Weaveworks, profile picture
Uploaded byWeaveworks
209 views

Building internal developer platform with EKS and GitOps

The document outlines a partnership between Amazon Web Services (AWS) and Weaveworks to develop internal developer platforms (IDPs) leveraging EKS and GitOps for enhanced Kubernetes management. It details the benefits of IDPs, including improved developer autonomy, reduced operational loads, and increased productivity through automation and self-service capabilities. The document also highlights the importance of open-source collaboration and various tools available for configuring and deploying EKS clusters.

Embed presentation

Confidential do not distribute Building internal developer platforms with EKS and GitOps In partnership with:
2 Elamaran Shanmugam Sr. Containers Specialist Solutions Architect, AWS Elamaran (Ela) Shanmugam is a Sr. Containers Specialist Solutions Architect with Amazon Web Services and he has 17+ years of experience in architecting, building and operating open source, enterprise systems and infrastructure. Ela is a Container, Observability and Multi-Account Architecture SME and helps AWS customers to design and build scalable, secure and optimized container workloads on AWS. At AWS, he enjoys public speaking, mentoring and publishing engaging technical contents such as whitepapers, blogs and best practice guides. He is based out of Tampa, Florida. Darryl Weaver Solutions Architect, Weaveworks Darryl Weaver has worked with open source software for over 20 years in his own business and working for companies such as Canonical, Datapipe and worked with organizations such as Rackspace and Redhat. Specializing in Infrastructure and Platform Engineering with a focus on open source, such as Openstack and Kubernetes. Speaker introductions
Confidential do not distribute Weaveworks is backed by solid investors Weaveworks: the GitOps company Weaveworks is deeply committed to the Open Source Community Our Product Weave GitOps Enterprise developer platform works with Kubernetes to remove the complexity and trust barriers to adoption Our Mission Deliver and own the cloud native operating model for developers
Confidential do not distribute 4 Amazon Web Services and Weaveworks ● Weaveworks and AWS partnership bringing advanced Kubernetes (EKS) to enterprises in the financial, technology, and Telco industries ● Co-development of open source tools and technologies, such as eksctl, the official command line tool for the Amazon EKS managed Kubernetes service ● Uniquely - Weaveworks team is part of the AWS product development process ● Collaboration on a great GitOps on EKS Accelerator program available on AWS Marketplace +
Confidential do not distribute 5 An Internal Developer Platform (IDP) is built by a platform team to build golden paths and enable developer self-service. An IDP consists of many different techs and tools, glued together in a way that lowers cognitive load on developers without abstracting away context and underlying technologies. Internal developer platforms are being used across all sectors and org sizes, e.g. Amazon built and uses one to minimize the operational load on their DevOps teams and provide required abstractions to their software development teams. Critical components include: ● Infrastructure orchestration ● Role-based action management ● Application configuration management ● Deployment management ● Environment management ● Observability What is an Internal Developer Platform (IDP)
Confidential do not distribute 6 The Ops teams specify what resources start up with what environment or at what request. Ops sets baseline templates for application configurations and govern permissions. This automates recurring tasks such as deploying whole clusters already configured for a particular use-case and makes their setup easier to maintain by enforcing standards. Developer teams gain autonomy by changing configurations, deploying, spinning up fully provisioned environments, and rollback. What we are using for our demo today: ● The EKS blueprints Terraform Library of Examples ● Weave Gitops Enterprise with embedded Terraform Controller We are building an IDP with AWS EKS and Weave GitOps
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Overview of Amazon EKS
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. 2021 is the year Kubernetes crossed the chasm Amazon EKS Fully managed container orchestration with Kubernetes 96% of organizations are either using or evaluating Kubernetes 5.6 Million developers using Kubernetes today (+67% from just a year ago). EKS is the most popular managed Kubernetes service available (39% of respondents) 2021 CNCF Cloud Survey
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Day 2 Operational Challenges Amazon EKS Security Cilium Gatekeeper Secrets Manager Observability Prometheus Fluent Bit OTEL Reliability Karpenter Autoscaler Keda Delivery Flux Crossplane Other Weave Gitops
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. What we hear from customers How do I integrate EKS external services like with Managed Grafana and Prometheus? What are sensible defaults for a best practices EKS cluster? How do I configure and EKS cluster to run workloads for multiple teams? How can I build an EKS cluster that meets the NSA hardening guidelines? How can I integrate EKS with an external IDP to manage cluster access? How can I run big data/analytics workloads on EKS?
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Working backwards from customers Flexible tools that allow customers to easily customize an EKS cluster to meet their unique requirements A starting point for net new development and experimentation on container services. Out of the box integrations with popular AWS services and open source tools A foundation that allows for customization and expansion over time.
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. EKS Blueprints
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. EKS Blueprints An open-source framework that allows you to configure and deploy complete EKS clusters Infrastructure as Code with Terraform and CDK Based on AWS best practices and recommendations Integrated with popular K8s tools and services Fully extensible and customizable
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Open Source Repositories
