In this EKS-focused workshop, you will work with AWS and Calico Cloud to learn how to utilize the observability plane of Calico Cloud to visualize traffic, help with troubleshooting connections and to implement zero-trust security for workloads to reduce the attack surface of applications running on EKS.
In Kubernetes, the network architecture is much flatter, and thus creates a challenge for the more traditional means of observing flows in the network. However the need for observability does not go away with Kubernetes and remains a critical requirement for cluster admins, Devops and security teams to efficiently and effectively secure the Kubernetes landscape. Any potential observability tool must understand the dynamic nature of K8s components and report data that is relevent and valuable to ensure the correct decisions are made when securing and debugging Kubernetes clusters. Calico Cloud offers 3 observability tools, Service Graph, FlowViz and Kibana, that we will look at in more detail in this workshop along with network policies and using these tools to check and improve security by implementing a zero-trust policy model.
You will come away from this workshop with an understanding of how others in your industry are securing and observing cloud-native applications in AWS, along with best practices you can implement in your organization.
The estimated time to complete this workshop is 60-90 minutes.
- Cloud Professionals
- DevSecOps Professional
- Site Reliability Engineers (SRE)
- Solutions Architects
- Anyone interested in Calico Cloud :)
This workshop is organized in sequential modules. One module will build up on top of the previous module, so please, follow the order as proposed below.
Module 1 - Getting Started
Module 2 - Deploy an AWS EKS cluster
Module 3 - Connect the AWS EKS cluster to Calico Cloud
Module 4 - Observe traffic flows in Calico Cloud
Module 5 - Secure pod traffic using Calico Policy Recommender
Module 6 - Zero-trust security for pod traffic
Module 7 - Use Observability to Troubleshoot Connectivity Issues
Module 8 - Clean up
- Project Calico
- Calico Academy - Get Calico Certified!
- O’REILLY EBOOK: Kubernetes security and observability
- Calico Users - Slack
Note: The examples and sample code provided in this workshop are intended to be consumed as instructional content. These will help you understand how Calico Cloud can be configured to build a functional solution. These examples are not intended for use in production environments.