Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vishwakarma: Terraform modules for deploying EK...

Kyle Bai
January 08, 2020
Technology
0
67

Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes(AWS))

How does AMIS build self-hosted Kubernetes on AWS, and use Fargate for EKS.

Kyle Bai

January 08, 2020
Tweet

More Decks by Kyle Bai

See All by Kyle Bai
讓 Jenkins 老爺爺掌舵帶領開發者航向美好新世界
kairen
1
160
AWS Startup 2020 - AMIS
kairen
0
40
學習 Kubernetes 不是為了成為 YAML Engineer
kairen
0
250
How to make your container:Kubernetes is a bit more secure
kairen
0
130
Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes
kairen
0
53
Chatbot as a Service on Container(Kubernetes)
kairen
0
810
IT IRONMAN 2020
kairen
0
54
Advanced Kubernetes For UMC
kairen
0
110
Practical Kubernetes For UMC
kairen
0
58

Other Decks in Technology

See All in Technology
分布で見る効果検証入門 / ai-distributional-effect
cyberagentdevelopers
PRO
4
700
生成AIの強みと弱みを理解して、生成AIがもたらすパワーをプロダクトの価値へ繋げるために実践したこと / advance-ai-generating
cyberagentdevelopers
PRO
1
180
「最高のチューニング」をしないために / hack@delta 24.10
fujiwara3
21
3.4k
最速最小からはじめるデータプロダクト / Data Product MVP
amaotone
5
740
新R25、乃木坂46 Mobileなどのファンビジネスを支えるマルチテナンシーなプラットフォームの全体像 / cam-multi-cloud
cyberagentdevelopers
PRO
1
130
プロダクト成長に対応するプラットフォーム戦略:Authleteによる共通認証基盤の移行事例 / Building an authentication platform using Authlete and AWS
kakehashi
1
150
サイバーエージェントにおける生成AIのリスキリング施策の取り組み / cyber-ai-reskilling
cyberagentdevelopers
PRO
2
200
マネジメント視点でのre:Invent参加 ~もしCEOがre:Inventに行ったら~
kojiasai
0
470
Gradle: The Build System That Loves To Hate You
aurimas
2
150
Jr. Championsになって、強く連携しながらAWSをもっと使いたい!~AWSに対する期待と行動~
amixedcolor
0
190
コンテンツを支える 若手ゲームクリエイターの アートディレクションの事例紹介 / cagamefi-game
cyberagentdevelopers
PRO
1
130
Vueで Webコンポーネントを作って Reactで使う / 20241030-cloudsign-vuefes_after_night
bengo4com
4
2.5k

Featured

See All Featured
Designing for Performance
lara
604
68k
Learning to Love Humans: Emotional Interface Design
aarron
272
40k
Embracing the Ebb and Flow
colly
84
4.4k
How to train your dragon (web standard)
notwaldorf
88
5.7k
Docker and Python
trallard
40
3.1k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
231
17k
GitHub's CSS Performance
jonrohan
1030
460k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.2k
Art, The Web, and Tiny UX
lynnandtonic
296
20k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
32
1.8k
StorybookのUI Testing Handbookを読んだ
zakiyama
26
5.2k

Transcript

  1. @k2r2bai TAI P E I 開 發 者交 流 之夜

  2. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. @k2r2bai Vishwakarma: Terraform modules for deploying EKS and Self-hosting Kubernetes Kyle Bai Site Reliability Engineer AMIS Cloud Native Taiwan User Group

  3. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. @k2r2bai About Me ⽩凱仁(Kyle Bai) • SRE at AMIS. • OSS Contributor. • Certified Kubernetes Administrator/Developer. • Co-organizer of Cloud Native Taiwan User Group. • Interested in emerging technologies. GitHub: kairen([email protected]) Blog: https://k2r2bai.com

  4. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Motivations • Infrastructure as code • Vishwakarma • Live Demo Agenda Today I would like to talk about

  5. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Motivations

  6. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop Enterprise IT Public Cloud Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  7. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop Enterprise IT Public Cloud Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  8. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers Laptop Enterprise IT Public Cloud

