Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vishwakarma: Terraform modules for deploying EK...

Kyle Bai
January 08, 2020
Technology
0
67

Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes(AWS))

How does AMIS build self-hosted Kubernetes on AWS, and use Fargate for EKS.

Kyle Bai

January 08, 2020
Tweet

More Decks by Kyle Bai

See All by Kyle Bai
讓 Jenkins 老爺爺掌舵帶領開發者航向美好新世界
kairen
1
160
AWS Startup 2020 - AMIS
kairen
0
40
學習 Kubernetes 不是為了成為 YAML Engineer
kairen
0
250
How to make your container:Kubernetes is a bit more secure
kairen
0
140
Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes
kairen
0
54
Chatbot as a Service on Container(Kubernetes)
kairen
0
820
IT IRONMAN 2020
kairen
0
54
Advanced Kubernetes For UMC
kairen
0
110
Practical Kubernetes For UMC
kairen
0
58

Other Decks in Technology

See All in Technology
AWS Lambda のトラブルシュートをしていて思うこと
kazzpapa3
2
180
AWS Media Services 最新サービスアップデート 2024
eijikominami
0
200
SRE×AIOpsを始めよう!GuardDutyによるお手軽脅威検出
amixedcolor
0
190
開発生産性を上げながらビジネスも30倍成長させてきたチームの姿
kamina_zzz
2
1.7k
Why App Signing Matters for Your Android Apps - Android Bangkok Conference 2024
akexorcist
0
130
Platform Engineering for Software Developers and Architects
syntasso
1
520
第1回 国土交通省 データコンペ参加者向け勉強会③ - Snowflake x estie編 -
estie
0
130
アジャイルでの品質の進化 Agile in Motion vol.1/20241118 Hiroyuki Sato
shift_evolve
0
170
100 名超が参加した日経グループ横断の競技型 AWS 学習イベント「Nikkei Group AWS GameDay」の紹介/mediajaws202411
nikkei_engineer_recruiting
1
170
Zennのパフォーマンスモニタリングでやっていること
ryosukeigarashi
0
160
AI前提のサービス運用ってなんだろう?
ryuichi1208
8
1.4k
VideoMamba: State Space Model for Efficient Video Understanding
chou500
0
190

Featured

See All Featured
Keith and Marios Guide to Fast Websites
keithpitt
409
22k
Agile that works and the tools we love
rasmusluckow
327
21k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
16
2.1k
Thoughts on Productivity
jonyablonski
67
4.3k
Code Reviewing Like a Champion
maltzj
520
39k
GraphQLの誤解/rethinking-graphql
sonatard
67
10k
The World Runs on Bad Software
bkeepers
PRO
65
11k
Building Your Own Lightsaber
phodgson
103
6.1k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
The Language of Interfaces
destraynor
154
24k
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.4k
Faster Mobile Websites
deanohume
305
30k

Transcript

  1. @k2r2bai TAI P E I 開 發 者交 流 之夜

  2. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. @k2r2bai Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes Kyle Bai Site Reliability Engineer AMIS Cloud Native Taiwan User Group

  3. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. @k2r2bai About Me ⽩凱仁(Kyle Bai) • SRE at AMIS. • OSS Contributor. • Certified Kubernetes Administrator/Developer. • Co-organizer of Cloud Native Taiwan User Group. • Interested in emerging technologies. GitHub: kairen([email protected]) Blog: https://k2r2bai.com

  4. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Motivations • Infrastructure as code • Vishwakarma • Live Demo Agenda Today I would like to talk about

  5. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Motivations

  6. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop Enterprise IT Public Cloud Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  7. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop Enterprise IT Public Cloud Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  8. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers Laptop Enterprise IT Public Cloud

  9. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop (Dev) Enterprise IT (Staging) Public Cloud (Production) Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  10. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production

  11. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production US EU AP …

  12. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production US EU AP …

  13. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev

  14. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev TW US Staging

  15. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev TW US Staging AP … US EU Production

  16. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Infrastructure as code

  17. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. “Infrastructure-as-code (IaC) is the concept of writing code to represent your infrastructure requirements and using an IaC tool to apply those changes to your cloud/on-prem environment.”

  18. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Create/change/destroy infrastructure resources such as compute, storage, networking components or platform services like database, Kubernetes cluster etc. • Deploy/update applications on top of the infrastructure. • Manage the configurations used by the applications. • Versioning infrastructure. The problems IaC tools can solve

  19. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  20. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  21. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  22. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Terraform is the only tool to focus solely on creating, destroying and managing infrastructure components. You use the Hashicorp Configuration Language (HCL) to describe the infrastructure resources you need. • Provider • Provisioner • Modules • Plan phase • Apply phase Terraform

  23. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. example

  24. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  25. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. CLI / SDK / Console Region A Region B Region C ... Terraform CLI Region A Region B Region C ...

  26. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  27. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. NGINX

  28. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Vishwakarma

  29. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Kubernetes solutions on AWS Kubespray RKE Kops Kube-aws Typhoon EKS CoreOS Tectonic LinuxKit Matchbox KubeNow Bootkube kubeadm-dind-cluster Minikube PKS Kubeadm KIND KRIB

  30. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Challenges to build Kubrnetes

  31. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Maintain all AWS resources(ex: EC2 instance, VPC). • Kubernetes node(worker) scalability. • Kubernetes components upgrade. • Logging and Monitoring. • Configuration management. Challenges to build Kubrnetes on AWS

  32. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Network environment customize. • Align company compliance. • Audit. • Security. • Topology. • ... • Cost. • Clusters have different topology. • Want more specific features. Why build Kubernetes by ourselves?

  33. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Vishwakarma can be used to create a Kubernetes cluster in AWS by leveraging HashiCorp Terraform and CoreOS. And there are two kind of Kubernetes master within vishwakarma, one leverages AWS EKS, the other one is ElastiKube (Self-Hosted). Vishwakarma hXps://github.com/getamis/vishwakarma

  34. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. ElastiKube is a highly configurable Terraform module with building blocks. The motivation to build ElastiKube is that we need: • Robust and HA Kubernetes master nodes. • Pluggable HA worker nodes with different instance types. • Configurable Kubernetes resources during bootstrapping. • Standalone and HA etcd. • Use CoreOS Container Linux on all host machines. • Use Ignition for provisioning Container Linux. What's ElastiKube?

  35. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  36. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Agility: The ability to easily and atomically update software is the only way to improve internet security. • Portability: Containers turn apps into integral units that can migrate easily between machines and between providers. • Security: Today’s VM-focused workflow ties the OS directly to the apps on the box. Moving dependencies out of the OS and into a container dramatically reduces complexity. • Make sure that all resources are IMMUTABLE! Why do we use CoreOS?

  37. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Ignition is the utility used by CoreOS Container Linux, Fedora CoreOS, and RHEL CoreOS to manipulate disks during the initramfs. This includes partitioning disks, formatting partitions, writing files (regular files, systemd units, etc.), and configuring users. Ignition

  38. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  39. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Live Demo

  40. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. What’s Going On?

  41. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Self-hosting Kubernetes

  42. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Fargate for EKS

  43. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  44. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  45. Thank you! @k2r2bai © 2020, Amazon Web Services, Inc. or

    its affiliates. All rights reserved. Kyle Bai [email protected]