we operate Kubernetes as follows to try and minimise it:
We run multiple production clusters and teams are able to choose which clusters to run their application in. We don’t use Federation yet (we’re waiting on AWS support) but we use Envoy instead to load-balance across the different cluster Ingress load-balancers. We can automate much of this with our Continuous Delivery pipeline (we use Drone) and other AWS services.
All clusters are configured with the same Namespaces. These map approximately 1:1 with teams.
We use RBAC to control access to Namespaces. All access is authenticated and authorised against our corporate identity in Active Directory.
Clusters are auto-scaled and we do as much as we can to optimise node start-up time.
Applications auto-scale using application-level metrics exported from Prometheus.
FoldFold allExpandExpand allAre you sure you want to delete this link?Are you sure you want to delete this tag?
The personal, minimalist, super fast, database-free, bookmarking service by the Shaarli community