Amazon EKS Concepts: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 10: | Line 10: | ||
==EKS Worker Node== | ==EKS Worker Node== | ||
===EKS Worker Node IAM Role=== | ===EKS Worker Node IAM Role=== | ||
== | ==Worker Node Group== | ||
===Node Group Name=== | ===Node Group Name=== | ||
===Managed Worker Node Group=== | |||
==Cluster Service Role== | ==Cluster Service Role== | ||
Revision as of 22:24, 14 June 2020
Internal
Overview
EKS Cluster
Control Plane
EKS Worker Node
EKS Worker Node IAM Role
Worker Node Group
Node Group Name
Managed Worker Node Group
Cluster Service Role
Cluster Autoscaler
Cluster Endpoint
AWS Infrastructure Requirements
TODO: Topology diagram
Cluster VPC
Subnets
Security Groups
A dedicated security group for each cluster control plane is recommended.
EKS Platform Versions and Kubernetes Versions
Amazon EKS platform version.
Integration with ECR
Logging
Control Plane Logging
SLA
aws-iam-authenticator
Page 17.
aws-iam-authenticator Operations
.kube/config Configuration
AWS documentation refers to the Kubernetes configuration file as "kubeconfig".
EKS Security
EKS IAM Permissions
These are technically "actions", but they are commonly referred to as "permissions", which implies that the action is part of a formal permission construct associated with the entity requiring it.
- eks:DescribeCluster