A little trick I learned for copying files out of a (somewhat) locked down EC2 worker node for EKS

Disclaimer: you should have also have access to EKS cluster via kubectl
Read more →

Managing multiple EKS clusters access using Apiservers’ private endpoints with AWS VPN

I manage multiple EKS clusters (multi-envs multi-tenants) at work and access to these is via Bastion instances deployed within each VPC of those clusters.

However this approach can become unmaintainable over time as the number of Bastion instances will grow with the number of clusters we manage. This means additional effort required for monitoring and maintenance of each of those Bastion instances.

This led to the idea of removing all Bastion instances and configure direct access to Apiservers instead.

Read more →