AWS-Logo_White-Color
Introduction
Kubernetes (k8s) Basics
What is Kubernetes
Kubernetes Nodes
K8s Objects Overview
K8s Objects Detail (1/2)
K8s Objects Detail (2/2)
Kubernetes Architecture
Architectural Overview
Control Plane
Data Plane
Kubernetes Cluster Setup
Amazon EKS
EKS Cluster Creation Workflow
What happens when you create your EKS cluster
EKS Architecture for Control plane and Worker node communication
High Level
Amazon EKS!
Start the workshop...
...on your own
Create an AWS account
...at an AWS event
AWS Workshop Portal
Create a Workspace
Install Kubernetes Tools
Create an IAM role for your Workspace
Attach the IAM role to your Workspace
Update IAM settings for your Workspace
Clone the Service Repos
Create an AWS KMS Custom Managed Key (CMK)
Launch using eksctl
Prerequisites
Launch EKS
Test the Cluster
Console Credentials
Beginner
Deploy the Kubernetes Dashboard
Deploy the Official Kubernetes Dashboard
Access the Dashboard
Cleanup
Deploy the Example Microservices
Deploy our Sample Applications
Deploy NodeJS Backend API
Deploy Crystal Backend API
Let's check Service Types
Ensure the ELB Service Role exists
Deploy Frontend Service
Find the Service Address
Scale the Backend Services
Scale the Frontend
Cleanup the applications
Helm
Introduction
Install Helm CLI
Deploy nginx With Helm
Update the Chart Repository
Search Chart Repositories
Add the Bitnami Repository
Install bitnami/nginx
Clean Up
Deploy Example Microservices Using Helm
Create a Chart
Customize Defaults
Deploy the eksdemo Chart
Test the Service
Rolling Back
Cleanup
Health Checks
Configure Liveness Probe
Configure Readiness Probe
Cleanup
Autoscaling our Applications and Clusters
Install Kube-ops-view
Configure Horizontal Pod AutoScaler (HPA)
Scale an Application with HPA
Configure Cluster Autoscaler (CA)
Scale a Cluster with CA
Cleanup Scaling
Intro to RBAC
What is RBAC?
Install Test Pods
Create a User
Map an IAM User to K8s
Test the new user
Create the Role and Binding
Verify the Role and Binding
Cleanup
Using IAM Groups to manage Kubernetes access
Kubernetes Authentication
Create IAM Roles
Create IAM Groups
Create IAM Users
Configure Kubernetes RBAC
Configure Kubernetes Role Access
Test EKS access
Cleanup
IAM Roles for Service Accounts
Preparation
Create an OIDC identity provider
Creating an IAM Role for Service Account
Specifying an IAM Role for Service Account
Deploy Sample Pod
Cleanup
Security groups for pods
Prerequisite
Security groups creation
RDS creation
CNI configuration
SecurityGroup Policy
Pods Deployments
Cleanup
Securing Your Cluster with Network Policies
Create Network Policies Using Calico
Install Calico
Stars Policy Demo
Create Resources
Default Pod-to-Pod Communication
Apply Network Policies
Allow Directional Traffic
Cleanup
Calico Enterprise Usecases
Registration - GET ACCCESS TO CALICO ENTERPRISE TRIAL
Policy Automation and External Access
Visibility and Troubleshooting
Implementing Existing Security Controls in Kubernetes
Exposing a Service
Connecting Applications with Services
Accessing the Service
Exposing the Service
Ingress
Ingress Controller
Clean Up
Assigning Pods to Nodes
nodeSelector
Affinity and anti-affinity
More Practical use-cases
Clean Up
Using Spot Instances with EKS
Add Spot managed node group
Spot Configuration and Lifecycle
Deploy an Application on Spot
Cleanup
Advanced VPC Networking with EKS
Using Secondary CIDRs with EKS
Prerequisites
Configure CNI
Create CRDs
Test Networking
Cleanup
Stateful containers using StatefulSets
Amazon EBS CSI Driver
Define Storageclass
Create ConfigMap
Create Services
Create StatefulSet
Test MySQL
Test Failure
Test Scaling
Cleanup
Deploy Bottlerocket nodes for additional security
Prerequisite
Launch Bottlerocket
Deploy sample application
Clean Up
Deploying Microservices to EKS Fargate
Prerequisite
Creating a Fargate Profile
Setting up the LB controller
Deploying Pods to Fargate
Ingress
Clean Up
Deploying Stateful Microservices with Amazon FSx Lustre
Creating an Fsx Lustre File System
Deploying the Stateful Services
Clean Up
Deploying Stateful Microservices with AWS EFS
Creating an EFS File System
EFS Provisioner for EKS with CSI Driver
Deploying the Stateful Services
Clean Up
Optimized Worker Node Management with Ocean by Spot.io
Create a Free Spot.io Account
Connect Ocean to your EKS Cluster
Deploying Applications With Ocean
Headroom - A Buffer For Faster Scale Out
Showback - Cost Allocation
Rightsizing Applications
Deploy Infrastructure Changes With Ease
Cluster Logs and Scaling Decisions
Cleanup
Encrypting Secrets with AWS Key Management Service (KMS) Keys
AWS KMS and Custom Key Store
Create a Secret
Access the Secret from a Pod
Cleanup The Lab
Securing Secrets using SealedSecrets
Creating and Deploying Secrets
Creating and Deploying Secrets (cont.)
