned while scaling Kubernetes cluster to 1000 pods in AWS EKS In this article, you will follow Prashant’s journey in scaling EKS to 1000+ pods and learn how to overcome these challenges:
  • AWS resource limits
  • IP addresses exhaustion
  • Packets drop
  • Control plane performance issues

EKS Upgrades

• Updating a managed node group amazon eks managed node groups now supports parallel node upgrades
• aws.amazon.com: Planning Kubernetes Upgrades with Amazon EKS
• repost.aws: How do I plan an upgrade strategy for an Amazon EKS cluster?
• medium.com/scout24-engineering: How did we upgrade our EKS clusters from 1.15 to 1.22 without K8s knowledge?
• marcincuber.medium.com: Amazon EKS Upgrade Journey From 1.24 to 1.25

EKS and IaC with Crossplane

• aws.amazon.com: GitOps model for provisioning and bootstrapping Amazon EKS clusters using Crossplane and Argo CD
• nivogt.medium.com: [IaC] Continuous Delivery with Crossplane and ArgoCD : how to automate the creation of AWS EKS clusters

AWS EKS Vs ECS Vs Fargate

• cloudify.co: AWS EKS Vs. ECS Vs. Fargate: The Breakdown

EKS Anywhere (on premises)

• EKS Anywhere: github.com/aws/eks-anywhere Run Amazon EKS on your own infrastructure
• aws.amazon.com: Amazon EKS Anywhere – Now Generally Available to Create and Manage Kubernetes Clusters on Premises
• solo.io: Connect Your Services Seamlessly with Amazon EKS Anywhere and Istio
• anywhere.eks.amazonaws.com: Compare EKS Anywhere and EKS
• aws.amazon.com: Getting started with Amazon EKS Anywhere
• gokulchandrapr.medium.com: Amazon EKS Anywhere & EKS Connector
• ambar-thecloudgarage.medium.com: EKS Anywhere., decoding the architecture. In this article, you will take a deeper look into the EKS Anywhere architecture as well as compare it with EKS Distro. Then, you will discuss the different type of installations:
  • Standalone clusters
  • Distribute environments
• blog.techknowtrendz.com: Taking Amazon EKS Anywhere for a spin Bringing EKS to a datacenter near you
• rafay.co: Amazon EKS and EKS Anywhere – All You Need To Know Take a look into both AmazonEKS and EKSAnywhere and how they are different. By the end of this post, you will be able to pick the right offering for your organization.
• aws.amazon.com: Blue/Green Kubernetes upgrades for Amazon EKS Anywhere using Flux

EKS Distro (EKS-D)

• aws/eks-distro Amazon EKS Distro (EKS-D) is a Kubernetes distribution based on and used by Amazon Elastic Kubernetes Service (EKS) to create reliable and secure Kubernetes clusters.

