AWS-Logo_White-Color
Introduction
Kubernetes (k8s) Basics
What is Kubernetes
Kubernetes Nodes
K8s Objects Overview
K8s Objects Detail (1/2)
K8s Objects Detail (2/2)
Kubernetes Architecture
Architectural Overview
Control Plane
Data Plane
Kubernetes Cluster Setup
Amazon EKS
EKS Cluster Creation Workflow
What happens when you create your EKS cluster
EKS Architecture for Control plane and Worker node communication
High Level
Amazon EKS!
Start the workshop...
...on your own
Create an AWS account
...at an AWS event
AWS Workshop Portal
Create a Workspace
Install Kubernetes Tools
Create an IAM role for your Workspace
Attach the IAM role to your Workspace
Update IAM settings for your Workspace
Clone the Service Repos
Create an SSH key
Launch using eksctl
Prerequisites
Launch EKS
Test the Cluster
Beginner
Deploy the Kubernetes Dashboard
Deploy the Official Kubernetes Dashboard
Access the Dashboard
Deploy the Example Microservices
Deploy our Sample Applications
Deploy NodeJS Backend API
Deploy Crystal Backend API
Let's check Service Types
Ensure the ELB Service Role exists
Deploy Frontend Service
Find the Service Address
Scale the Backend Services
Scale the Frontend
Cleanup the applications
Helm
Install Helm on EKS
Install Helm CLI
Deploy Nginx With Helm
Update the Chart Repository
Search the Chart Repository
Add the Bitnami Repository
Install bitnami/nginx
Clean Up
Deploy Example Microservices Using Helm
Create a Chart
Customize Defaults
Deploy the eksdemo Chart
Test the Service
Rolling Back
Cleanup
Health Checks
Configure Liveness Probe
Configure Readiness Probe
Cleanup
Autoscaling our Applications and Clusters
Configure Horizontal Pod AutoScaler (HPA)
Scale an Application with HPA
Configure Cluster Autoscaler (CA)
Scale a Cluster with CA
Cleanup Scaling
Intro to RBAC
What is RBAC?
Install Test Pods
Create a User
Map an IAM User to K8s
Test the new user
Create the Role and Binding
Verify the Role and Binding
Cleanup
IAM Roles for Service Accounts
Preparation
Create an OIDC identity provider
Creating an IAM Role for Service Account
Specifying an IAM Role for Service Account
Deploy Sample Pod
Cleanup
Securing Your Cluster with Network Policies
Create Network Policies Using Calico
Install Calico
Stars Policy Demo
Create Resources
Default Pod-to-Pod Communication
Apply Network Policies
Allow Directional Traffic
Cleanup
Integrating Network Policy with VPC Security Groups and CloudWatch
Register
Preparing the environment
Installing Tigera Secure Cloud Edition
Walk through TSCE's extensions to Calico
Integrating VPC Security Groups and Kubernetes Network Policy with TSCE
Integrating Detailed Kubernetes Networking Flow Logs in CloudWatch
Initializing Network Policy
Policy Enabling the Backends
Exposing a Service
Connecting Applications with Services
Accessing the Service
Exposing the Service
Ingress
Ingress Controller
Ingress Controller ALB
Clean Up
Assigning Pods to Nodes
nodeSelector
Affinity and anti-affinity
More Practical use-cases
Clean Up
Using Spot Instances with EKS
Add EC2 Workers - On-Demand and Spot
Deploy The Spot Interrupt Handler
Deploy an Application on Spot
Cleanup
Advanced VPC Networking with EKS
Using Secondary CIDRs with EKS
Prerequisites
Configure CNI
Create CRDs
Test Networking
Cleanup
Stateful containers using StatefulSets
Define Storageclass
Create ConfigMap
Create Services
Create StatefulSet
Test MySQL
Test Failure
Test Scaling
Cleanup
Intermediate
Deploying Jenkins
Deploy Jenkins
Logging In
Cleanup
CI/CD with CodePipeline
Create IAM Role
Modify aws-auth ConfigMap
Fork Sample Repository
GitHub Access Token
CodePipeline Setup
Trigger New Release
Cleanup
Logging with Elasticsearch, Fluentd, and Kibana (EFK)
Configure IAM Policy for Worker Nodes
Provision an Elasticsearch Cluster
Deploy Fluentd
Configure CloudWatch Logs and Kibana
Cleanup Logging
Monitoring using Prometheus and Grafana
Prereqs
Deploy Prometheus
Deploy Grafana
Dashboards
Cleanup
Tracing with X-Ray
Modify IAM Role
Deploy X-Ray DaemonSet
Deploy Example Microservices
X-Ray Console
Cleanup
EKS CloudWatch Container Insights
Getting Started
Install Wordpress
Accessing Wordpress
Preparing to Install Container Insights
Installing Container Insights
Verify CloudWatch Container Insights is working
Preparing your Load Test
Running the Load Test
Viewing our collected metrics
Using CloudWatch Alarms
Wrapping Up
GitOps with Weave Flux
Prereqs
GitHub Setup
Install Weave Flux
Create Image with CodePipeline
Deploy from Manifests
Deploy from Helm
Cleanup
Custom Resource Definition
Creating a CRD
Create Custom Objects
Clean Up
Advanced
Service Mesh with Istio
Introduction
Download and Install Istio CLI
Install Istio
Deploy Sample Apps
Intelligent Routing
Monitor & Visualize
Cleanup
Service Mesh with App Mesh
Create the k8s app
Prerequisites
Clone the Repo
Set Permissions
Test Permissions
About DJ App
Create DJ App
Test DJ App
Conclusion
Create the App Mesh Components
About Sidecars
Creating the Injector Controller
Define the Injector Targets
Adding the CRDs
Conclusion
Porting DJ to App Mesh
Create the Mesh
Create the Virtual Nodes
Create the Virtual Services
Bootstrap the Injector
Testing the App Mesh
Canary Testing with a v2
Testing DJ App v2
App Mesh Cleanup
Batch Processing with Argo Workflow
Introduction
Kubernetes Jobs
Install Argo CLI
Deploy Argo
Configure Artifact Repository
Simple Batch Workflow
Advanced Batch Workflow
Argo Dashboard
Cleanup
Machine Learning using Kubeflow
Install
Kubeflow Dashboard
Jupyter Notebook
Model training
Model inference
Fairing
Kubeflow pipeline
Kubeflow Distributed Training
Cleanup
Conclusion
What Have We Accomplished
Let us know what you think!
Cleanup
Undeploy the applications
Delete the EKSCTL Cluster
Cleanup the Workspace
More
CON203
CON205
CON206
OPN401
Tags
AppMesh Workshop
ECS Workshop
More Resources
Authors
GitHub Project
Have questions?
© 2020 Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CON203
taxonomy :: CON203
Introduction
Start the workshop...
Launch using eksctl
Deploy the Kubernetes Dashboard
Deploy the Example Microservices
Helm
Exposing a Service
Assigning Pods to Nodes