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. • Configure and deploy EKS clusters according to AWS best practices. • Replicate clusters across AWS accounts and regions. • Integrate with an existing VPC or leverage the solution to deploy a new one. Cluster Management • Out of the box modules for popular Kubernetes add-ons. • Provisions AWS resources that are necessary to support add-on functionality. Add-on Management • Create distinct teams for both administrators and application owners. • Manage secure namespaces access for application teams. Team Management • Leverage GitOps tooling to manage workloads that run across your clusters. • Self-service onboarding of new workloads via a Pull Request. Workload Management What you get with EKS Blueprints
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Example Blueprint Teams Add-ons Clusters Amazon EKS Team B Team C Team D KEDA Nginx CoreDNS External DNS Cluster Autoscaler Grafana Cert Manager Prometheus Team A Team E AWS Outposts Bottlerocket AWS Fargate
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Resources Terraform • GitHub Repo - https://github.com/aws-ia/terraform-aws-eks-blueprints • Documentation - https://aws-ia.github.io/terraform-aws-eks-blueprints CDK • GitHub Repo - https://github.com/aws-quickstart/cdk-eks-blueprints • Documentation - https://aws-quickstart.github.io/cdk-eks-blueprints GitOps • Workloads Repo - https://github.com/aws-samples/eks-blueprints-workloads • Add-ons Repo - https://github.com/aws-samples/eks-blueprints-add-ons
18 Confidential do not distribute Weave GitOps Enterprise “The software that automates your Kubernetes platform”
Confidential do not distribute 19 Why GitOps? ● Increased Productivity ● Enhanced Developer Experience ● Improved Stability ● Higher Reliability ● Consistency and Standardization ● Stronger Security Guardrails
Confidential do not distribute 20 What is Weave GitOps DEVELOPER EXPERIENCE • Continuous Delivery, observability and monitoring • Consistent developer workflows across multiple deployments • Team workspaces for multi-tenanted usage OPERATOR EXPERIENCE • Extend Kubernetes to managed platform using GitOps model • An Open Source Kubernetes platform for on-premise deployment • Additive to manage Kubernetes (e.g. EKS, AKS or GKE) • Upgrades to new versions • Extensible controls to implement security and policy controls
Confidential do not distribute 21 App Team workspaces App Management Cluster App Leaf Cluster Profile Policy Management Management UI Weave GitOps Enterprise Kubernetes Cluster Management UI Management UI Multi Cluster Installer (CAPI) Weave GitOps Enterprise Kubernetes Weave GitOps Enterprise
Confidential do not distribute 22 Flatten the Terraform learning curve through a best in class developer experience. A centralized management and observability UI and notification system reduce context switching when testing or debugging. Developer autonomy can be established safely through guardrails when operating and creating infrastructure. • Reduce onramp by simplifying Terraform (No HCL) so DevOps teams can self-service their infrastructure needs • Central visibility and control of all TF objects across all environments - debug and fix easily • Reduce risk by applying guardrails to infrastructure creation & management • We help you make the most out of your Terraform investment TF Controller
Confidential do not distribute 24 Benefits of Terraform Controller: 1. GitOps your existing Terraform 2. View Status and Plan of Terraform deployments using the Weave GitOps Enterprise UI 3. Manage the Terraform deployments of multiple teams with multi-tenancy 4. Run as a Terraform runner inside your target environment 5. Drift Detection notifies operators allowing investigation and corrective action 6. Git repository logs all changes for traceability, including manual approvals 7. Publish planned changes to git Pull Requests as a comment, prior to approval 8. Apply Kubernetes policy controls directly to Terraform modules TF Controller
Confidential do not distribute 25 ● Prerequisites: ○ Fork the EKS Blueprints repository ■ https://github.com/aws-ia/terraform-aws-eks-blueprints ○ Modify EKS Blueprints to customise values ■ AWS Region ■ Cluster Name ■ Kubernetes Version ■ Size of workload node group ○ Create a Terraform Template for Weave Gitops Enterprise ■ Use auto apply EKS Blueprint Deployment Demo
Confidential do not distribute 26 ● Demo ○ Create an instance of the Terraform Template in the Weave Gitops Enterprise management cluster ■ Use the Template to deploy a copy of the EKS Blueprint with the values set ● Cluster deployment starts ■ Show an already deployed EKS Blueprint cluster ● Show the Inventory and the Last deployed Plan ● Then edit the cluster ● Approve the Pull Request ● The Terraform is re-run with new values ● The plan is produced and applied automatically EKS Blueprint Deployment Demo
27 Confidential do not distribute Demo
Confidential do not distribute 28 ✓ Create an instance of the Terraform Template in the WGE management cluster ✓ Use the Template to deploy a copy of the EKS Blueprint with the values set ✓ Cluster deployment starts ✓ Show an already deployed EKS Blueprint cluster ✓ Show the Inventory and the Last deployed Plan ✓ Then edit the cluster ✓ Approve the Pull Request ✓ The Terraform is re-run with new values ✓ The plan is produced and applied automatically EKS Blueprint Deployment Tasks
Confidential do not distribute 29 1. Increased productivity: Ops makes the most efficient technologies and tools; repetitive tasks are automated, pressure is relieved 2. Enable developer self service: dev teams do not rely on operations; manage deployments and environments on its own using pre-configured platform configurations and processes. 3. Increase visibility and deployment frequency while decreasing load and lead time 4. Reduce friction - encourage developers to focus on code, innovation and experimentation within safe and secure guardrails 5. Reduce onramp for apps and teams - rely on smooth platform processes that have been pre-planned, allowing it to start projects quickly and with less effort 6. Reduce costs and increase stability: faster time to value for clients through internal platform's out-of-the-box processes and workflows and consistent app deployment and management Recap: 6 key benefits when utilizing an IDP
30 Confidential do not distribute Questions?
31 Whitepaper: The GitOps Guide to Building & Managing Internal Platformshttp://bit.ly/3ynmtxs Learn more about Weave GitOps www.weave.works/enterprise Get started with our help: EKS Accelerator on AWS Marketplace Thank You

