gopaddle User Guide
  • 👋Welcome to gopaddle
  • Overview
    • 💡Getting Started
    • Register a Cluster
      • Register Rancher Prime - RKE2
      • Register K3S
      • Register MicroK8s
      • Register Kind
      • Register minikube
      • Register Kubeadm Cluster
      • Register AWS EKS Cluster
        • EKS Cluster with public or public/private access point
        • EKS Cluster with private access endpoint and a bastion host
        • Validate Cluster Connectivity
      • Register Azure AKS Cluster
      • Register Google GKE Cluster
      • Register Huawei Cloud Container Engine
    • Register GitHub Account
    • Register Jira Account
    • Register ChatGPT Assistant
    • 💻Kubernetes IDE
      • Filters
      • Editor
      • Flat vs Tree View
      • Developer Tools
    • 🙋AI Assistant
      • Chat with AI
      • Raise a Jira Ticket from Chat Window
      • Create Runbook from Chat Window
    • 📖Runbook Hub
      • Create Runbook Hub
      • Attach Runbook Hub to Cluster
      • Enhancing contents of Runbooks with AI
      • Detach Runbook Hub from Cluster
      • Syncing Runbook Hub with GitHub
      • Delete Runbook / Runbook Hub
    • ⏱️Installing Community Edition
      • MicroK8s Addon
        • On Ubuntu
        • On MacOS
      • Docker Desktop
      • SUSE Rancher Prime
      • Digital Ocean
      • Akamai Linode
      • Kind Cluster
      • Helm
      • Docker Compose
      • Accessing gopaddle UI
    • 📈Improving performance of resource discovery
    • Provision new Cluster
      • Register Cloud Account
        • AWS
          • Quickstart AWS Setup
          • IAM Access Policies
          • AWS Setup Script
        • Azure
          • Create Azure Application
          • Register Azure Cloud Authenticator
          • Register Azure Account
        • Google
      • Provision Clusters on Cloud
        • AWS EKS
          • AWS EKS Reference Architecture
          • Adding an AWS IAM Role (EKS Master / Node Pool)
          • Public EKS Cluster
          • All Private EKS Cluster (beta)
          • Creating a Node Pool
        • Azure AKS
          • Creating a Node Pool
          • Enable Public IP Node Access for Azure Deployments
          • VMSS Autoscaling Rules
        • Google GKE
          • Creating a Node Pool
  • 🔎Troubleshooting
    • Cluster Resource View Issues
      • Network Error ! ServerError: Response not successful: Received status code 503
      • Network Error ! TypeError: Failed to fetch
      • Network Error ! ServerParseError: Unexpected token 'j', "json: erro"... is not valid JSON
      • Updating Labels and Annotations does not get reflected in resources list
      • Filtered resources are not fully listed
    • Runbook Issues
      • Deleting a runbook from .gp.yaml does not detach annotation in resources
      • Deleting a Code Account from gopaddle UI does not detach annotation in resources
    • Jira Issues
      • Creating, Updating or Appending a Jira issue fails with error INVALID_INPUT
    • EKS Issues
    • Deployment Issues
    • Node Issues
    • Huawei Issues
Powered by GitBook
On this page
  • VPC has public or private subnets
  • Configuring Subnets
  • Domain Certificate Manager
  • Self-Managed Nodepools
  • Detailed overview of configuring production ready EKS Cluster.
  1. Overview
  2. Provision new Cluster
  3. Provision Clusters on Cloud
  4. AWS EKS

AWS EKS Reference Architecture

Production Ready EKS Reference Architecture used while provisioning clusters through gopaddle

PreviousAWS EKSNextAdding an AWS IAM Role (EKS Master / Node Pool)

Last updated 1 year ago

VPC has public or private subnets

Configuring Subnets

VPC Access Type
Route Table Config
Auto-assign public IP
Endpoints
AWS Loadbalancer Controller

Public Only

Route table - outbound to 0.0.0.0/0

Yes

kubernetes.io/role/elb=1

Public/Private

Route table - outbound to NAT gateway, allow only outbound

No

kubernetes.io/role/elb=1 kubernetes.io/role/internal-elb=1

Private Only

NA

No

com.amazonaws.your_region.ec2 com.amazonaws.your_region.ecr.api com.amazonaws.your_region.ecr.dkr com.amazonaws.your_region.s3

cloudwatch -

com.amazonaws.your_region.logs

sts - com.amazonaws.your_region.sts

com.amazonaws.your_region.elasticloadbalancing

K8s cluster autoscaler -

com.amazonaws.your_region.autoscaling

K8s App mesh (Envoy) - com.amazonaws.your_region.appmesh- envoy-management

XRay - com.amazonaws.your_region.xray

kubernetes.io/role/internal-elb=1

Application Load Balancer and OIDC

OIDC Configuration and Sub-net configurations

Domain Certificate Manager

Provision, manage and deploy SSL/TLS Certificates with AWS Services & User Applications

Associate managed certificate ARN as an annotation in the Application Loadbalancer Ingress controller

service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-west-2:xxxxx:certificate/xxxxxxx

Self-Managed Nodepools

Bottlerocket - Linux Based AMIs - light weight and quick up time

CFT with custom instance profile

Define your own ASG

Detailed overview of configuring production ready EKS Cluster.

Page cover image
EKS Reference Architecture provisioned through gopaddle