Testing Kubernetes Canary deployment on EKS

• medium: Kubernetes + EKS + Canary Deployment

AKS Azure Kubernetes Service

• docs.microsoft.com: Baseline architecture for an Azure Kubernetes Service (AKS) cluster 🌟 In this reference architecture, you’ll build a baseline infrastructure that deploys an AKS cluster. The article includes recommendations for networking, security, identity, management, and monitoring.
• docs.microsoft.com: Microservices architecture on Azure Kubernetes Service (AKS) 🌟 This reference architecture shows a microservices application deployed to Azure Kubernetes Service (AKS). It describes a basic AKS configuration that can be the starting point for most deployments. The architecture consists of the following components:
  • Azure Kubernetes Service (AKS)
  • Kubernetes cluster
  • Virtual network
  • Ingress
  • Azure Load Balancer
  • External data stores
  • Azure Active Directory
  • Azure Container Registry
  • Azure Pipelines
  • Helm
  • Azure Monitor
• docs.microsoft.com: Use kubenet networking with your own IP address ranges in Azure Kubernetes Service (AKS) 🌟
• docs.microsoft.com: Configure Azure CNI networking in Azure Kubernetes Service (AKS)
• trstringer.com: Run Kubernetes Pods on Specific VM Types in AKS
• docs.microsoft.com: AKS-managed Azure Active Directory integration
• stacksimplify.com/azure-aks: Kubernetes On Cloud Roadmap
• build5nines.com: Terraform: Create an AKS Cluster 🌟
• github.com: AKS: Use AAD identity for pods and make your SecOps happy
• docs.microsoft.com: Microservices architecture on Azure Kubernetes Service (AKS) 🌟
• techcommunity.microsoft.com: Containerize and migrate applications to AKS with the Azure Migrate’s new App Containerization tool
• mehmetozkaya.medium.com: Deploying .Net Microservices to Azure Kubernetes Services(AKS) and Automating with Azure DevOps
• faun.pub: How to implement Azure Kubernetes Service (AKS) in Cloud?
• adamrushuk.github.io: Increasing the volumeClaimTemplates Disk Size in a Statefulset on AKS
• nillsf.com: Running Windows containers on the Azure Kubernetes Service (AKS)
• itnext.io: Running Your Microservices Securely on AKS
• docs.microsoft.com: Create an HTTPS ingress controller on Azure Kubernetes Service (AKS)
• blog.nillsf.com: Customize core dump in Azure Kubernetes
• medium: Secure your Microservices on AKS — Part 1 🌟
  • medium: Secure your Microservices on AKS — Part 2 🌟
• zartis.com: How To Save A Fortune On Azure Kubernetes Service
• itnext.io: AKS Performance: Limit Ranges Limit Ranges can be used to fine tune your resource consumption by limiting your min/max requests/limits in namespaces.
• devoteam.com: Azure Kubernetes Service (AKS) with Azure DevOps
• itnext.io: Kubernetes Ingress on Azure using the Application Gateway How to expose multiple services on a single host
• joachim8675309.medium.com: AKS with GRPC and ingress-nginx Using GRPC with ingress-nginx add-on with AKS
• thenewstack.io: Microsoft’s Practical Approach to Kubernetes Management
• medium: AKS with Calico Network Policies Using Calico Network Policy with Azure Kubernetes Server
• itnext.io: Network Isolated AKS — Part 1: Controlling network traffic
• thenewstack.io: Turbocharging AKS Networking with Calico eBPF
• carlos.mendible.com: AKS: Persistent Volume Claim with an Azure File Storage protected with a Private Endpoint
• joachim8675309.medium.com: AKS with Istio Service Mesh Securing traffic with Istio service mesh on AKS
• optisolbusiness.com: Implementing Microservices Architecture in AKS
• blog.kasten.io: AKS and Storage: How to Design Storage for Cloud Native Applications
• blog.kasten.io: AKS and Storage: Performance Differences Among K8s Storage Services
• medium: AKS — different load balancing options. When to use what?
• medium: Going multicloud with kubernetes and Azure Front Door Kubernetes/AKS/GKE/MultiCloud/Azure Front Door
• docs.microsoft.com: Best practices for cluster isolation in Azure Kubernetes Service (AKS)
• docs.cloudblue.com: Deploying an AKS Cluster with Custom IP Ranges (ARM template)
• k21academy.com: Azure Kubernetes Service & Azure Container Instances For Beginners 🌟
• azurecloudai.blog: Deploy Azure Kubernetes Service (AKS) to a preexisting VNET
• tigera.io: Turbocharging AKS networking with Calico eBPF
• akhilsharma.work: How to list Azure RBAC Roles to Secure AKS Clusters
• tigera.io: Calico WireGuard support with Azure CNI Last June, Tigera announced a first for Kubernetes: supporting open-source WireGuard for encrypting data in transit within your cluster. We never like to sit still, so we have been working hard on some exciting new features for this technology, the first of which is support for WireGuard on AKS using the Azure CNI.
• docs.microsoft.com: Use dual-stack (IPv4 and IPv6) kubenet networking in Azure Kubernetes Service (AKS) (Preview)
• logz.io: Collecting Metrics from Windows Kubernetes Nodes in AKS 🌟
• dev.to: Moving Azure Functions from AKS to Container Apps
• techcommunity.microsoft.com: Azure Kubernetes Service and Azure Container Registry Service on Azure Stack Hub
• dev.to: Getting started with Windows Containers on Azure Kubernetes Service Windows support has finally arrived in Kubernetes and AKS. Learn how to migrate your workloads and what pitfalls to avoid in this short and sweet introduction to Windows Containers.
