Amazon EKS Deep Dive

Course

Intro Video

Photo of Mark Richman

Mark Richman

AWS Training Architect II in Content

Length

06:34:12

Difficulty

Intermediate

Videos

21

Hands-on Labs

4

Course Details

This course will explore Amazon Elastic Container Service for Kubernetes (Amazon EKS) from the very basics of its configuration to an in-depth review of its use cases and advanced features.

We will talk about how EKS is architected in order to provide a better understanding of how to manage container-based applications at scale.

Once we have a solid foundation of the basics, we will dive into the configuration, management, and deployment of a microservices-based application in EKS.

Access interactive diagram: https://interactive.linuxacademy.com/diagrams/TheEKSManifest.html

Join the Linux Academy community slack for chat here: https://linuxacademy-community-slack.herokuapp.com/ and join the #containers channel.

Syllabus

Course Introduction

Course Introduction

Course Overview

00:00:58

Lesson Description:

If you're wondering whether this course is for you and what you need to know before taking it, then look no further. This video describes the intended audience, pre-requisites, and gives a brief overview of the concepts covered throughout this course. This course will explore Amazon Elastic Container Service for Kubernetes (EKS) from the very basics of its configuration to an in-depth review of its use cases and advanced features. We will talk about how EKS is architected to provide a better understanding of how to manage container-based applications at scale. Once we have a solid foundation of the basics, we will dive into the advanced use cases to uncover the power of EKS. Join the Linux Academy community slack for chat here and join the #containers channel.

About the Training Architect

00:00:58

Lesson Description:

Get to know a little bit more about me, the author!

Working with the Interactive Diagram

00:02:22

Lesson Description:

The Interactive Diagram for this course is a tool to provide both an overview and a detailed breakdown of all the EKS components covered. You'll see it incorporated throughout the course and, in this lesson, you'll learn how you can also use it independently to fortify your understanding of EKS. LINK: EKS Manifest

Course Prerequisites

00:01:14

Lesson Description:

This hands-on EKS Deep Dive course is great for those new to EKS or those who want to expand what they already know. However, you should have some prerequisite knowledge before considering this course as we will be getting our hands dirty with kubectl, the AWS Management Console, Linux command line, Docker, and modifying configuration files with YAML and JSON. If you're a bit rusty or inexperienced in any of these areas, then it may behoove you to freshen up a bit before jumping into this course.

Exploring EKS

Exploring EKS

EKS Architecture

00:09:58

Lesson Description:

Now that we've got the introductory section of this course out of the way, we can start to dig into the basics of Amazon Elastic Container Service for Kubernetes, or EKS. We're going to be covering a few different concepts in this video topic, including: What is EKS?Managed Control PlaneKubernetes & VPC NetworkingAWS CNI Network PluginEKS-optimized AMISpot Instances This will provide you with a high-level explanation of the fundamentals of Amazon EKS.

Configuring an EKS Cluster

00:08:39

Lesson Description:

In this video, we'll be creating an Amazon EKS cluster using the AWS Management Console, and then configuring our command line utilities to connect to the cluster. Some of the topics we'll be covering in this video are: Creating the EKS service roleCreating the VPC infrastructure using CloudFormationCreating a cluster in the AWS Management ConsoleConfiguring kubectl for EKSConfiguring aws-iam-authenticator

Provisioning Worker Nodes

00:08:48

Lesson Description:

In this video, we'll be picking up where we left off in the previous one, where we deployed our VPC infrastructure and created our EKS cluster. Some of the topics we'll be covering in this video are: Launching EKS worker nodesDeploying the Kubernetes dashboard Installing the Kubernetes Dashboard kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yamlInstalling Heapster and InfluxDB kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/heapster.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/influxdb.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/rbac/heapster-rbac.yamlCreate an administrative account and cluster role binding kubectl apply -f eks-admin-service-account.yaml kubectl apply -f eks-admin-cluster-role-binding.yamlStart proxy kubectl proxy --address 0.0.0.0 --accept-hosts '.*' &Get a token aws-iam-authenticator -i <cluster_name> tokenLog in http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login Cloudformation Template https://amazon-eks.s3-us-west-2.amazonaws.com/cloudformation/2018-11-07/amazon-eks-nodegroup.yaml