More Related Content

PDF
Introduction of Kubernetes - Trang Nguyen
byTrang Nguyen
 
PPTX
01. Kubernetes-PPT.pptx
byTamalBanerjee16
 
PDF
DevJam 2019 - Introduction to Kubernetes
byRonny Trommer
 
PDF
Real World CI/CD with Kubernetes
byOpsta
 
PPTX
Azure kubernetes service (aks)
byAkash Agrawal
 
PDF
Google Cloud Networking Deep Dive
byMichelle Holley
 
PDF
Hands-On Introduction to Kubernetes at LISA17
byRyan Jarvinen
 
PDF
Enterprise Cloud Governance: A Frictionless Approach
byRightScale
 
Introduction of Kubernetes - Trang Nguyen
byTrang Nguyen
 
01. Kubernetes-PPT.pptx
byTamalBanerjee16
 
DevJam 2019 - Introduction to Kubernetes
byRonny Trommer
 
Real World CI/CD with Kubernetes
byOpsta
 
Azure kubernetes service (aks)
byAkash Agrawal
 
Google Cloud Networking Deep Dive
byMichelle Holley
 
Hands-On Introduction to Kubernetes at LISA17
byRyan Jarvinen
 
Enterprise Cloud Governance: A Frictionless Approach
byRightScale
 

What's hot

PDF
Microservices for Application Modernisation
byAjay Kumar Uppal
 
PDF
Getting Started with Kubernetes
byVMware Tanzu
 
PPTX
Kubernetes 101
byVishwas N
 
PDF
A Practical Guide to Cloud Migration
byAlaina Carter
 
PPTX
cloud-migrations.pptx
byJohn Mulhall
 
PDF
Kubernetes Basics
byEueung Mulyana
 
PPTX
AKS
bygirish goudar
 
PDF
Introduction to Kubernetes with demo
byOpsta
 
PDF
Running PostgreSQL in a Kubernetes cluster: CloudNativePG
byNick Ivanov
 
PDF
OpenShift Virtualization- Technical Overview.pdf
byssuser1490e8
 
PPTX
Cloud Migration, Application Modernization, and Security
byTom Laszewski
 
PPTX
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
byFloyd DCosta
 
PPTX
Kubernetes Introduction
byEric Gustafson
 
PDF
Kubernetes Architecture and Introduction
byStefan Schimanski
 
PDF
Implementing Flux for Scale with Soft Multi-tenancy
byWeaveworks
 
PPTX
Cloud Center of Excellence
byJeremy Canale
 
PPTX
Kubernetes
byHenry He
 
PDF
IBM MQ High Availability 2019
byDavid Ware
 
PPTX
Microservices in the Apache Kafka Ecosystem
byconfluent
 
PPTX
Service Discovery In Kubernetes
byKnoldus Inc.
 
Microservices for Application Modernisation
byAjay Kumar Uppal
 
Getting Started with Kubernetes
byVMware Tanzu
 
Kubernetes 101
byVishwas N
 
A Practical Guide to Cloud Migration
byAlaina Carter
 
cloud-migrations.pptx
byJohn Mulhall
 
Kubernetes Basics
byEueung Mulyana
 
AKS
bygirish goudar
 
Introduction to Kubernetes with demo
byOpsta
 
Running PostgreSQL in a Kubernetes cluster: CloudNativePG
byNick Ivanov
 
OpenShift Virtualization- Technical Overview.pdf
byssuser1490e8
 
Cloud Migration, Application Modernization, and Security
byTom Laszewski
 
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
byFloyd DCosta
 
Kubernetes Introduction
byEric Gustafson
 
Kubernetes Architecture and Introduction
byStefan Schimanski
 
Implementing Flux for Scale with Soft Multi-tenancy
byWeaveworks
 
Cloud Center of Excellence
byJeremy Canale
 
Kubernetes
byHenry He
 
IBM MQ High Availability 2019
byDavid Ware
 
Microservices in the Apache Kafka Ecosystem
byconfluent
 
Service Discovery In Kubernetes
byKnoldus Inc.
 

Similar to Building internal developer platform with EKS and GitOps

PDF
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
byWeaveworks
 
PPTX
Scaling production grade EKS Multi-Cluster environments using GitOps
byCarlos Santana
 
PDF
Amazon EKS multi-cluster gitops-bridge
byCarlos Santana
 
PPTX
Bootstrapping Clusters with EKS Blueprints.pptx
byssuserd4e0d2
 
PDF
From Zero to Production with Amazon EKS Blueprints for Terraform
byTal Hibner
 
PDF
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
byWeaveworks
 
PDF
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
byWeaveworks
 
PDF
A GitOps model for High Availability and Disaster Recovery on EKS
byWeaveworks
 
PDF
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
byWeaveworks
 
PDF
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
bySonja Schweigert
 
PPTX
Bootstrapping Clusters with EKS Blueprints.pptx
byssuserd4e0d2
 
PPTX
EKS New features - Re:invent 2022 recap at AWSUGNL Benelux
byMasoom Tulsiani
 
PDF
Julia Furst Morgado Managing EKS Clusters at Scale using Blueprints and Infra...
byAWS Chicago
 
PPTX
LX-COMM-XX-Streamlined-deployment to Amazon EKS (1).pptx
byssuserd4e0d2
 
PDF
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
byWeaveworks
 
PDF
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
byWeaveworks
 
PDF
Observe and command your fleets across any kubernetes with weave git ops
byWeaveworks
 
PDF
Simplifying Hybrid EKS
byWeaveworks
 
PDF
Amazon EKS Managed Kubernetes Cluster
bykloia
 
PDF
Introduction to EKS (AWS User Group Slovakia)
byVladimir Simek
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
byWeaveworks
 
Scaling production grade EKS Multi-Cluster environments using GitOps
byCarlos Santana
 
Amazon EKS multi-cluster gitops-bridge
byCarlos Santana
 
Bootstrapping Clusters with EKS Blueprints.pptx
byssuserd4e0d2
 
From Zero to Production with Amazon EKS Blueprints for Terraform
byTal Hibner
 
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
byWeaveworks
 
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
byWeaveworks
 
A GitOps model for High Availability and Disaster Recovery on EKS
byWeaveworks
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
byWeaveworks
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
bySonja Schweigert
 
Bootstrapping Clusters with EKS Blueprints.pptx
byssuserd4e0d2
 
EKS New features - Re:invent 2022 recap at AWSUGNL Benelux
byMasoom Tulsiani
 
Julia Furst Morgado Managing EKS Clusters at Scale using Blueprints and Infra...
byAWS Chicago
 
LX-COMM-XX-Streamlined-deployment to Amazon EKS (1).pptx
byssuserd4e0d2
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
byWeaveworks
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
byWeaveworks
 
Observe and command your fleets across any kubernetes with weave git ops
byWeaveworks
 
Simplifying Hybrid EKS
byWeaveworks
 
Amazon EKS Managed Kubernetes Cluster
bykloia
 
Introduction to EKS (AWS User Group Slovakia)
byVladimir Simek
 

More from Weaveworks

PDF
GitOps Testing in Kubernetes with Flux and Testkube.pdf
byWeaveworks
 
PDF
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
byWeaveworks
 
PDF
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
byWeaveworks
 
PDF
Six Signs You Need Platform Engineering
byWeaveworks
 
PDF
Intro to GitOps with Weave GitOps, Flagger and Linkerd
byWeaveworks
 
PDF
Robust Network Security and Observability with GitOps and Cilium
byWeaveworks
 
PDF
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
byWeaveworks
 
PDF
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
byWeaveworks
 
PDF
Intro to GitOps & Flux.pdf
byWeaveworks
 
PDF
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
byWeaveworks
 
PDF
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
byWeaveworks
 
PDF
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
byWeaveworks
 
PDF
Weave AI Controllers (Weave GitOps Office Hours)
byWeaveworks
 
PDF
Flux Beyond Git Harnessing the Power of OCI
byWeaveworks
 
PDF
The Story of Flux Reaching Graduation in the CNCF
byWeaveworks
 
PDF
Flux’s Security & Scalability with OCI & Helm Slides.pdf
byWeaveworks
 
PDF
Flamingo: Expand ArgoCD with Flux (Office Hours)
byWeaveworks
 
PDF
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
byWeaveworks
 
PDF
Flux Security & Scalability using VS Code GitOps Extension
byWeaveworks
 
PDF
How to Avoid Kubernetes Multi-tenancy Catastrophes
byWeaveworks
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
byWeaveworks
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
byWeaveworks
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
byWeaveworks
 
Six Signs You Need Platform Engineering
byWeaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
byWeaveworks
 
Robust Network Security and Observability with GitOps and Cilium
byWeaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
byWeaveworks
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
byWeaveworks
 
Intro to GitOps & Flux.pdf
byWeaveworks
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
byWeaveworks
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
byWeaveworks
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
byWeaveworks
 
Weave AI Controllers (Weave GitOps Office Hours)
byWeaveworks
 
Flux Beyond Git Harnessing the Power of OCI
byWeaveworks
 
The Story of Flux Reaching Graduation in the CNCF
byWeaveworks
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
byWeaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
byWeaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
byWeaveworks
 
Flux Security & Scalability using VS Code GitOps Extension
byWeaveworks
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
byWeaveworks
 

Recently uploaded

PDF
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
PPTX
"Feelings versus facts: why metrics are more important than intuition", Igor ...
byFwdays
 
PDF
ODSC AI West: Agent Optimization: Beyond Context engineering
byShashikant Jagtap
 
PDF
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
PDF
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
PDF
Lets Build a Serverless Function with Kiro
byChris Bingham
 
PDF
[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...
byWintari Yasmin
 
PPTX
kernel PPT (Explanation of Windows Kernal).pptx
byINFOBYTES1
 
PDF
Genesys Vision & CX Trends 2026 Unlocking Business Value in the Experience Ec...
byUni Systems S.M.S.A.
 
PDF
Welcome by Uni Systems: Shaping Experiences
byUni Systems S.M.S.A.
 
