Day-27 - Production-grade Kubernetes cluster

Today I explored how to set up a production-grade Kubernetes cluster on AWS EC2 (Ubuntu 22.04) using kubeadm, containerd, and Calico CNI for networking.

Key Learnings:
1) Understood the core components of Kubernetes — Control Plane, Worker Nodes, Kubelet, and Container Runtime.
2) Configured containerd with SystemdCgroup for better system resource management.
3) Installed and initialized the control plane, then joined worker nodes seamlessly.
4) Deployed Calico for pod networking and verified inter-pod communication.
5) Learned the critical network port configuration required for secure and smooth cluster communication.

Comments

Popular posts from this blog

"Cloud zone insights not available yet, please check after some time" message on Aria Automation https://knowledge.broadcom.com/external/article?articleNumber=314894 Products VMware Aria Suite Issue/Introduction Symptoms: The certificate for Aria operations has been replaced since it was initially added to Aria Automation as an integration. When accessing the Insights pane under Cloud Assembly -> Infrastructure -> Cloud Zone -> Insights the following message is displayed: "Cloud zone insights not available yet, please check after some time." The /var/log/services-logs/prelude/hcmp-service-app/file-logs/hcmp-service-app.log file contains ssl errors similar to: 2022-08-25T20:06:43.989Z ERROR hcmp-service [host='hcmp-service-app-xxxxxxx-xxxx' thread='Thread-56' user='' org='<org_id>' trace='<trace_id>' parent='<parent_id>' span='<span_id>'] c.v.a.h.a.common.AlertEnu...

Scheduled workflows fail post upgrade of VMware Aria Automation/VMware Aria Orchestrator to version 8.18 Issue/Introduction Workflows scheduled in the VMware Aria Orchestrator fail after upgrading to VMware Aria Automation/VMware Aria Orchestrator version 8.18. The same workflows run successfully when executed manually (without scheduling). Environment It affects both Standalone VMware Aria Orchestrator and embedded VMware Aria Orchestrator. Cause The issue is due to regressions in the VMware vCenter (VC) plugin on VMware Aria Automation/VMware Aria Orchestrator 8.18. Resolution This is a known issue with the VMware Aria Automation/VMware Aria Orchestrator 8.18 and the workaround is to update the VC plugin on VMware Aria Orchestrator with the latest version (attached with the KB). Alternatively, wait for the official fix in VMware Aria Automation/VMware Aria Orchestrator 8.18.1. Workaround : Note: Take (non-memory) sna...

Top 10 high-level EC2 scenario-based questions to challenge your AWS & DevOps skills

Here are 10 high-level EC2 scenario-based questions to challenge your AWS & DevOps skills 1. Your EC2 instance is running but you can’t connect via SSH. What troubleshooting steps will you take? Check Security Group inbound rules (port 22 open to your IP). Verify Network ACLs (NACLs not blocking inbound/outbound). Confirm instance’s Public IP / Elastic IP. Validate Key Pair and correct permissions on .pem. Ensure SSM Agent is installed (Session Manager can help). Check system logs on the console for OS-level issues. 2. You terminated an EC2 instance by mistake. How can you prevent this in the future? Enable Termination Protection in EC2 settings. Use IAM permissions to restrict TerminateInstances. Tag critical instances and set resource policies. 3. Your EC2 instance needs to access an S3 bucket securely. What’s the best way to configure this? Best practice: Attach an IAM Role with least privilege policy to the EC2 instance. Avoid hardcoding...

Tech-Gen

Search This Blog