Components ¶
Overview ¶
Components List ¶
Most of these components and services are installed via Helm charts. Usually tweaking these components configuration is done via the input values for their corresponding chart. For detailed information on the different parameters please head to each component public documentation (Links in each section).
AWS Load Balancer Controller ¶
It automatically provisions AWS Application Load Balancers (ALB) or AWS Network Load Balancers (NLB) in response to the creation of Kubernetes Ingress or LoadBalancer resources respectively. Automates the routing of traffic to the cluster.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Documentation: AWS Load Balancer Controller | Kubernetes-sigs
NGINX Ingress Controller ¶
It is used to allow for the configuration of NGINX via a system of annotations in Kubernetes resources.
A configuration can be enforced globally, via the controller.config variable in the helm-chart, or individually for each application, via annotations in the Ingress resource of the application.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
ExternalDNS ¶
Automatically creates the required DNS records based on the definition of Ingress resources in the cluster.
The annotation kubernetes.io/ingress.class: <class> defines whether the records are created in the public hosted zone or the private hosted zone for the environment. It accepts one of two values: public-apps or private-apps.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Documentation: ExternalDNS | Kubernetes-sigs
cert-manager ¶
Automates the management of certificates. The ClusterIssuer resource is needed to generate signed certificates within the cluster.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Documentation: cert-manager | cert-manager
External Secrets Operator ¶
Automatically fetches secrets and parameters from Parameter Store, AWS Secrets Manager and other sources, and makes them available in the cluster as Kubernetes Secrets.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Documentation: External Secrets Operator | External Secrets
Cluster Autoscaler ¶
Automatically adjusts the size of the Kubernetes Cluster based on load.
It is configured to automatically detect the limits of the AutoScalingGroup the nodes are into.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Documentation: Cluster Autoscaler | Kubernetes
Jaeger ¶
Distributed tracing platform.
It is usually configured to funnel traces from all environments to a centralized ElasticSearch/OpenSearch instance in the Shared account.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Documentation: Jaeger | JaegerTracing
Fluent-Bit ¶
Collects, processes, and forwards logs and metrics. It is highly configurable and performant.
It is usually configured to funnel all pods' logs to a centralized ElasticSearch/OpenSearch instance in the Shared account.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Documentation: Fluent-bit | Fluent
kube-prometheus-stack ¶
Stack of Kubernetes manifests, monitoring, alerting and visualization applications, rules and dashboards implementing an end-to-end Kubernetes monitoring solution.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Prometheus ¶
Gathers and stores metrics as time series data. Using alerting rules then issues notifications via Alertmanager whenever a rule is triggered.
Grafana ¶
Allows for convenient visualization, filtering and querying of the metrics gathered by Prometheus.
Documentation:
Argo CD ¶
Enables GitOps continuous delivery on Kubernetes clusters.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks-demoapps
Two supporting Argo CD components are used:
Argo Rollouts ¶
Provides the capability of using more complex deployment and promotion schemes to eliminate downtime and allow for greater control of the process. Like Blue-Green or Canary deployment.
Argo CD Image Updater ¶
Tracks for new images in ECR and updates the applications definition so that Argo CD automatically proceeds with the deployment of such images.
Velero ¶
Creates and restores backups, handles disaster recovery and migrations for Kubernetes resources and persistent volumes.
Implementation in ref architecture: /apps-devstg/us-east-1/k8s-eks
Documentation: Velero | VMware Tanzu