EKS 1.34 to 1.35 Upgrade — A Best-Practices-Driven Verification
Upgrading EKS following AWS best practices end-to-end: Cluster Insights, deprecated API scanning, PDB-backed availability guarantees, and post-upgrade validation.
← All Tags
Tag: #eks
Content tagged with "eks"
Blog Posts
Set Up EKS ArgoCD Capability with eksctl — One YAML File for a GitOps Environment
Create an ArgoCD Capability using eksctl's declarative YAML config and deploy a sample app. Covers the differences from AWS CLI and CloudFormation behavior.
Build a Managed GitOps Environment with EKS Capabilities ArgoCD
Enable ArgoCD Capability on EKS via AWS CLI and deploy a sample app end-to-end. Covers real gotchas like Identity Center region mismatch and access policy setup.
FQDN-Based Traffic Control with EKS Enhanced Network Policies
Verified ClusterNetworkPolicy and ApplicationNetworkPolicy on EKS Auto Mode. Domain name-based egress filtering enables multi-layered access control that restricts pods to specific external services only.
Visualizing Karpenter Internals with EKS Auto Mode Enhanced Logging
Set up CloudWatch Vended Logs for EKS Auto Mode's 4 components (Compute/Block Storage/Load Balancing/IPAM) and analyze scale-up to scale-down behavior with Logs Insights queries.
Building a Low-Maintenance Kubernetes Cluster with EKS Auto Mode
Set up an EKS cluster with Auto Mode enabled using a single eksctl command. Covers how Auto Mode eliminates node group management and when to choose it over traditional managed node groups.
TIL
A DELETE_FAILED CloudFormation stack blocks eksctl create cluster
eksctl create cluster fails with AlreadyExistsException when a DELETE_FAILED CloudFormation stack lingers from a previous attempt. Manually delete the stack to unblock.
1 min read
EKS Auto Mode automatically terminates empty nodes
EKS Auto Mode (Karpenter) auto-terminates nodes with no pods via DisruptionTerminating: Empty. Expected cost-optimization behavior, not an error.
1 min read
aws eks list-insights detects upgrade blockers before you hit them
EKS Cluster Insights automatically checks kubelet version skew, add-on compatibility, and cluster health. Pair with kubent/pluto for a solid pre-upgrade checklist.
1 min read
topologySpreadConstraints needs zone spread, not just hostname
hostname spread alone can land all pods in the same AZ. Add topology.kubernetes.io/zone to guarantee cross-AZ distribution.
1 min read
Find Identity Center's home region by running sso-admin list-instances per region
Identity Center looks global but lives in a specific region. Specifying the wrong idcRegion in EKS Capabilities triggers AccessDeniedException.
1 min read
EKS access entries and access policies are separate — you need both
The access entry auto-created by EKS Capabilities has no deploy permissions. Without associate-access-policy, ArgoCD Application sync silently fails.
1 min read