IAM Authentication

00:05:03

Lesson Description:

In this lesson, we're going to talk about IAM authentication in EKS. Some of the topics we'll be covering are: How EKS authentication and authorization workGranting IAM users access to an EKS cluster

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Developing for EKS

Developing for EKS

Understanding the Application Architecture

00:04:23

Lesson Description:

This lecture uses a walkthrough of the architecture diagram to show details of the sample application architecture. We'll see how it's composed of a web frontend and two utility microservices, including integration points with AWS.

Building from Source

00:08:48

Lesson Description:

This lecture explains how to install and configure all the prerequisites necessary for building our sample application from source code.

Publishing to ECR

00:07:36

Lesson Description:

Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. This lecture shows how ECR is integrated with EKS, simplifying the development to production workflow.

Deploying to EKS

00:06:16

Lesson Description:

This lecture details how to deploy our sample microservices-based application to an EKS cluster. Make sure your EC2 worker nodes' IAM role has both DynamoDB and S3 access. For example, you can grant AmazonDynamoDBFullAccess and AmazonS3FullAccess policies to the Node Instance Role. Without access to these AWS resources, the containers will fail to respond healthy, and the load balancer won't register them in service.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

EKS in Production

EKS in Production

Autoscaling an EKS Cluster

00:09:24

Lesson Description:

In this lesson, we're going to discuss the two most common methods for autoscaling an EKS cluster: the Cluster Autoscaler (CA) and the Horizontal Pod Autoscaler (HPA).

Monitoring an EKS Cluster

00:10:42

Lesson Description:

In this video, we'll be looking at some options for monitoring your EKS cluster. Some of the topics we'll cover are: CloudWatch LimitationsGathering metrics with PrometheusVisualizing data with Grafana

Updating EKS in Production

00:17:11

Lesson Description:

In this video, we'll discuss updating your EKS cluster running in production. Some of the topics we'll cover are: Updating the cluster version to a newer Kubernetes releaseSwitching the DNS provider from kube-dns to CoreDNSUpdating the worker node group to a newer Kubernetes release

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Applying Best Practices

Applying Best Practices

Logging with CloudTrail

00:13:47

Lesson Description:

CloudTrail is very important in the security realm, because it records every API call executed on our resources. We can also create trails that allow us to store logs longer than 90 days, and use them to trigger automation events. It is a best security practice to make sure CloudTrial logging is always enabled. This video gives information about what CloudTrail does and how to configure it.

Continuous Deployment with EKS

00:16:03

Lesson Description:

In this video, we'll build a CI/CD pipeline using AWS CodePipeline. The CI/CD pipeline will deploy a sample Kubernetes service. Then we will commit a code change to the GitHub repository, and observe the automated delivery of this change to the cluster.

Application Tracing with X-Ray

00:12:42

Lesson Description:

In this video, we're going to learn about tracing our application with AWS X-Ray. We'll deploy the X-Ray agent, as a DaemonSet, and sample microservices that are instrumented with the X-Ray SDK. Then we'll make some sample requests, and examine the traces and service maps in the AWS Management Console.

Logging to CloudWatch Logs with Fluentd

00:06:51

Lesson Description:

In this lesson, we'll be learning how to send our containers' logs up to CloudWatch Logs, using Fluentd.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Conclusion

Conclusion

What's Next?

00:01:35

Lesson Description:

Now that you've completed your deep dive of EKS, here are a few suggestions on what you should do next.

Get Recognized

00:00:46

Lesson Description:

Now that you have completed the coruse - take the time to share your success and get recognized in our community and LinkedIn.