Hierarchical Namespace Controller support in EKS

0

does EKS support "Hierarchical Namespace Controller" ? https://github.com/kubernetes-sigs/hierarchical-namespaces

It's in beta in GCP - https://cloud.google.com/anthos-config-management/docs/how-to/installing-hierarchy-controller

Are there recommendations for soft multi-tenancy in a large shared-cluster for an enterprise in EKS ? I looked at this - https://aws.github.io/aws-eks-best-practices/security/docs/multitenancy/ but would prefer using HNC.

Also, what are pros and cons when it comes to using Hierarchical Namespace Controller (HNC) and Virtual Cluster for soft multi-tenancy ? Will I get HA for control-plane in vCluster or it'll become cost prohibitive ?

preguntada hace 2 años451 visualizaciones
2 Respuestas
1

EKS supports many add-ons so long as they don't require modifications to core control-plane pods and etcd. Based on the requirements of HNC (https://github.com/kubernetes-sigs/hierarchical-namespaces/blob/master/docs/user-guide/faq.md), I don't see a reason it would not work. However, be cautious of the word "support", as that answer implies AWS Support will help you with it.

EKS and AWS would not limit the High Availability of HNC. I recommend using a topology constraint to set it up across multiple availability zones. Read here: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/

This is AWS's definitive source of multi-tenancy suggestions for EKS, as you noted: https://aws.github.io/aws-eks-best-practices/security/docs/multitenancy/. If it doesn't mention HNC, then AWS has no stance on it published.

AWS
respondido hace un año
1

As Kubernetes is an open-source platform there are several projects and solutions that are created by the community. EKS strives to provide the best experience for our customers running Kubernetes on AWS. Our roadmap is driven by customer input and is published in GitHub[1]. Currently, we do not have any plans to provide hierarchical namespaces (HNC) natively. However, customers may consider exploring custom solutions or third-party controllers to address their immediate needs.

[1] https://github.com/aws/containers-roadmap

Thank you !

AWS
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas