9 messages
rohitabout 2 years ago
Quick question; I am implementing EKS and some applications (aws-lb controller, some apps, cert-manager). In order to support mTLS, do I need to use a service mesh? I am still trying to understand the service mesh, but is it absolutely necessary to use one to have mTLS communication between pods?
Corkyabout 2 years ago
Hi y'all. In a meeting with @Erik Osterman (Cloud Posse), he mentioned that running Karpenter controllers on Fargate was problematic, but we did not have time to find out why. It's working for us so far, and seems to be a recommendation in the AWS EKS Best Practices documentation as well. Does anyone have any related experience they can share?
E-Loveabout 2 years ago
Thought this might be relevant here as well
Hila Fabout 2 years ago
Hi, anyone here have experience with deploying Apache Ranger in Production (on EC2 or EKS)?
All the references I find online seem more related to dev env.
All the references I find online seem more related to dev env.
Henrique Cavarsanabout 2 years ago
hello everyone! ๐
i just wanted to share kftray, an open-source project for kubernetes users. it's a cross-platform menu bar app that simplifies managing multiple kubectl port forwards. also, i was super happy to see kftray mentioned during the DevOps "Office Hours" (2024-01-10).
since that episode, i've made some significant bug fixes and added new features!
check it out, and any feedback or contributions are more than welcome! here are some links about the project:
- blog post: [here]
- github (repo): [here]
- landing page: [here]
i hope you find it useful! โฅ๏ธ
i just wanted to share kftray, an open-source project for kubernetes users. it's a cross-platform menu bar app that simplifies managing multiple kubectl port forwards. also, i was super happy to see kftray mentioned during the DevOps "Office Hours" (2024-01-10).
since that episode, i've made some significant bug fixes and added new features!
check it out, and any feedback or contributions are more than welcome! here are some links about the project:
- blog post: [here]
- github (repo): [here]
- landing page: [here]
i hope you find it useful! โฅ๏ธ
rohitalmost 2 years ago
has anyone implemented a service mesh (any recommendations) to support authn/authz for oauth2 tokens that supports custom scopes? was looking at istio but fairly new to this. did not want to implement something like aws cognito+api gateway to support this. wanted to see if it was feasible to do this all within kubernetes. thanks!
Ihor Urazovalmost 2 years ago
@Jeremy G (Cloud Posse) could you reopen https://github.com/kubernetes-sigs/aws-efs-csi-driver/issues/1100 please?
Jonathan Eunicealmost 2 years ago
Dropped in on the Bottlerocket community meeting today. Main topic was their deprecation of
metal nodes. In Q&A I asked about my pet desire, container motion a la vMotion or CRIU. Expected to get a โnot our gigโ brush-off, but they were surprisingly open. Theyโre actively considering some quasi-related hot kernel update/patching work, and they immediately understood my frustration with Karpenter scheduling and the stranding of long-running workloads. They requested I post an issue in their GitHub for more visibility, which I did. Still a long-shot, but appreciated their receptiveness.