Date
Location
https://zoom.us/j/116073082
Attendees
Goals
Discussion items
| Time | Item | Who | Notes |
|---|
| 25 min | EKS cluster network design for FOLIO | |
|
Meeting notes- Kubernetes ingress on AWS is complex, especially when certificate management is taken into account
- New domain: ci.folio.org, with wildcard cert
- Ingress design – ALB load-balancer managed by pod within cluster, routing to nginx within the cluster
- Next up – set up ingress for Okapi for testing
- Ansible role has been created to generate correct VPC configuration
- Jenkins – TAMU alternative for automation
- Rancher can help manage Route 53 with "global DNS" – similar functionality to Kubernetes' external DNS controller
- Q: how close is this to a cookbook?
- Some internal documentation has been added to the (private) folio-infrastructure repo
- AWS permissions policies are very much a work in progress
- VPC architecture as created by Ansible role
- Worker nodes in private subnets across 2+ availability zone
- RDS in separate private subnet
- One public subnet for each availability zone.
- Only thing in public subnet is ALB and NAT gateways (requiring elastic IPs)
- Next piece will be diagram for ingress architecture
|
| Topics for 10 July | |
|
Meeting notes Next week Ian Hardy will talk about Okapi deployment |
Action items