PDF
PCCC25(設立25年記念PCクラスタシンポジウム):富士通株式会社 テーマ2「AI Computing Broker: Make your GPUs ...
byPC Cluster Consortium
 
PDF
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
PDF
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 
PDF
[DevFest Strasbourg 2025] - NodeJs Can do that !!
bymoassiongbon
 
PDF
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
PDF
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
PDF
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
PDF
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 
PDF
"DISC as GPS for team leaders: how to lead a team from storming to performing...
byFwdays
 
PDF
How Much Does It Cost To Build Software
bycollinmishell2
 
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
"Feelings versus facts: why metrics are more important than intuition", Igor ...
byFwdays
 
ODSC AI West: Agent Optimization: Beyond Context engineering
byShashikant Jagtap
 
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
Lets Build a Serverless Function with Kiro
byChris Bingham
 
[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...
byWintari Yasmin
 
kernel PPT (Explanation of Windows Kernal).pptx
byINFOBYTES1
 
Genesys Vision & CX Trends 2026 Unlocking Business Value in the Experience Ec...
byUni Systems S.M.S.A.
 
Welcome by Uni Systems: Shaping Experiences
byUni Systems S.M.S.A.
 
PCCC25(設立25年記念PCクラスタシンポジウム):富士通株式会社 テーマ2「AI Computing Broker: Make your GPUs ...
byPC Cluster Consortium
 
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 
[DevFest Strasbourg 2025] - NodeJs Can do that !!
bymoassiongbon
 
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 
"DISC as GPS for team leaders: how to lead a team from storming to performing...
byFwdays
 
