Mike McDonald, Partner Solutions Architect at AWS, was kind enough to join Kasten at KubeCon Detroit for a talk around the concepts behind infrastructure as code and the benefits for Amazon EKS users.
At a high level, Infrastructure as code (IaC) refers to the practice of defining and managing infrastructure in a software development context, using code and version control systems rather than manual configuration. This approach allows for the automation of infrastructure provisioning, configuration, and management, enabling teams to build, deploy, and manage infrastructure in a more reliable, efficient, and secure manner.
IaC is particularly relevant to Amazon EKS Kubernetes clusters because it allows teams to easily and efficiently manage the underlying infrastructure that powers their containerized applications. With IaC, teams can define and manage the infrastructure that hosts their Kubernetes clusters and the associated resources, such as compute instances, storage, and networking, using code and automation tools. This enables teams to provision and manage their infrastructure in a more repeatable and scalable manner, improving the reliability and efficiency of their operations. Additionally, IaC can help teams to more easily collaborate and version control their infrastructure, enhancing the security and compliance of their systems.
However, it is important to note that there are challenges and considerations when implementing IaC in Amazon EKS Kubernetes clusters, including a steep learning curve, the need for proper documentation and training , the potential for configuration “drift,” and the importance of proper testing and validation.
EKS Blueprints to the Rescue
During his session, Mike detailed the benefits of the EKS Blueprints project for those who want to solve a lot of the IaC challenges for Kubernetes.
EKS Blueprints is an open source development framework that enables developers to programmatically build and maintain EKS environments.
“EKS Blueprints provide the ability to configure and deploy EKS clusters and its Compute capacity replicate them across environments, integrate into existing VPC,” Mike said. “It allows you to Automate cluster operations using automatic pipeline that is triggered upon every commit to your infrastructure repository.”
Mike added that for add-ons, EKS Blueprints provides full lifecycle management for installation, upgrade, and retirement, making the onboarding those day-2 components fast and consistent for as many clusters as you want to deploy. “It also performs validation for add-ons dependency, so it makes sure you have the right supporting add-ons for your target configuration,” he said. “It also provisions all the relevant AWS resources — primarily IAM Roles for Service Account — for add-on functionality.”
According to Mike, EKS Blueprints for team management enables clear separation between platform teams and the different application teams, as well as supporting permissions for team members and roles to keep things secure in a least- access rights method. What’s more, for Application Delivery, it provides GitOps tooling and configuration to deploy workloads using GitOps methodology and manages them across multiple clusters in multiple environments.”
“All of these elements combined help us achieve that separation of concerns between our platform teams and Software developers,” he said “We help the Platform teams deploy complete, batteries-included clusters that are ready to run workloads, along with all of the software required for developers to access to the environments they need, onboard the applications to the platform and operate day-2 tooling, without having to worry about the platform side of things.”
Mike added that EKS Blueprints also provides an auditable document outlining all of the configurations for the cluster, including add-ons, and the teams and applications that run on it. “We can store this information in version control and replicate it quickly and accurately across environments,” he said. “By leveraging GitOps, we can also handle updates or changes to any of those elements automatically when pushing new infrastructure code to a repository, reducing the amount of manual work in that process, as well.”
Demo – Using EKS Blueprints with the Kasten K10 Addon:
To watch EKS Blueprints in action, watch the following demo:
In summary IaC with EKS Blueprints can:
- Improve reliability and scalability: By using code and automation to define and manage infrastructure, teams can more easily and efficiently provision and manage their infrastructure in a repeatable and scalable manner. This can help to improve the reliability and scalability of their systems.
- Enhance collaboration and version control: IaC allows teams to use version control systems to track and manage changes to their infrastructure, enabling better collaboration and making it easier to roll back changes, if necessary.
- Increase speed and efficiency of deployment and management: With IaC, teams can automate the deployment and management of their infrastructure, reducing the time and effort required to perform these tasks manually.
- Enhance security and compliance: By using code and automation to define and manage infrastructure, teams can more easily enforce security and compliance policies and practices, improving the overall security and compliance of their systems.
It is important to properly plan and implement IaC in order to fully realize these benefits and minimize the potential challenges and risks. This includes choosing the appropriate tools and processes, providing appropriate documentation and training for team members, and properly testing and validating the implementation to ensure that it meets the desired goals and requirements. Kasten K10 is one such tool, enabling reliable Kubernetes backup, recovery and mobility.
Learn more about Kasten K10, or start a free trial today!