  9. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Data Centers Networking Servers Application Storage Virtualization OS Hardware Accelerator Drivers Database Runtime Application OS Data Centers Networking Servers Application Storage Virtualization OS Laptop (Dev) Enterprise IT (Staging) Public Cloud (Production) Customer Managed Provider Managed Database Runtime Database Runtime Drivers Drivers

  10. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production

  11. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production US EU AP …

  12. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Dev Staging Production US EU AP …

  13. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev

  14. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev TW US Staging

  15. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. TW Local Dev TW US Staging AP … US EU Production

  16. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Infrastructure as code

  17. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. “Infrastructure-as-code (IaC) is the concept of writing code to represent your infrastructure requirements and using an IaC tool to apply those changes to your cloud/on-prem environment.”

  18. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Create/change/destroy infrastructure resources such as compute, storage, networking components or platform services like database, Kubernetes cluster etc. • Deploy/update applications on top of the infrastructure. • Manage the configurations used by the applications. • Versioning infrastructure. The problems IaC tools can solve

  19. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  20. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  21. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  22. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Terraform is the only tool to focus solely on creating, destroying and managing infrastructure components. You use the Hashicorp Configuration Language (HCL) to describe the infrastructure resources you need. • Provider • Provisioner • Modules • Plan phase • Apply phase Terraform

  23. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. example

  24. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  25. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. CLI / SDK / Console Region A Region B Region C ... Terraform CLI Region A Region B Region C ...

  26. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  27. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. NGINX

  28. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Vishwakarma

  29. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Kubernetes solutions on AWS Kubespray RKE Kops Kube-aws Typhoon EKS CoreOS Tectonic LinuxKit Matchbox KubeNow Bootkube kubeadm-dind-cluster Minikube PKS Kubeadm KIND KRIB

  30. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Challenges to build Kubrnetes

  31. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Maintain all AWS resources(ex: EC2 instance, VPC). • Kubernetes node(worker) scalability. • Kubernetes components upgrade. • Logging and Monitoring. • Configuration management. Challenges to build Kubrnetes on AWS

  32. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Network environment customize. • Align company compliance. • Audit. • Security. • Topology. • ... • Cost. • Clusters have different topology. • Want more specific features. Why build Kubernetes by ourselves?

  33. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Vishwakarma can be used to create a Kubernetes cluster in AWS by leveraging HashiCorp Terraform and CoreOS. And there are two kind of Kubernetes master within vishwakarma, one leverages AWS EKS, the other one is ElastiKube (Self-Hosted). Vishwakarma hXps://github.com/getamis/vishwakarma

  34. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. ElastiKube is a highly configurable Terraform module with building blocks. The motivation to build ElastiKube is that we need: • Robust and HA Kubernetes master nodes. • Pluggable HA worker nodes with different instance types. • Configurable Kubernetes resources during bootstrapping. • Standalone and HA etcd. • Use CoreOS Container Linux on all host machines. • Use Ignition for provisioning Container Linux. What's ElastiKube?

  35. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  36. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. • Agility: The ability to easily and atomically update software is the only way to improve internet security. • Portability: Containers turn apps into integral units that can migrate easily between machines and between providers. • Security: Today’s VM-focused workflow ties the OS directly to the apps on the box. Moving dependencies out of the OS and into a container dramatically reduces complexity. • Make sure that all resources are IMMUTABLE! Why do we use CoreOS?

  37. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Ignition is the utility used by CoreOS Container Linux, Fedora CoreOS, and RHEL CoreOS to manipulate disks during the initramfs. This includes partitioning disks, formatting partitions, writing files (regular files, systemd units, etc.), and configuring users. Ignition

  38. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  39. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. Live Demo

  40. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved. What’s Going On?

  41. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Self-hosting Kubernetes

  42. © 2020, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Fargate for EKS

  43. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  44. @k2r2bai © 2020, Amazon Web Services, Inc. or its affiliates.

    All rights reserved.

  45. Thank you! @k2r2bai © 2020, Amazon Web Services, Inc. or

    its affiliates. All rights reserved. Kyle Bai [email protected]