Sealed Secrets for Kubernetes
Installing Sealed Secrets
Sealing Your Secrets
Managing the Sealing Key
Clean Up
Windows containers on EKS
Considerations
Windows nodes
Deploy an application
Create Network Policies Using Calico
Deploy Calico on the Cluster
Install Calico on the Windows node
Test Network Policies
Cleanup
Intermediate
Migrate to EKS
Create kind cluster
Deploy counter app to kind
Expose counter app from kind
Configure EKS cluster
Deploy counter app to EKS
Deploy database to EKS
Cleanup resources
Resource Management
Basic Pod CPU and Memory Management
Advanced Pod CPU and Memory Management
Resource Quotas
Pod Priority and Preemption
Clean Up
Deploying Jenkins
CodeCommit Repository, Access, and Code
Creating the Jenkins Service Account
Deploy Jenkins
Logging In
Setup multibranch projects
Cleanup
CI/CD with CodePipeline
Create IAM Role
Modify aws-auth ConfigMap
Fork Sample Repository
GitHub Access Token
CodePipeline Setup
Trigger New Release
Cleanup
Logging with Elasticsearch, Fluent Bit, and Kibana (EFK)
Configure IRSA for Fluent Bit
Provision an Elasticsearch Cluster
Configure Elasticsearch Access
Deploy Fluent Bit
Kibana
Cleanup
Monitoring using Prometheus and Grafana
Prereqs
Deploy Prometheus
Deploy Grafana
Dashboards
Cleanup
Monitoring using Pixie
Prereqs
Deploy Pixie
Using Pixie
Run a PxL script
Observe Service Errors
Inspect the HTTP Request
Inspect the MySQL Request
Cleanup
Tracing with X-Ray
Modify IAM Role
Deploy X-Ray DaemonSet
Deploy Example Microservices
X-Ray Console
Cleanup
Monitoring using Amazon Managed Service for Prometheus / Grafana
Create AMP workspace
Setup IAM
Ingest Metrics into AMP
Create AMG workspace
Login to AMG workspace
Query Metrics
Cleanup
EKS CloudWatch Container Insights
Getting Started
Install WordPress
Accessing Wordpress
Preparing to Install Container Insights
Installing Container Insights
Verify CloudWatch Container Insights is working
Preparing your Load Test
Running the Load Test
Viewing our collected metrics
Viewing our collected logs
Using CloudWatch Alarms
Wrapping Up
GitOps with Weave Flux
Prereqs
GitHub Setup
Install Weave Flux
Create Image with CodePipeline
Deploy from Manifests
Deploy from Helm
Cleanup
Continuous Deployment with ArgoCD
Install Argo CD
Configure ArgoCD
Deploy an application
Update the application
Cleanup
Continuous Delivery with Spinnaker
Spinnaker Overview
Install Spinnaker Operator
Artifact Configuration
Add EKS Account
Install Spinnaker
Testing Helm-Based Pipeline
Cleanup
Custom Resource Definition
Creating a CRD
Create Custom Objects
Clean Up
CIS EKS Benchmark assessment using kube-bench
Introduction to CIS Amazon EKS Benchmark and kube-bench
Module 1: Install kube-bench in node
Module 2: Run kube-bench as a K8s job
Module 3: Run kube-bench in debug mode
Conclusion
Using Open Policy Agent (OPA) for policy-based control in EKS
Introduction to Open Policy Agent Gatekeeper
OPA Gatekeeper setup in EKS
Build Policy using Constraint & Constraint Template
Clean up
Patching/Upgrading your EKS Cluster
The Upgrade Process
Upgrade EKS Control Plane
Upgrade EKS Core Add-ons