How Much Does It Cost To Build Software
bycollinmishell2
 

Building internal developer platform with EKS and GitOps

  • 1.
    Confidential do notdistribute Building internal developer platforms with EKS and GitOps In partnership with:
  • 2.
    2 Elamaran Shanmugam Sr. ContainersSpecialist Solutions Architect, AWS Elamaran (Ela) Shanmugam is a Sr. Containers Specialist Solutions Architect with Amazon Web Services and he has 17+ years of experience in architecting, building and operating open source, enterprise systems and infrastructure. Ela is a Container, Observability and Multi-Account Architecture SME and helps AWS customers to design and build scalable, secure and optimized container workloads on AWS. At AWS, he enjoys public speaking, mentoring and publishing engaging technical contents such as whitepapers, blogs and best practice guides. He is based out of Tampa, Florida. Darryl Weaver Solutions Architect, Weaveworks Darryl Weaver has worked with open source software for over 20 years in his own business and working for companies such as Canonical, Datapipe and worked with organizations such as Rackspace and Redhat. Specializing in Infrastructure and Platform Engineering with a focus on open source, such as Openstack and Kubernetes. Speaker introductions
  • 3.
    Confidential do notdistribute Weaveworks is backed by solid investors Weaveworks: the GitOps company Weaveworks is deeply committed to the Open Source Community Our Product Weave GitOps Enterprise developer platform works with Kubernetes to remove the complexity and trust barriers to adoption Our Mission Deliver and own the cloud native operating model for developers
  • 4.
    Confidential do notdistribute 4 Amazon Web Services and Weaveworks ● Weaveworks and AWS partnership bringing advanced Kubernetes (EKS) to enterprises in the financial, technology, and Telco industries ● Co-development of open source tools and technologies, such as eksctl, the official command line tool for the Amazon EKS managed Kubernetes service ● Uniquely - Weaveworks team is part of the AWS product development process ● Collaboration on a great GitOps on EKS Accelerator program available on AWS Marketplace +
  • 5.
    Confidential do notdistribute 5 An Internal Developer Platform (IDP) is built by a platform team to build golden paths and enable developer self-service. An IDP consists of many different techs and tools, glued together in a way that lowers cognitive load on developers without abstracting away context and underlying technologies. Internal developer platforms are being used across all sectors and org sizes, e.g. Amazon built and uses one to minimize the operational load on their DevOps teams and provide required abstractions to their software development teams. Critical components include: ● Infrastructure orchestration ● Role-based action management ● Application configuration management ● Deployment management ● Environment management ● Observability What is an Internal Developer Platform (IDP)
  • 6.
    Confidential do notdistribute 6 The Ops teams specify what resources start up with what environment or at what request. Ops sets baseline templates for application configurations and govern permissions. This automates recurring tasks such as deploying whole clusters already configured for a particular use-case and makes their setup easier to maintain by enforcing standards. Developer teams gain autonomy by changing configurations, deploying, spinning up fully provisioned environments, and rollback. What we are using for our demo today: ● The EKS blueprints Terraform Library of Examples ● Weave Gitops Enterprise with embedded Terraform Controller We are building an IDP with AWS EKS and Weave GitOps
  • 7.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Overview of Amazon EKS
  • 8.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. 2021 is the year Kubernetes crossed the chasm Amazon EKS Fully managed container orchestration with Kubernetes 96% of organizations are either using or evaluating Kubernetes 5.6 Million developers using Kubernetes today (+67% from just a year ago). EKS is the most popular managed Kubernetes service available (39% of respondents) 2021 CNCF Cloud Survey
