Sagar Malla

@sagar-skywalker

Joined on Jan 5, 2022

  • This note is yours, feel free to play around. :video_game: Type on the left :arrow_left: and see the rendered result on the right. :arrow_right: :memo: Pre-Requisites [ ] One Management cluster with SSO capability [ ] One Managed cluster with SSO configured [ ] Kubectl Access to the both cluster via admin [ ] Admin access to Management cluster UI
     Like  Bookmark
  • Deploy Workspace Logging (Default Workspace) :memo: Pre-Requisites [ ] One Management cluster with SSO capability [ ] One Managed cluster with SSO configured [ ] Kubectl Access to the both cluster via admin [ ] Admin access to Management cluster UI :::info
     Like  Bookmark
  • When your Kubenrnetes clusters is in AWS and you deploy the default traefik using its helm chart it brings up a classic load balancer as its choice of load balancer. The classic load balancer is legacy load balancer provided by AWS. We can switch the default behavior of Traffic to expose a Network Load Balancer instead of the Classic Load Balancer by modifiying the helm-chart used for the installation. If you are using a different approach your steps might slighty vary. Prerequisites A running DKP 2.1+ cluster running in AWS. Helm 3 installed on your workstation. Admin access to the DKP cluster. Step 1: Create namespace for the Ingress controller. Ingress controllers are cluster level objects so when you create it in a specific namespace all the other namespaces should be able to leverage it. Keeping it in a seperate namespace would just improve your security posture. You can also use an existing suitable namespace
     Like  Bookmark
  • tags: traefik.2.x The default k8s controller for AWS only provisions CLB or NLB. For deploying an ALB for web applications and securing them with WAF capabilites. We will need to use the latest the AWS controller. The recommended approach would be to leave the platform ingress controller and create a secondary ingress controller for web-traffic. DKP creates roles for the k8s nodes to create aws resources. we are going to modify that role to ensure our nodes have privileges to create ALB resources. Once we have controller up we will deploy Traefik with NodePort and all the necessary configurations listed below :memo: What do we need before get started ? Step 0: Prerequisites
     Like 1 Bookmark