Open matusdrobuliak66 opened 7 months ago
We can have Cluster EC2 Instances running in private subnets and being reachable via AWS NLB (source: SO Answer)
configure_kubernetes
step fails (fail to restart kubelet and awaits for privilage escalation). Works locally on a different ansible verisonmake helmfile-diff
fails if nothing is deployed (could be related to CRDs installation)
helmfile sync
manually (2x times). Then it got resolved.k8s plan
fails, no simcore
services can be deployedbridge
docker networks uses default pool and not the one we configure (old issue)p.s. checked items are already fixed in code :)
Manual steps
Currently, our EC2 instances are publicly available.
By setting up the Docker Swarm nodes in private subnets and routing their outbound traffic through a NAT Gateway, we effectively hide them from direct access from the internet. This setup adds an additional layer of security to our infrastructure.