Amazon EKS - Deploy Cilium CNI and Secure Pod Communications using Network Policies
Description
Cilium is an open source software for providing, securing and observing network connectivity between container workloads - cloud native, and fueled by the revolutionary Kernel technology eBPF.
In this Lab scenario, you'll learn how to reconfigure an EKS cluster to utilize Cilium as it's CNI provider.
You'll also learn how to deploy a sample Star Wars themed application into the cluster, and then secure it using Cilium based Network Policies.
May the force be with you!
Learning Objectives
Upon completion of this Lab, you will be able to:
- Reconfigure EKS to utilize Cilium as it's CNI provider
- Deploy a sample Star Wars themed application
- Secure Pod inter-communication using Cilium based Network Policies
Intended Audience
This lab is intended for:
- Kubernetes practitioners
- DevOps Engineers
Lab Prerequisites
You should be familiar with:
- Basic Linux command line administration
- Basic Kubernetes and Container-based concepts
Consider taking the following courseware in preparation for this lab:
Lab Environment
This Lab will start with the following AWS resources provisioned automatically for you:
- 1 x EKS cluster - Cluster-1 - provides a fully functional Kubernetes cluster
- 1 x NodeGroup
- 1 x EC2 Worker Nodes
- 1 x NodeGroup
- 2 x EC2 instances
- eks.launch.instance - used to launch the EKS cluster (not accessible)
- cloudacademylabs - used to provide SSH access to administer the EKS cluster
Updates
December 5th, 2023 - Updated Kubernetes version
March 6th, 2023 - Updated to K8s 1.24