  • 9.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Day 2 Operational Challenges Amazon EKS Security Cilium Gatekeeper Secrets Manager Observability Prometheus Fluent Bit OTEL Reliability Karpenter Autoscaler Keda Delivery Flux Crossplane Other Weave Gitops
  • 10.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. What we hear from customers How do I integrate EKS external services like with Managed Grafana and Prometheus? What are sensible defaults for a best practices EKS cluster? How do I configure and EKS cluster to run workloads for multiple teams? How can I build an EKS cluster that meets the NSA hardening guidelines? How can I integrate EKS with an external IDP to manage cluster access? How can I run big data/analytics workloads on EKS?
  • 11.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Working backwards from customers Flexible tools that allow customers to easily customize an EKS cluster to meet their unique requirements A starting point for net new development and experimentation on container services. Out of the box integrations with popular AWS services and open source tools A foundation that allows for customization and expansion over time.
  • 12.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. EKS Blueprints
  • 13.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. EKS Blueprints An open-source framework that allows you to configure and deploy complete EKS clusters Infrastructure as Code with Terraform and CDK Based on AWS best practices and recommendations Integrated with popular K8s tools and services Fully extensible and customizable
  • 14.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Open Source Repositories
  • 15.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. • Configure and deploy EKS clusters according to AWS best practices. • Replicate clusters across AWS accounts and regions. • Integrate with an existing VPC or leverage the solution to deploy a new one. Cluster Management • Out of the box modules for popular Kubernetes add-ons. • Provisions AWS resources that are necessary to support add-on functionality. Add-on Management • Create distinct teams for both administrators and application owners. • Manage secure namespaces access for application teams. Team Management • Leverage GitOps tooling to manage workloads that run across your clusters. • Self-service onboarding of new workloads via a Pull Request. Workload Management What you get with EKS Blueprints
  • 16.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Example Blueprint Teams Add-ons Clusters Amazon EKS Team B Team C Team D KEDA Nginx CoreDNS External DNS Cluster Autoscaler Grafana Cert Manager Prometheus Team A Team E AWS Outposts Bottlerocket AWS Fargate
  • 17.
    © 2020, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark. Resources Terraform • GitHub Repo - https://github.com/aws-ia/terraform-aws-eks-blueprints • Documentation - https://aws-ia.github.io/terraform-aws-eks-blueprints CDK • GitHub Repo - https://github.com/aws-quickstart/cdk-eks-blueprints • Documentation - https://aws-quickstart.github.io/cdk-eks-blueprints GitOps • Workloads Repo - https://github.com/aws-samples/eks-blueprints-workloads • Add-ons Repo - https://github.com/aws-samples/eks-blueprints-add-ons
  • 18.
    18 Confidential do notdistribute Weave GitOps Enterprise “The software that automates your Kubernetes platform”
  • 19.
    Confidential do notdistribute 19 Why GitOps? ● Increased Productivity ● Enhanced Developer Experience ● Improved Stability ● Higher Reliability ● Consistency and Standardization ● Stronger Security Guardrails
  • 20.
    Confidential do notdistribute 20 What is Weave GitOps DEVELOPER EXPERIENCE • Continuous Delivery, observability and monitoring • Consistent developer workflows across multiple deployments • Team workspaces for multi-tenanted usage OPERATOR EXPERIENCE • Extend Kubernetes to managed platform using GitOps model • An Open Source Kubernetes platform for on-premise deployment • Additive to manage Kubernetes (e.g. EKS, AKS or GKE) • Upgrades to new versions • Extensible controls to implement security and policy controls
  • 21.
