hands-on lab

Amazon EKS - Deploy Cilium CNI and Secure Pod Communications using Network Policies

Intermediate
Up to 1h 30m
114
5/5
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.

Description

Cilium is an open source software for providing, securing and observing network connectivity between container workloads - cloud native, and fueled by the revolutionary Kernel technology eBPF.

In this Lab scenario, you'll learn how to reconfigure an EKS cluster to utilize Cilium as it's CNI provider. 

You'll also learn how to deploy a sample Star Wars themed application into the cluster, and then secure it using Cilium based Network Policies.

May the force be with you!

Learning Objectives

Upon completion of this Lab, you will be able to:

  • Reconfigure EKS to utilize Cilium as it's CNI provider
  • Deploy a sample Star Wars themed application
  • Secure Pod inter-communication using Cilium based Network Policies

Intended Audience

This lab is intended for:

  • Kubernetes practitioners
  • DevOps Engineers

Lab Prerequisites

You should be familiar with:

  • Basic Linux command line administration
  • Basic Kubernetes and Container-based concepts

Consider taking the following courseware in preparation for this lab:

Lab Environment

This Lab will start with the following AWS resources provisioned automatically for you:

  • 1 x EKS cluster - Cluster-1 - provides a fully functional Kubernetes cluster 
    • 1 x NodeGroup
      • 1 x EC2 Worker Nodes
  • 2 x EC2 instances
    • eks.launch.instance - used to launch the EKS cluster (not accessible)
    • cloudacademylabs - used to provide SSH access to administer the EKS cluster

Updates

December 5th, 2023 - Updated Kubernetes version

March 6th, 2023 - Updated to K8s 1.24

Environment before

Environment after

About the author

Avatar
Jeremy Cook, opens in a new tab
Content Lead Architect
Students
162,442
Labs
84
Courses
106
Learning paths
214

Jeremy is a Content Lead Architect and DevOps SME here at Cloud Academy where he specializes in developing DevOps technical training documentation.

He has a strong background in software engineering, and has been coding with various languages, frameworks, and systems for the past 25+ years. In recent times, Jeremy has been focused on DevOps, Cloud (AWS, Azure, GCP), Security, Kubernetes, and Machine Learning.

Jeremy holds professional certifications for AWS, Azure, GCP, Terraform, Kubernetes (CKA, CKAD, CKS).

Covered topics

Lab steps

Logging In to the Amazon Web Services Console
Connecting to the Virtual Machine using EC2 Instance Connect
Reviewing Amazon EKS Resources Automatically Created
Installing Kubernetes Management Tools and Utilities
Install Cilium CNI
Deploy Star Wars Cluster Resources
Secure Pod Communications