containers-roadmap VS eksctl

Thanks for showing up and answering questions. Congratulations on the release.

What kind of plans for support of Rust's evolving async ecosystem?

Any particular reason why the public roadmap does not show the columns similar to "Researching", "We're Working On It" like the other similar public AWS Roadmaps? See example for Containers: https://github.com/aws/containers-roadmap/projects/1

Would be nice to have fully working examples on Github, for most common scenarios across most AWS services. This is something that historically

Second, We will only rely on one managed node group, but we will leverage Karpenter; however, karpenter needs to be deployed on a node. (This may change soon once the Karpenter is available on the EKS Control Plane.) [EKS] Karpenter inside control plane · Issue #1792 · aws/containers-roadmap

As written in the AWS documentation, during periods of extremely high demand, Fargate Spot capacity might be unavailable. In concrete terms, if your ECS service is set up to execute tasks in 100% Spot, there is a risk of running out of capacity. A workaround has been created in the hope that one day this issue will be implemented by the AWS team. This workaround allows you to set up two ECS services :

Deploying Fargate with CDK has to have been the most pleasant developer experience I have ever had with any product so far.

If image caching becomes a reality with Fargate I can't imagine a need to ever use anything else

https://github.com/aws/containers-roadmap/issues/696

Eks Fargate doesn't support spot yet https://github.com/aws/containers-roadmap/issues/622

Until podman could be used with AWS ECR/ECS it's pretty much moot in my case: https://github.com/aws/containers-roadmap/issues/626

There are a variety of ways in which you can create an Amazon EKS cluster. I prefer using eksctl CLI because of the convenience it offers. Creating an an EKS cluster using eksctl, can be as easy as this:

There are many ways to create a cluster such as using eksctl. In my case, I will use terraform module cause it’s easy to reuse and comprehend.

eksctl [eksctl] is the tool that can provision EKS cluster as well as supporting VPC network infrastructure.

For this and many other reasons I recommend doing everything in Terraform EXCEPT EKS and its node groups. For that, I use https://eksctl.io/ because it much better manages the lifecycle of EKS and your node groups. I have an blog article better explaining why I recommend it, and another blog article explaining how to do zero-downtime upgrades with EKSCTL.

eksctl

Second, make sure you create a spot instance group that attempts to launch MULTIPLE different instance types. This way if one instance type gets flushed, your autoscaler will kick in and launch a different type. Without this, you WILL HAVE DOWNTIME if a sudden price hike and flush occurs. If you're using eksctl I have example configurations that use multi-instance types on Github here.

There are a variety of ways in which you can create an Amazon EKS cluster. I prefer using eksctl CLI because of the convenience it offers. Creating an an EKS cluster using eksctl, can be as easy as this:

I've written an article on this, with my recommended tool for managing eks EKSCTL.

--- AWSTemplateFormatVersion: '2010-09-09' Parameters: VpcId: Type: AWS::EC2::VPC::Id Description: ID of the VPC in which to create the Kubernetes cluster SubnetIds: Type: List Description: List of Subnet IDs in which to create the Kubernetes cluster KeyPairName: Type: AWS::EC2::KeyPair::KeyName Description: Name of the EC2 Key Pair to use for SSH access to worker nodes ClusterName: Type: String Description: Name of the Kubernetes cluster to create Resources: ControlPlaneSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref VpcId GroupDescription: Allow inbound traffic to the Kubernetes control plane SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: 0.0.0.0/0 WorkerNodeSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref VpcId GroupDescription: Allow inbound traffic to Kubernetes worker nodes SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: 0.0.0.0/0 ControlPlaneInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Roles: - !Ref ControlPlaneRole ControlPlaneRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy ControlPlaneInstance: Type: AWS::EC2::Instance Properties: ImageId: ami-0b69ea66ff7391e80 InstanceType: t2.micro KeyName: !Ref KeyPairName NetworkInterfaces: - DeviceIndex: 0 AssociatePublicIpAddress: true GroupSet: - !Ref ControlPlaneSecurityGroup SubnetId: !Select [0, !Ref SubnetIds] IamInstanceProfile: !Ref ControlPlaneInstanceProfile UserData: Fn::Base64: !Sub | #!/bin/bash echo 'net.bridge.bridge-nf-call-iptables=1' | tee -a /etc/sysctl.conf sysctl -p yum update -y amazon-linux-extras install docker -y service docker start usermod -a -G docker ec2-user curl -o /usr/local/bin/kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/kubectl chmod +x /usr/local/bin/kubectl echo 'export PATH=$PATH:/usr/local/bin' >> /etc/bashrc curl --silent --location "https://github.com/weaveworks/eksctl/releases