Several other K8s Reference Solution improvemens

To complement today’s barrage of changelog updates, here’s some miscellaneous additions that didn’t make it in onther post 😁:

  • Usage of auth-proxy for accessing the Kubernetes Dashboard on EKS clusters, removing the need to re-generate a new token every 15 minutes while all RBAC rules stay in place (not using a generic Service Account to login).
  • The Kubernetes metrics-server is now deployed by default on all our EKS-managed clusters. This allows you to check resource usage through kubectl top and, more inportantly, use the Horizontal Pod Autoscaler (HPA) with these exposed metrics.
  • Inclusion of an (optional) OpenVPN add-on, allowing you to securely access both K8s cluster Services and other AWS resources. This also comes in handy when for example developing a service locally while connecting to other services on your development K8s cluster/namespace.
  • Upgraded Helm (Tiller) to v2.16.1 on all managed clusters. Migration to Helm v3 is on our roadmap for the coming months.
  • Optional creation of VPC Endpoints for services like S3, DynamoDB, ECR and so on. This allows traffic related to those services to stay within the VPC network, instead of going through the public AWS network.