• mehighlow.medium.com: Hardened-AKS/Secrets Commonly, an application requires access to data and, usually, such access must be restricted. So, you need to provide your pod/deployment/replicaSet/DaemonSet with secrets. Learn how you can do so in AKS
• returngis.net: Desescalar nodos de AKS apagando las máquinas en lugar de eliminarlas
• dev.to/javiermarasco: HTTPs with Ingress controller, cert-manager and DuckDNS (in AKS/Kubernetes)
• dev.to: Implement Azure AD Workload Identity on AKS with terraform Azure AD workload identity is designed to associate a pod with an identity in Azure Active Directory so that you can grant permissions to access another resource (i.e. a storage account or an Azure SQL Database)
• medium.com/kocsistem: Installation Internal Nginx Ingress for a Private AKS Cluster
• pixelrobots.co.uk: Bring your own Container Network Interface (CNI) plugin with Azure Kubernetes Service (AKS) (PREVIEW) AKS has only officially supported two CNI’s: Kubenet and Azure CNI. In this blog post, you will learn how to create an AKS cluster with no CNI and then deploy cilium.
• joachim8675309.medium.com: ExternalDNS with AKS & Azure DNS ExternalDNS with kubelet identity to access to Azure DNS. After deploying a public facing web application on Kubernetes, you need to update DNS records so that traffic can reach the server. ExternalDNS can automate this process during deployment stage of the web application, so there is no need for extra configuration outside of Kubernetes.
• medium.com/dzerolabs: Accessing Azure Key Vault Secrets in Azure Kubernetes with Secrets Store CSI Driver 🌟 A little bit of standardization goes a long way. Much better than documenting steps that can soon become outdated. Azure Key Vault Provider for Secrets Store CSI Driver maps a Kubernetes resource called SecretProviderClass to an Azure Key Vault and lets you select which secrets, keys, and/or certificates you’d like to expose.
• buchatech.com/2022: A Guide to Navigating the AKS Enterprise Documentation & Scripts 🌟🌟 This blog’s goal is to guide you through the AKS Enterprise Docs as you architect, deploy, and operate your AKS.
• docs.microsoft.com: Start and stop an Azure Kubernetes Service (AKS) node pool 🌟 Your AKS workloads may not need to run continuously, for example a development cluster that has node pools running specific workloads. To optimize your costs, you can completely turn off (stop) your node pools in your AKS cluster, allowing you to save on compute costs.
• dev.to/thenjdevopsguy: Monitoring AKS With Prometheus and Grafana 🌟
• techcommunity.microsoft.com: Azure Kubernetes Service Microsoft Ignite announcements
• isovalent.com: Announcing Azure CNI Powered by Cilium
• dev.to: Access Secrets in AKV using Managed identities for AKS 🌟 The purpose of this post is to show you how to access secrets from AKS cluster that are stored in Azure Key Vault.
• blog.baeke.info: AKS Workload Identity Revisited
• azure.microsoft.com: Private preview: Azure Kubernetes Service (AKS) Backup 🌟
• medium.com/@gjoshevski: Reduce the cost of running AKS cluster by leveraging Azure Spot VMs| 70% and more 🌟🌟
• community.ops.io: One day I woke up to a crashed AKS cluster and this is what I did to get it back to life One day, Javier found a crashed AKS cluster with three nodes stopped and all pods in the “Terminating” state. Learn how Javier debugged the cluster and brought it back to life.
• Using CDK to perform continuous deployments in multi-region Kubernetes environments This post demonstrated how to create a continuous deployment pipeline to deploy applications in multiple EKS clusters running in different regions. The accompanying CDK code creates EKS clusters and the CI/CD stack to continuously deploy applications
• blog.coffeeapplied.com: Securing AKS in peered virtual networks using only network security groups (NSGs) When you use peering in AKS, with the “default” AKS deployment, your complete cluster, including all pods, is completely open and addressable from your complete peered network. Learn how to fix in this article.
• medium.com/@vamsi.lakshman: Overview of Azure Kubernetes Services Networking Models
• techcommunity.microsoft.com: SQL Server containers on Kubernetes with S3-compatible object storage - Getting started Check out this post on the Microsoft Tech Community : SQL Server containers on Kubernetes with S3-compatible object storage - Getting started - Microsoft Community Hub
• learn.microsoft.com: Connect with RDP to Azure Kubernetes Service (AKS) cluster Windows Server nodes for maintenance or troubleshooting
• techcommunity.microsoft.com: Azure Kubernetes Service Free tier and Standard tier
• medium.com/credera-engineering: How to blue-green deploy an AKS cluster
• community.ops.io: Configuring AKS to read secrets and certificates from Azure KeyVaults This article will teach you how to configure an AKS cluster to consume secrets, keys and certificates from an Azure KeyVault
• medium.com/@danieljimgarcia: The Application Gateway Ingress Controller is broken 🌟 The Application Gateway Ingress Controller exposes applications hosted in Kubernetes to the outside world via Azure’s native Application Gateway. However, it has important design flaws, which can cause minutes of downtime when updating your workloads.

