A blueprint for well-managed Amazon EKS Clusters

Customers developing cloud-native applications with microservices use Amazon Elastic Kubernetes Service (EKS) to manage their container clusters. In this OpsTalk™ blog, Bhrikuty Aggarwal, Sr. Cloud Solutions Engineer at MontyCloud explains how the DAY2™ EKS Blueprint (EKS Blueprint) helps customers run well-managed applications on EKS. EKS Blueprint helps customers automate routine tasks such as elastically adding nodes, configuring IAM roles, and capping the number of nodes per cluster. With the EKS Blueprint customers can now deploy faster, reduce errors, and efficiently manage their container clusters. You can use the DAY2™ EKS Blueprint through the MontyCloud DAY2™ Blueprint library.

Modern cloud applications prefer containers over Virtual Machines. As some of the larger banks have found out, for applications that process millions of transactions, containerized applications often provide the required elastic scale and development flexibility. On average, customers report that container-based micro-services architectures offer twice the resource utilization and 3x-4x faster delivery of applications.

AWS customers can use Amazon Elastic Kubernetes Service (EKS), a managed Kubernetes service, to orchestrate services such as scheduling and load balancing across hundreds of containers. With EKS, customers no longer have to run a Kubernetes control plane, but customers still have to:

• create worker nodes
• connect to clusters
• leave clusters
• configure AWS CloudWatch metrics
• monitor the clusters and the individual nodes
• manage IAM Roles and permissions
• define guardrails for adding nodes

Scripting of routine tasks scaled across hundreds of nodes can be error-prone. Customers want consistent container deployments across their networks. With Infrastructure as Code templates such as MontyCloud’s DAY2™ EKS Blueprint, customers can drive self-service deployments of container clusters and instantly visualize and manage them in their application’s context. Now, with EKS Blueprints, customers can run well-managed containerized applications on AWS.

What can I do with the DAY2™ EKS Blueprint?

DAY2™ EKS Blueprint is an Infrastructure as Code (IaC) template built on AWS CloudFormation. With the EKS Blueprint you can:

• automates the task of creating new worker nodes as your application changes
• assigns IAM roles and policies
• provides editable default configurations for worker nodes such as instance type
• enables you to cap the number of nodes per application
• assign VPCs to the cluster
• Key/Value pair name

Now you can launch a well-managed EKS cluster (control plane and worker nodes) with just a few clicks, instead of installing, operating, and maintaining your own Kubernetes control plane.

What is a well-managed EKS cluster?

A well-managed EKS cluster is an EKS cluster where customers can:

• deploy consistent nodes across their network with just a few clicks
• deploy clusters that are wired for availability and scale
• get instant visibility into their deployed nodes
• automatically monitor their deployed nodes
• set up alarms and remediations

How do I get started with the EKS Blueprint?

You can get started with the EKS Blueprint by signing into MontyCloud DAY2™ at https://app.montycloud.com and clicking on the EKS Blueprint in the blueprints library.

How does the EKS Blueprint work?

EKS Blueprint calls other AWS services such as AWS Identity and Access Management (IAM), and AWS CloudWatch to manage the clusters.

Here is how you would set up a cluster with the DAY2™ EKS Blueprint –

First, the DAY2™ EKS Blueprint creates an IAM role with required permissions with the IAM Service Control Policies (SCPs) for the Kubernetes control plane. This enables your EKS worker nodes, including the node with the kubelet daemon, to make API calls.

Second, before you launch worker nodes you have to register the nodes into a cluster. The worker nodes need an IAM role to use when they are launched. EKS Blueprint automates this task as well by creating a worker node role and associating the IAM role with the node group.

Third, the blueprint creates Node Groups, and makes it easy to provision compute capacity for the cluster with the latest EKS-optimized AMIs.

Fourth, the EKS blueprint has a task which automatically, installs kubectl, the command-line tool required to communicate with your Kubernetes cluster and to, run commands that deploy applications, inspect and manage cluster resources, and view logs. With this automation, customers don’t need to perform the kubectl installation manually.

Finally, you can decide tasks such as add a node type, that you want to enable your users to perform.

Why should I use the EKS Blueprint over an AWS CloudFormation template?

The EKS Blueprint extends AWS CloudFormation templates to deploy well-managed EKS applications. CFN templates are great for consistent deployments of container environments on AWS. EKS Blueprint extends the deployment templates to automatically manage the availability and scalability of the Kubernetes control plane nodes that are responsible for starting and stopping containers, schedule containers on virtual machines, and store cluster data. In addition, the EKS Blueprint automatically sets up AWS CloudWatch Container Insights to gather metrics, sets up alarms when thresholds are breached, and automatically sends messages to SNS endpoints. With DAY2™ EKS Blueprints, customers can now get instant visibility into their deployed container environments and manage the environment in the application’s context.

How does the EKS Blueprint make the EKS cluster a well-managed cluster?

The DAY2™ EKS Blueprint enables you to self-service consistent deployments and makes the deployed cluster instantly manageable in the business context. For EKS clusters deployed with the DAY2™ EKS Blueprint, you can:

• Collect, aggregate, and summarize metrics and logs from all your containerized applications and microservices. You can instantly monitor metrics like CPU utilization, node status, pod metrics etc. The EKS Blueprint configures CloudWatch Container Insights automatically as the cluster is deployed.
• Configure thresholds and CloudWatch alarms and send notifications when a threshold is breached.
• Gain cluster-wide visibility and generate actionable insights into resource utilization, application performance, and operational health through configurable dashboards.
• Configure messages and deliver them to subscribing endpoints or clients through AWS SNS.
• Modify the minimum, desired and maximum number of worker nodes for the cluster with a single operation.
• Users can use any of the AWS Elastic Load Balancer offerings (classic, network, application) to route traffic to a service running on the working nodes.

Conclusion

The DAY2™ EKS Blueprint helps customers deploy compliant, consistent, and manageable EKS clusters with no-code. With the EKS Blueprint, customers can deploy faster, reduce errors, and manage their EKS clusters efficiently.

Give it a try today!

You can get started with the EKS Blueprint and a host of DAY2™ Blueprints by signing up for a free trial at https://app.montycloud.com