October 19, 2023

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
MOD302ET3S3

Kubernetes Deployment and

Management: From Platform to
API
Tsahi Duek
Principal Specialist Solutions Architect, Containers
AWS

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda for today

Application Delivery Streams

Infrastructure Controllers

Compositions in Kubernetes

Solution Overview

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
App Delivery Streams

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Sample application

UI

Orders Checkout Carts Catalog Assets

MySQL ElastiCache Amazon MySQL

instance for Redis DynamoDB instance

Amazon MQ
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Kubernetes as a Platform
Time To
Deploy

Develop Merge Apply Controller

creates
Load Balancer ~ minutes
runtime runtime Application
configuration Repository
(Kubernetes
Manifests) EBS

Developer

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Backing Service – Infrastructure-as-Code
Time To
Deploy

Develop Merge Apply Controller

creates
Load Balancer ~ minutes
runtime runtime Application
configuration Repository
(Kubernetes
Manifests) EBS

Develop Pull-Request Merge Apply Creates

~ hours
Infrastructure Platform Amazon
Developer AWS CDK
Monorepo Team DynamoDB

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Backing Service – Ticketing System
Time To
Deploy

Develop Merge Apply Controller

creates
Load Balancer ~ minutes
runtime runtime Application
configuration Repository
(Kubernetes
Manifests) EBS

Develop Pull-Request Merge Apply Creates

~ hours
Infrastructure Platform Amazon
Developer AWS CDK
Monorepo Team DynamoDB

Request
Database Creates

~ days
Ticketing Database Amazon
System Team RDS

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What can we do to shorten
deployment time?

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Requirements

I would like to standardize the deployment process for

application teams while enforcing organizational
standards.
Platform Builders

I would like to have a full-ownership of my application and

its backing services deployment lifecycle.

App Developers

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Infrastructure and runtime
Best practices for
developing and
deploying cloud
infrastructure with
the AWS CDK

code live in the same package

Best practices for developing and deploying cloud

infrastructure with the AWS CDK
https://docs.aws.amazon.com/cdk/v2/guide/best-practices.html

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Kubernetes as a Platform with IaC

Develop Merge Deploy Apply

Controller
creates
Load Balancer ~ minutes
runtime runtime Application
configuration Repository
(Kubernetes (runtime
Manifests) & EBS
infrastructure)

Develop Apply Creates

~ minutes
infrastructure Amazon
Developers AWS CDK
DynamoDB

Deployment time: from hours to minutes

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Kubernetes as an operator/controller

Develop Merge Apply Controller

creates
Load Balancer ~ minutes
runtime runtime Infrastructure Application
configuration Repository
(Kubernetes (runtime
Manifests) & EBS
infrastructure)

~ minutes
Developer Amazon
DynamoDB

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Infrastructure Controllers

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Infrastructure Controllers

Manage cloud services using Kubernetes API

A single API for Kubernetes and AWS Services

Create your own platform API

Declarative infrastructure configuration

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Infrastructure Controllers – toolset

AWS Controllers for Kubernetes Control Plane Framework

Manage AWS services using Orchestrate applications and
Kubernetes infrastructure

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Kubernetes as an API

Develop Merge Apply Controller

creates
Load Balancer ~ minutes
runtime runtime Infrastructure Application
configuration Repository
(Kubernetes (runtime
Manifests) & EBS
infrastructure)

~ minutes
Developer Amazon
DynamoDB

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Now I have to configure my
Any developer…

infrastructure too?
d

Any developer…

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Team concerns – Application teams

Database Instance
App Team
Concerns

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Team concerns – Platform teams
AWS Composition On-Premise Composition

Platform Team
Concerns
IAM RDS CloudWatch PostgreSQL Prometheus

Database Instance
App Team
Concerns

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compositions in IaC

AWS CDK

“Composition is the key “Modules are containers

pattern for defining
higher-level abstractions
through constructs.”
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
for multiple resources
that are used together”
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compositions with IaC
AWS Composition On-Premise Composition

Platform Team
Concerns
IAM RDS CloudWatch PostgreSQL Prometheus

AWS CDK
composition Module

Database Instance
App Team
Concerns

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compositions IaC

AWS CDK

“Composition is the key “Modules are containers

pattern for defining for multiple resources ?
higher-level abstractions that are used together”
through constructs.”

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compositions in Kubernetes
AWS Composition On-Premise Composition

Platform Team
Concerns
IAM RDS CloudWatch PostgreSQL Prometheus

Crossplane Kubevela

<Kubernetes API>

Database Instance
App Team
Concerns

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Leveraging ecosystem tooling

Apply Controller Load Balancer

creates
Helm cdk8s
Application
Repository

EBS

ArgoCD FluxCD

Amazon
DynamoDB

Kyverno OPA

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Solution Overview

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon EKS Cluster Provisioning
Management Cluster

Platform team Tools

gitops-system
member

Staging Cluster

Tools

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Application onboarding process
1 4

Developer 2 product catalog apps

Workloads Cluster

Crossplane Tools
Platform team
gitops workloads
member

RDS

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo time J

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Solution
HTTPS://AWS.AMAZON.COM/BLOGS/CONTAINERS/PART-1-BUILD-MULTI-CLUSTER-GITOPS-USING-AMAZON-EKS-FLUX-
CD-AND-CROSSPLANE/

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Takeaways

• Packaging runtime and infrastructure can define clear responsibilities

• Infrastructure controllers extends Kubernetes capabilities for provisioning
AWS Services
• Kubernetes as an API enable standardization
• Integrate with Kubernetes ecosystem
• Using GitOps for AWS managed services

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!
Tsahi Duek
Principal Specialist Solutions Architect,
Containers
AWS

LinkedIn - Tsahi Duek

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Please complete the
session survey

© 2021,
2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.