2 回答
- 最新
- 投票最多
- 评论最多
0
Have you reviewed this project: https://github.com/aws-samples/crossplane-aws-blueprints ? While it may not be exactly what you need, I think it will help you, nonetheless.
已回答 2 年前
0
- It seems your separation between tenant is based on namespaces. Depends on your data security requirements, it could be a weak separation. You do want to review your requirements, potentially implement additional security / policy controls / enforcement, and even consider cluster level separation for larger deployments, refer here;
- Not to push for AWS consumption but in many cases from a production deployment perspective you might want to consider putting the control plane of your offering together with your data plane (i.e. both on AWS). This simplifies networking connectivity and potentially help with high availability. Depends on how much data flows between them, you can reduce data transfer cost as well which offset the cluster cost.
- From client management perspective, there is not much special to begin with other than the multi-tenancy consideration for a regular Kubernetes cluster(s). To get started, have you looked into this workshop before?
已回答 2 年前
- Yes, I'll add Network Policies, RBAC and PodPolicies, if the project is a success, I will certainly migrate to a multi-cluster infrastructure
- I am aware of this but for now the data flow is negligible. It is indeed planned to migrate the internal cluster to AWS
- I didn't know about this workshop, I'll definitely take a look at it, thanks !
Yes I know, I saw these blueprints, thanks for the link