Cloud Network Architectures for Kubernetes Workloads
Deploying Kubernetes in public cloud is easy and is becoming easier. However, when it comes to connecting the applications running in these Kubernetes clusters to everything else you have in the cloud or outside of the cloud, it becomes very challenging very quickly.
This paper focuses on solving these challenges by discussing different infrastructure design patterns that must be considered for implementing Kubernetes workload in public cloud. I am using Amazon EKS as an example otherwise the paper would be unmanageably long, but the same conversation applies to any flavor of Kubernetes including but not limited to Amazon EKS, Microsoft Azure AKS, Google GKE, OpenShift and any other Kubernetes implementation in Public Cloud.
Typical roles in enterprises that are responsible for implementing infrastructure for this such as Network and Security Engineers and Architects, DevOps leaders, SREs and anyone dealing with designing, architecting, implementing and operating VPCs, Nets, Firewalls etc. in public cloud may benefit from this discussion.
This paper is not an implementation guide rather a design conversation walking thru different aspects of architecture that must be considered and their resulting design patterns.
Basic understanding of VPC, Cloud Networking, Aviatrix Transit architecture and Kubernetes Networking is highly recommended however not required.