We have a project where we need to migrate EKS ( Elastic Kubernetes Services ) clusters to AKS ( Azure Kubernetes Services ). What are the steps that we need to follow to successfully migrate those clusters.
With some research found that we can only migrate though backing up kubernetes cluster on AWS storage bucket and then moving it to a blob storage on Azure and then configuring AKS settings.
Is this the right approach?
Yes, you can use the tools like Velero to Backup & restore the Kubernetes cluster.
i have written the Article you can refer the same : https://faun.pub/clone-migrate-data-between-kubernetes-clusters-with-velero-e298196ec3d8
You can leverage the plugin with Velero tools as per requirement EKS & AKS both supported.
Related
I have some pods running in an AKS cluster which are trying to access AWS s3 buckets (using azure blobs are not an option because of the current architecture). I have read about IAM roles for Kubernetes Service Accounts but it mentions about EKS clsuters. Is there any way out here, can we create a service account in AKS with the IAM role to access a s3 bucket in AWS (probably in a different location)
Sounds Workload identity with identity federation could be a fit for your scenario.
The idea would be to enable the OIDC feature flag on your AKS and then create a federated identity trust between an AKS Kubernetes service account and AWS.
Maybe this and this articles will guide you.
I am trying to deploy my application programmatically from one EKS cluster to all other EKS clusters. To do that I am getting kubeconfig details using clusterDescribe EKS api.
Steps in my code
Get name and region of EKS cluster
Describe EKS cluster using aws eks sdk
Using describe data, I am building kubeclient.
Using kubeclient, I can deploy application in EKS cluster.
The above steps work from my local machine for any EKS cluster in my account. but If I run my program from one EKS cluster(cluster1) to deploy my application into another(cluster2)
then I get a timeout error in my 4th step.
Can you help me what I am missing?
I am not sure what are you planning but their are tools available which you can deploy on EKS and can do deployment on any kubernetes cluster, cloud accound etc.
You should check Spinnaker open source tool for this.
My team help companies to use spinnaker in their environments.
I setup a EKS cluster and integrated AWS Secrets Manager in it following the steps mentioned in https://github.com/aws/secrets-store-csi-driver-provider-aws and it worked as expected.
Now we have a requirement to integrate the AWS Secrets Manager on an on-premises k8s cluster and I am unable to follow the same steps as they seem to be explicitly for AWS EKS based clusters.
I googled around a bit and found you can call the Secrets Manager programmatically using one of the ways in https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html, but this approach wont work for us.
Is there a k8s way to directly connect to AWS secrets Manager without setting up AWS-CLI and the OIDC cluster ID on the on-premises cluster?
Any help would be highly appreciated.
You can setup external OIDC providers with AWS and also setup K8s to with OIDC, but that is a lot of work.
AWS recently announced IAM Roles Anywhere which will let you use host based certificates to authenticate, but you will still have to call the Secrets Manager APIs.
If you are willing to retrieve secrets through etcd (which may store the secrets base64 encoded on the cluster) you can look at using the opensource External Secrets solution.
I've been reading the Google Cloud documentation about hybrid GKE cluster with Connect or completely on prem with GKE on-prem and VMWare.
However, I see that GKE with Connect you can manage the on-prem Kubernetes cluster from Google Cloud dashboard.
But, what I am trying to find, is, to mantain a hybrid cluster with GKE mixing on-prem and cloud nodes. Graphical example:
For the above solution, the master node is managed by GCloud, but the ideal solution is to manage multiple node masters (High availability) on cloud and nodes on prem. Graphical example:
Is it possible to apply some or both of the proposed solutions on Google Cloud with GKE?
If you want to maintain hybrid clusters, mixing on prem and cloud nodes, you need to use Anthos.
Anthos is a modern application management platform that provides a consistent development and operations experience for cloud and on-premises environments.
The primary computing environment for Anthos uses Anthos clusters, which extend GKE for use on Google Cloud, on-premises, or multicloud to manage Kubernetes installations in the environments where you intend to deploy your applications. These offerings bundle upstream Kubernetes releases and provide management capabilities for creating, scaling, and upgrading conformant Kubernetes clusters. With Kubernetes installed and running, you have access to a common orchestration layer that manages application deployment, configuration, upgrade, and scaling.
If you want to know more about Anthos in GCP please follow this link.
I need to create an Azure Kubernetes Service with 3 master nodes. So far I used to work with single master cluster, now I am in need of creating a multi-master cluster for production environments.
Can I get a way to create an AKS with multiple control planes. Thanks in Advance.
As Soundarya mentioned in the comment, the solution could be fould here:
As your ask is on AKS (Managed service from Azure) with HA enabled Clusters you already have more than one master running. As AKS is a managed offering service you will will not have the visibility/control on this.
Can I get a way to create an AKS with multiple control planes?
For this you can check the AKS Uptime SLA, Uptime SLA guarantees 99.95% availability of the Kubernetes API server endpoint for clusters.
Please check this document for more details.
If you are using AKS Engine (unmanaged service), then you can specify the number of masters. Please refer to this document for more details.