South Jordan, UT, USA
Apr 1, 2020 | By Keilan Jackson
In the last post, we compared kiam and kube2iam head-to-head. While kube2iam was declared the winner of that comparison, I feel that the case for kiam too compelling, and the setup too complicated, to not share my experience setting it up in production.
Mar 25, 2020 | By Keilan Jackson
IAM is the de-facto method of authorization in AWS. Most Kubernetes “Quick Start” guides for AWS do not adequately cover how to manage IAM access in your pods. This blog series will first go over the security issues specific to AWS IAM on Kubernetes, then compare solutions, and then end with a detailed walkthrough for setting up your cluster with one of those solutions.
Mar 17, 2020 | By Keilan Jackson
Identity and access management (IAM) in AWS is a way to grant access to AWS services and collect and transmit data and credentials. Most Kubernetes “Quick Start” guides for AWS do not adequately cover how to manage IAM access in your pods. This blog series will first go over the security issues specific to AWS IAM on Kubernetes, then compare solutions, and then we will end with a detailed walkthrough for setting up your cluster with one of those solutions.
Mar 3, 2020 | By Keilan Jackson
There are three popular methods for running Kubernetes on AWS: manually set up everything on EC2 instances, use Kops to manage your cluster, or use Amazon EKS to manage your cluster. Managing a Kubernetes cluster on AWS without any tooling is a complicated process that is not recommended for most administrators, so we will focus on using EKS or Kops. In this blog post, we compare cluster setup, management, and security features for both Kops and EKS to determine which solution you should use.
Feb 26, 2020 | By Keilan Jackson
Deployment controllers are a type of Pod controller in Kubernetes. They provide fine-grained control over how its pods are configured, how updates are performed, how many pods should run, and when pods should be terminated. There are many resources available for how to configure basic deployments, but it can be difficult to understand how each option impacts how rolling updates are performed.
Sep 19, 2019 | By Blue Matador
Every innovative team has two competing interests: rapid feature development and production stability. Blue Matador enables the best of both worlds, where time-strapped developers and DevOps teams only get notified of actionable events that threaten production. See how it works with this demo from our Founder and CEO Matthew Barlocker.
Jun 6, 2019 | By Blue Matador
Monitoring freeable memory will help you know when it is time to scale your Amazon RDS cluster. Freeable memory is not reported by the database, but rather by the OS. Freeable memory is the combination of unused and temporarily used memory. It is the memory that the system can grant without adverse effects. When an Amazon RDS instance runs out of freeable memory the OS may do up to three things.
Jun 3, 2019 | By Blue Matador
RDS is Amazon's managed relational database service. While RDS manages your databases maintenance, uptime and upgrade it is your responsibility to determine the cluster's scale and capacity. So the big question is when do you need to scale up? To answer this question you should understand and monitor seven metrics for each server in your cluster. They are: Database connections, Freeable memory, CPU credit balance, Free local storage, Replica lag, Commit latency, Select latency
Apr 24, 2019 | By Blue Matador
A common problem with Amazon CloudFront and Amazon S3 hosting deals with negative TTLs. Matthew from Blue Matador outlines the steps needed to correct this problem. Understand eventual consistency in S3. New items may take time to propagate through redundant systems and be available in all locations., Understand CloudFront's default policy for handling errors, like 403 forbidden, is to cache that error for 5 minutes., The solution is to modify distribution settings in CloudFront.