AKS Lite

• thenewstack.io: Microsoft Takes Kubernetes to the Edge with AKS Lite At it Ignite conference, Microsoft announced that a public preview of Azure Kubernetes Service (AKS) on Windows IoT and Windows devices, known as AKS lite, will be available next month.

Draft 2 on AKS

• Azure/Draft 🌟
• blog.baeke.info: Trying out Draft 2 on AKS

GKE Google Kubernetes Engine

• Google Kubernetes Engine
  • One of the most helpful GKE features is the ability to create clusters and node pools with custom kernel parameters. This means you no longer need to use one-off daemonsets, or random workarounds, to tune your machines after cluster creation.
• Fetches all Primitive and Predefined GCP IAM Roles
• Using new traffic control features in External HTTP(S) load balancer
• Setting up NodeLocal DNSCache
• Looking ahead as GKE, the original managed Kubernetes, turns 5
• blog.doit-intl.com: How to Set Up Multi-Cluster Load Balancing with GKE
• codeburst.io: Google Kubernetes Engine Logging by Example
• cloud.google.com: Discover and invoke services across clusters with GKE multi-cluster services
• Introducing GKE Autopilot: a revolution in managed Kubernetes 🌟
• techcrunch.com: Google Cloud puts its Kubernetes Engine on autopilot
• zdnet.com: Google introduces GKE Autopilot for hands-off Kubernetes The new GKE Autopilot, generally available now, steps up the level of automation involved in Kubernetes management, down to eliminating all node management.
• thenewstack.io: Google’s New ‘Autopilot’ for Kubernetes
• cloud.google.com: GKE Autopilot 🌟
• medium: How to provision Kubernetes Cluster in GCP Cloud (K8s)? 🌟
• youtube: GKE Autopilot - Fully Managed Kubernetes Service From Google 🌟
• insights.project-a.com: Using GitHub Actions to deploy to Kubernetes in GKE 🌟
• faun.pub: How to automate the setup of a Kubernetes cluster on GCP Using Ansible to install, setup, and configure a Google Kubernetes Cluster (GKE) on Google Cloud Platform (GCP).
• Kubernetes Cloud DNS GCP now makes it easy to query DNS for Kubernetes services across multiple clusters from anywhere inside the VPC! The less stuff users have to run in their clusters, the more they can use for their own apps. It was always problematic to make users admin their own DNS.
• seroter.com: Using the new Google Cloud Config Controller to provision and manage cloud services via the Kubernetes Resource Model I look at a new managed service that provisions cloud-native services as if they were k8s resources.
• cloud.google.com: Announcing Backup for GKE: the easiest way to protect GKE workloads 🌟
• Features of Google Kubernetes Engine that NO other K8s provider has or are rapidly copying:
  • Autopilot
  • Backup
  • Multi-cluster Ingress
  • OOTB SRE Dashboards with ASM
  • Config Management across clouds
• cloud.google.com: Announcing Spot Pods for GKE Autopilot—save on fault tolerant workloads
• acloudguru.com: GKE ludicrous speed! GKE Image Streaming speeds up container starts
• cloud.google.com: How to do multi-cluster Kubernetes in the real world—one GKE shop’s approach
• cloud.google.com: Know more, spend less: how GKE cost optimization insights help you optimize Kubernetes
• medium.com/@glen.yu: Getting started with eBPF and Cilium on GKE Through Cilium, users can add functionality such as encryption and L7 network policy enforcement previously only available in a service mesh — but without the operational complexity of having to manage one.
• medium.com/@glen.yu: NGINX Ingress or GKE Ingress? There are tons of ingress controllers out there in the Kubernetes ecosystem, so how do we know which one is right for you? In this article, you will learn the differences between the NGINX and GKE Ingress.
• medium.com/google-developer-experts: Getting started with GKE Gateway controller
• cloud.google.com: Introducing Kubernetes control plane metrics in GKE
• google/gke-policy-automation This repository contains the tool and the policy library for validating GKE clusters against configuration best practices
• medium.com/google-cloud: Monitoring Kubernetes Clusters on GKE (Google Container Engine) This is a hands-on guide to monitoring and logging at different layers in the Kubernetes Engine stack
  • GCP components (compute)
  • Kubernetes objects (cluster nodes)
  • Containerized applications
  • Application specific metrics
• blog.devgenius.io: Explore API Priority and Fairness to Ease the Load of the APIServer Walk through incident remediation using APF
• faun.pub: Make Your Kubernetes Cluster Highly Available and Fault Tolerant 🌟 End to End setup of Multi Region Autopilot Kubernetes Cluster with Application Deployment Example
• medium.com/@pbijjala: reCap: Kube vrs Cloud DNS in GKE When deciding on how to use DNS with GKE, what are the available native Kubernetes options, which options exist on Google Cloud for GKE, and how do these two things play together?