Upgrade Managed Node Group
Getting Started with AWS App Mesh
Deploy the DJ app
About DJ App
Clone the Repo
Create DJ App
Test DJ App
Conclusion
AWS App Mesh Integration
About Sidecars
Install the App Mesh Controller
Conclusion
Porting DJ to App Mesh
Mesh Resources and Design
Create the Meshed Application
Sidecar Injection
Testing the Application
Canary Testing with a v2
Testing DJ App v2
App Mesh Cleanup
Advanced
Observability with AWS Distro for Open Telemetry
Introduction
Configure Environment
Update IAM settings for your Workspace
Deploy Backend Microservices
Deploy Frontend
OTEL Collector
IAM Setup
Collector Manifest
Deploying the Collector
Tracing
Adding trace Configuration
Generating Traces
Viewing Traces in X-Ray & CloudWatch
Kubernetes Metrics
Receiver
Export to AMP
Setup Grafana
Vizualizing with Grafana
Service Mesh with Istio
Introduction
Download and Install Istio CLI
Install Istio
Deploy Sample Apps
Traffic Management
Monitor & Visualize
Cleanup
Service Mesh using AWS App Mesh
EKS Fargate and Observability setup
Add Fargate Profile
Observability Setup
Deploy Product Catalog app
About Product Catalog Application
Create Product Catalog Application
Test the Application
App Mesh Installation
Install AWS App Mesh Controller
Porting Product Catalog to App Mesh
Mesh Resources and Design
Create the Meshed Application
Sidecar Injection
Testing the Application
VirtualGateway Setup
Add VirtualGateway
Testing Virtual Gateway
Canary Release
Canary Deployment
Testing Canary
Observability
Container Insights
Cloudwatch Logs
Prometheus Metrics
XRay Trace
Cleanup
Canary Deployment using Flagger in AWS App Mesh
Install AWS App Mesh Controller
Flagger Set Up
About Canary Analysis
Deploy Canary Set Up
Deploy Frontend/VirtualGateway
Testing Canary Deployment
Conclusion
Cleanup
Batch Processing with Argo Workflow
Introduction
Kubernetes Jobs
Install Argo CLI
Deploy Argo
Configure Artifact Repository
Simple Batch Workflow
Advanced Batch Workflow
Argo Dashboard
Cleanup
Machine Learning using Kubeflow
Install
Kubeflow Dashboard
Jupyter Notebook
Model training
Model inference
Fairing
Kubeflow pipeline
Kubeflow Distributed Training
Cleanup
EMR on EKS
Prerequisites
Run sample workload
Monitoring and logging Part 1 - Setup
Monitoring and logging Part 2 - Cloudwatch & S3
Monitoring and logging Part 3 - Spark History server
Monitoring and logging Part 4 - Prometheus and Grafana
Configure Autoscaling
Using Spot Instances Part 1 - Setup
Using Spot Instances Part 2 - Run Sample Workload
Serverless EMR job Part 1 - Setup
Serverless EMR job Part 2 - Monitor & Troubleshoot
Using Node Selectors
Cleanup
Conclusion
What Have We Accomplished
Let us know what you think!
Cleanup
Undeploy the applications
Delete the EKSCTL Cluster
Cleanup the Workspace
More
Containers from the Couch
CON203
CON205
CON206
OPN401
Tags
AppMesh Workshop
ECS Workshop
EKS Networking Workshops
AWS Partner Workshops
EKS Anywhere
More Resources
Authors
GitHub Project
Have questions?
Privacy
|
Site Terms
| © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon EKS Workshop
>
Tags
> kubeflow
kubeflow