    Confidential do notdistribute 21 App Team workspaces App Management Cluster App Leaf Cluster Profile Policy Management Management UI Weave GitOps Enterprise Kubernetes Cluster Management UI Management UI Multi Cluster Installer (CAPI) Weave GitOps Enterprise Kubernetes Weave GitOps Enterprise
  • 22.
    Confidential do notdistribute 22 Flatten the Terraform learning curve through a best in class developer experience. A centralized management and observability UI and notification system reduce context switching when testing or debugging. Developer autonomy can be established safely through guardrails when operating and creating infrastructure. • Reduce onramp by simplifying Terraform (No HCL) so DevOps teams can self-service their infrastructure needs • Central visibility and control of all TF objects across all environments - debug and fix easily • Reduce risk by applying guardrails to infrastructure creation & management • We help you make the most out of your Terraform investment TF Controller
  • 24.
    Confidential do notdistribute 24 Benefits of Terraform Controller: 1. GitOps your existing Terraform 2. View Status and Plan of Terraform deployments using the Weave GitOps Enterprise UI 3. Manage the Terraform deployments of multiple teams with multi-tenancy 4. Run as a Terraform runner inside your target environment 5. Drift Detection notifies operators allowing investigation and corrective action 6. Git repository logs all changes for traceability, including manual approvals 7. Publish planned changes to git Pull Requests as a comment, prior to approval 8. Apply Kubernetes policy controls directly to Terraform modules TF Controller
  • 25.
    Confidential do notdistribute 25 ● Prerequisites: ○ Fork the EKS Blueprints repository ■ https://github.com/aws-ia/terraform-aws-eks-blueprints ○ Modify EKS Blueprints to customise values ■ AWS Region ■ Cluster Name ■ Kubernetes Version ■ Size of workload node group ○ Create a Terraform Template for Weave Gitops Enterprise ■ Use auto apply EKS Blueprint Deployment Demo
  • 26.
    Confidential do notdistribute 26 ● Demo ○ Create an instance of the Terraform Template in the Weave Gitops Enterprise management cluster ■ Use the Template to deploy a copy of the EKS Blueprint with the values set ● Cluster deployment starts ■ Show an already deployed EKS Blueprint cluster ● Show the Inventory and the Last deployed Plan ● Then edit the cluster ● Approve the Pull Request ● The Terraform is re-run with new values ● The plan is produced and applied automatically EKS Blueprint Deployment Demo
  • 27.
    27 Confidential do notdistribute Demo
  • 28.
    Confidential do notdistribute 28 ✓ Create an instance of the Terraform Template in the WGE management cluster ✓ Use the Template to deploy a copy of the EKS Blueprint with the values set ✓ Cluster deployment starts ✓ Show an already deployed EKS Blueprint cluster ✓ Show the Inventory and the Last deployed Plan ✓ Then edit the cluster ✓ Approve the Pull Request ✓ The Terraform is re-run with new values ✓ The plan is produced and applied automatically EKS Blueprint Deployment Tasks
  • 29.
    Confidential do notdistribute 29 1. Increased productivity: Ops makes the most efficient technologies and tools; repetitive tasks are automated, pressure is relieved 2. Enable developer self service: dev teams do not rely on operations; manage deployments and environments on its own using pre-configured platform configurations and processes. 3. Increase visibility and deployment frequency while decreasing load and lead time 4. Reduce friction - encourage developers to focus on code, innovation and experimentation within safe and secure guardrails 5. Reduce onramp for apps and teams - rely on smooth platform processes that have been pre-planned, allowing it to start projects quickly and with less effort 6. Reduce costs and increase stability: faster time to value for clients through internal platform's out-of-the-box processes and workflows and consistent app deployment and management Recap: 6 key benefits when utilizing an IDP
  • 30.
    30 Confidential do notdistribute Questions?
  • 31.
    31 Whitepaper: The GitOpsGuide to Building & Managing Internal Platformshttp://bit.ly/3ynmtxs Learn more about Weave GitOps www.weave.works/enterprise Get started with our help: EKS Accelerator on AWS Marketplace Thank You