+++
author = "AWS Kubernetes Developer Advocates"
categories = ["Archive", "2022", "Weekly"]
date = 2022-07-29T07:00:00Z
description = "#026 edition of the EKS newsletter"
draft = false
slug = "026"
title = "EKS News 026"
+++
<br/><br/><br/><br/>

## AWS Container Announcements

* [AWS Fault Injection Simulator now supports ChaosMesh and Litmus experiments](https://aws.amazon.com/about-aws/whats-new/2022/07/aws-fault-injection-simulator-supports-chaosmesh-litmus-experiments/)
  * Using the new Kubernetes custom resource action for AWS FIS, you can control ChaosMesh and Litmus chaos experiments from within an AWS FIS experiment

## AWS Container Blogs

* [Using Amazon EBS snapshots for persistent storage with your Amazon EKS cluster by leveraging add-ons](https://aws.amazon.com/blogs/containers/using-amazon-ebs-snapshots-for-persistent-storage-with-your-amazon-eks-cluster-by-leveraging-add-ons/)
  * A very timely article considering the pending release of EKS 1.23 where installation of the EBS CSI driver will be required
  * The CSI driver includes support for Kubernetes Volume Snapshots which lets you create a copy of your Amazon EBS volume at a specific point in time
  * The snapshotter is a separate component that has to be installed prior to the EKS add-on for the EBS CSI driver
  * Once the snapshotter is installed, you can use a CRD to create an EBS snapshot
  * You can use snapshots to migrate your EBS volumes from gp2 to gp3 as described in this earlier [blog](https://aws.amazon.com/blogs/containers/migrating-amazon-eks-clusters-from-gp2-to-gp3-ebs-volumes/)

* [Using CDK to perform continuous deployments in multi-region Kubernetes environments](https://aws.amazon.com/blogs/containers/using-cdk-to-perform-continuous-deployments-in-multi-region-kubernetes-environments/)
  * This post shows you how to create EKS clusters in multiple AWS Regions using CDK and create a continuous deployment pipeline for infrastructure and application changes
  * [Kubernetes Multi-Region with CDK Lightboard Video](https://youtu.be/V6nWdCoSKTg)
  * If you prefer a declarative approach to provisioning and managing infrastructure consider these options:
    * [Crossplane](https://crossplane.io/)
    * [ACK](https://aws-controllers-k8s.github.io/community/docs/community/overview/)
    * [EKS Blueprints](https://aws-ia.github.io/terraform-aws-eks-blueprints/main/)

* [Optimize your Spring Boot application for AWS Fargate](https://aws.amazon.com/blogs/containers/optimize-your-spring-boot-application-for-aws-fargate/)
  * Shorten the time to bootstrap your container and the application by following these recommendations:
    * Use only the required dependencies
    * Replace Tomcat with Undertow, which is a more lightweight and performant web container
    * Use the standard DynamoDB client instead of the enhanced client
    * Use Amazon Corretto 18 and build your own runtime using jdeps and jlink
    * Add GraalVM with Spring Native, GraalVM is a high-performance distribution of the JDK and transforms bytecode into machine code
    * Use quay.io/quarkus/quarkus-distroless-image as the parent image for x86
  * See also the recent CFTC video on [slim.ai](https://youtu.be/DA4ArZYJ1-E)

* [Amazon Detective Supports Kubernetes Workloads on Amazon EKS for Security Investigations](https://aws.amazon.com/blogs/aws/amazon-detective-supports-kubernetes-workloads-on-amazon-eks-for-security-investigations/)
  * Monitor activities recorded in the EKS audit logs and correlate them to user activity and network traffic happening across your AWS accounts
  * Detective provides a data analysis and a visualization layer that answers common security questions
  * It's backed by a behavioral graph database that allows you to quickly investigate potential malicious behavior associated with your EKS workloads
  * Free 30-day trial for all customers

## Ecosystem News

* Take the CNCF Cloud Native [Survey](https://www.research.net/r/T6D29LS) 2022

* [Get a free MFA security key](https://aws.amazon.com/blogs/security/eligible-customers-can-now-order-a-free-mfa-security-key/)
  * Only U.S.-based AWS account root users who have spent more than $100 each month over the past 3 months are eligible to place an order
  * Order the free security key through the [ordering portal](https://console.aws.amazon.com/securityhub/home/#/free-mfa-security-key)

* [Using Fluent Bit and OpenSearch with Bottlerocket and Kubelet logs](https://opensearch.org/blog/technical-post/2022/07/bottlerocket-k8s-fluent-bit/)
  * Show how to run OpenSearch with the OpenSearch Operator on Kubernetes using Bottlerocket OS
  * Adds the Fluent Bit to collect logs from the nodes of the same Kubernetes cluster and sends them to OpenSearch

* [Multi-part blog series on EKS-A](https://ambar-thecloudgarage.medium.com/eks-anywhere-extending-the-hybrid-cloud-momentum-1c7b82f610e)

* [Gateway API graduates to beta](https://kubernetes.io/blog/2022/07/13/gateway-api-graduates-to-beta/)

* [What is eBPF](https://www.groundcover.com/blog/what-is-ebpf)
  * Intimidated by eBPF? Try [BumbleBee](https://github.com/solo-io/bumblebee)

* [Kubernetes Observability in One Command: How to Generate and Store OpenTelemetry Traces Automatically](https://www.timescale.com/blog/generate-and-store-opentelemetry-traces-automatically/)

* [Kyverno: The Swiss Army Knife of Kubernetes](https://neonmirrors.net/post/2021-01/kyverno-the-swiss-army-knife-of-kubernetes)

## GitHub Projects

* [Kuberbetes Event Exporter](https://github.com/resmoio/kubernetes-event-exporter/)
  * Export your Kubernetes events to different managed services and backends

## For Fun

* [Turtles all the way down](https://twitter.com/memenetes/status/1552685714755784713?s=21&t=sNnfK4HfE1lF0gwa_MwIPg)
* [Learn and practice Kubernetes security](https://github.com/madhuakula/kubernetes-goat)
* Interested in Machine Learning? Try this new [course](https://www-amazon-science.cdn.ampproject.org/c/s/www.amazon.science/latest-news/amazon-machine-learning-university-new-courses-mlu-explains?_amp=true) from Amazon Machine Learning University
{{< eo >}}