IKS IBM Cloud Kubernetes Service

• IKS
• medium: Multizone Kubernetes and VPC Load Balancer Setup with terraform

Linode Kubernetes Engine LKE

• Linode Kubernetes Engine (LKE)
• medium: Create Kubernetes Cluster Using Linode LKE
• dev.to: Practical Introduction to Kubernetes Autoscaling Tools with Linode Kubernetes Engine 🌟 In this article you will practice scaling apps with the:
  • Horizontal Pod Autoscaler
  • Vertical Pod Autoscaler
  • Proportional Autoscaler
  • Cluster Autoscaler

DOKS Digital Ocean Kubernetes

• docs.digitalocean.com: Kubernetes on DigitalOcean
• digitalocean.com: Automating GitOps and Continuous Delivery With DigitalOcean Kubernetes (Terraform, Helm and Flux)
• blog.ediri.io: DigitalOcean Kubernetes Challenge Deploy a GitOps CI/CD implementation
• digitalocean.com: Kubernetes for startups: Why, when, and how to adopt

Oracle Cloud Kubernetes

• arnoldgalovics.com: GitHub Actions CI/CD For Oracle Cloud Kubernetes Learn how to create a private container registry with Terraform and deploy a 4 node Kubernetes cluster for free on Oracle Cloud. Then, use GitHub Actions to build ARM Docker containers for your nodes.

Provisioning cloud resources (AWS, GCP, Azure) in Kubernetes

• learnk8s.io: Provisioning cloud resources (AWS, GCP, Azure) in Kubernetes

Kubesphere

• kubesphere.io The Kubernetes platform tailored for hybrid multicloud. KubeSphere is a distributed operating system managing cloud native applications with Kubernetes as its kernel, and provides plug-and-play architecture for the seamless integration of third-party applications to boost its ecosystem.
• kubekey The Next-gen Installer: Installing Kubernetes and KubeSphere v3.0.0 fastly, flexibly and easily
  • kubesphere.io: Install Kubernetes 1.22 and containerd the Easy Way with kubekey
  • thenewstack.io: Quickly Install a Kubernetes Cluster with KubeKey
• kubesphere.io: Scaling a Kubernetes Cluster: One of the Best Practices for Using KubeKey
• itnext.io: Adding Master Nodes to Achieve HA: One of the Best Practices for Using KubeKey
• youtube: Create a Jenkins Pipeline on Kubernetes with CI/CD Pipeline Template in KubeSphere Two built-in Jenkins pipeline templates are available in KubeSphere 3.1. DevOps team can generate CICD or customize the workflow as you need by simple drag-and-drop.
• itnext.io: KubeSphere: A New Pluggable Kubernetes Application Management Platform

Giant Swarm

• Giant Swarm Giant Swarm offers a fully managed, open source Kubernetes platform with all the flexibility and support you need.
• giantswarm.io: We decided to go all-in with Cluster API (CAPI). “Time and again, we have seen open source win. It won with Kubernetes, and it will win with CAPI. We will continue to add our secret sauce to make it easily accessible to enterprise customers.”

Tools for multi-cloud Kubernetes management

• Banzai Cloud 🌟
  • Kubernetes node pool upgrades with Banzai Pipeline
• Compare tools for multi-cloud Kubernetes management 🌟
  • NetApp Kubernetes Service – formerly StackPointCloud
  • Cloudify
  • Terraform
  • Rancher
  • Platform9 Managed Kubernetes
  • Red Hat OpenShift
  • Juke, from HTBase, now owned by Juniper Networks.

Videos

Click to expand!

Tweets

Click to expand!

Cloud providers after selling managed kubernetes pic.twitter.com/p9jd4Ov4Ej

— memenetes (@memenetes) November 11, 2021

Small companies managing their own Kubernetes. pic.twitter.com/nTHrqPiQnm

— joshobrien77 (@joshobrien77) November 12, 2021

AWS recently released a new version of the AWS-CNI that allows more Pods to be deployed in each EC2 instance.

More pod density means more efficiency, but how does it work?

And if it's that good, why release it only now?

Let's see 👇

🧵 pic.twitter.com/MHnDrYJUvf

— Daniele Polencic (@danielepolencic) November 22, 2021