Durante il webinar discuteremo brevemente le varie opzioni disponibili per utilizzare Kubernetes su Amazon Web Services con un forte focus su Amazon Elastic Container Service for Kubernetes. Amazon EKS è il servizio gestito indirizzato ai clienti che usano o vogliono usare Kubernetes ma che preferiscono demandare la gestione del famoso software open-source ad AWS.

1. AWS Online Tech Talks
La serie di webinar AWS in Italiano
Introduzione ad Amazon EKS
Speaker
Massimo Re Ferre
Principal Solutions Architect,
AWS
Obiettivi
 Capire le varie modalita’ di deployment di Kubernetes su AWS
 Apprendere le funzionalita’ del servizio Amazon EKS
 Approfondire le tematiche di integrazione di Amazon EKS con gli
altri servizi AWS apire come analizzare tracce audio, partendo dalla
trascrizione, batch o live del parlato in italiano

2. An Introduction to Amazon EKS
February 12th 2019
Massimo Re Ferrè
Principal Solutions Architect @ Amazon Web Services
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

3. What is Kubernetes?
“Kubernetes is an open source system for managing containerized
applications across multiple hosts; providing basic mechanisms for deployment,
maintenance, and scaling of applications.”
https://github.com/kubernetes/kubernetes

4. Kubernetes is a platform that can…
• Schedule container deployments (e.g. instantiate 100 containers on these 8 nodes)
• Enforce configurations (e.g. keep 100 containers up and running at all time)
• Manage lifecycle of applications (e.g. green/blue deployments)
• Manage persistency (e.g. create volumes and assign those to containers/pods)
• Streamline network configurations (e.g. all containers/pods can talk to each others)
• Manage service discovery (e.g. all containers/pods can reach each others by name)
• Provide advanced network configurations (e.g. load balance across these 100 containers)
• Provide advanced routing configurations (e.g. expose these 100 containers with this DNS
name)
• Ensure role based access (e.g. you can only access that particular namespace)
• And more…

5. How does a Kubernetes deployment look like?

6. AWS
Lambda
Amazon
EC2
Bare Metal
VMcontainerfunction
Amazon
Lightsail
Levelofabstraction
Provider space
(managed by AWS)
Consumer space
(managed by the customer)
Amazon
ECS
physicalserver

7. DIY Kubernetes

8. AWS
Lambda
Amazon
EC2
Bare Metal
Amazon
EKS
VMcontainerfunction
Amazon
Lightsail
Levelofabstraction
Provider space
(managed by AWS)
Consumer space
(managed by the customer)
Amazon
ECS
physicalserver

9. What’s EKS?
“Run Kubernetes for me.”

10. What customers asked us
“Give us an upstream experience.”
“Please don’t fork.”
“Make sure it’s compatible”

11. EKS (High level architecture)
Availability
Zone 1
Master Master
Availability
Zone 2
Availability
Zone 3
Master
Workers Workers Workers
Customer Account
AWS Managed

12. Availability
Zone 1
Etcd
Controller
Etcd
Controller
Availability
Zone 2
Availability
Zone 3
Etcd
Controller

13. EKS (High level consumption flow)
mycluster.eks.amazonaws.com
Availability
Zone 1
Availability
Zone 2
Availability
Zone 3
Kubectl

14. EKS (API Authentication)
Kubectl
3) Authorizes AWS Identity with RBAC
K8s API
1) Passes AWS Identity
2) Verifies AWS Identity
4) K8s action
allowed/denied
AWS Auth

15. EKS and AD Integration
https://aws.amazon.com/blogs/opensource/integrating-ldap-ad-users-kubernetes-rbac-aws-iam-authenticator-project/

16. EKS (network overlay)
Nginx Pod
Java Pod
ENI
Secondary IPs:
10.0.0.1
10.0.0.2
Veth IP: 10.0.0.1
Veth IP: 10.0.0.2
Nginx Pod
Java Pod
ENI
Veth IP: 10.0.0.20
Veth IP: 10.0.0.22
Secondary IPs:
10.0.0.20
10.0.0.22
VPC Subnet – 10.0.0.0/24
Instance 1 Instance 2

17. How do you expose services with EKS?
ELB support via Service of type LoadBalancer
NLB support via Service of type LoadBalancer
- via annotation
ALB Ingress (https://github.com/kubernetes-sigs/aws-alb-ingress-controller)

18. Amazon Elastic File System (EFS)
https://docs.aws.amazon.com/efs/latest/ug/how-it-works.html#how-it-works-conceptual

19. EFS Integration with K8S
https://github.com/kubernetes-incubator/external-storage/tree/master/aws/efs

20. Autoscaling
- Horizontal Pod Autoscaling (managed by kubernetes)
- Limited touch point with AWS
- Supports custom metrics
- Cluster Autoscaler (managed by kubernetes)
- Integrates with AWS Autoscaling (triggers changes in desired state)
- Avoid using AWS Autoscaling policies (not workloads aware)

21. EKS Control Plane
https://docs.aws.amazon.com/eks/latest/userguide/platform-versions.html

22. Roadmap
https://github.com/aws/containers-roadmap

23. Call to action / proposal: EKSWorkshop.com ?

24. 12 Marzo 2019 | MiCo - Centro Congressi

25. Thank You!
Mail: mreferre@amazon.com
Twitter: @mreferre