Anthos Attached Clusters

Next in our series of posts taking a look at Google Cloud Anthos functionality, we’re going to take a look at attaching Kubernetes clusters running in AKS and EKS to Anthos in Google Cloud. This builds on the multi-cloud capabilties of Anthos we saw previously with GKE on AWS moving to GA. Anthos is orientated around being the management plane for all of your enterprise workload clusters, providing a centralised, consolidated hub to orchestrate infrastructure and applications.

GKE on AWS

This is the first in a series of posts taking a look at Google Cloud Anthos, and how it seeks to facilitate digital transformation and become the management plane for enterprise workloads across hybrid and multi-cloud environments, starting with GKE on AWS becoming generally available. The value proposition of Anthos is to enable environmental agnosticism, with containers and Kubernetes being the common denominator for our workloads. This allows for a level of portability through Anthos to manage workload deployments and lifecycles across multi-cloud (GCP, AWS and Azure), as well as on-prem data centres (VMWare & bare metal).

How a simple admission webhook lead to a cluster outage

Jetstack often works with customers to provision multi-tenant platforms on Kubernetes. Sometimes special requirements arise that we cannot control with stock Kubernetes configuration. In order to implement such requirements, we’ve recently started making use of the Open Policy Agent project as an admission controller to enforce custom policies.

This post is a write up of an incident caused by misconfiguration of this integration.

Introducing our best-practice GKE Terraform module

Jetstack works with many customers using Google Cloud’s Kubernetes Engine (GKE). We work closely with teams to configure their clusters to conform with best practices. While GKE’s robust default settings provide an excellent abstraction of the lower level details of control plane configuration, there are still many more considerations when automating the build of a production grade cluster. Automating Cluster Deployments To ensure deployments of clusters are as reliable as possible it’s best to automate as much as possible.