You have your installation running and your first workload clusters are up and running? Then you can find more advanced guides for optimization and specific solutions in this section.
- Ingress
From advanced configuration options for NGINX ingress controller, to running multiple ingress controllers, this sections provides some great depth around ingress.
- Service Mesh
Setup and configuration options for Linkerd, offering Service Mesh capabilities to your users.
- Upgrades
This section focuses on advanced configurations as well as most critical upgrades for Workload Clusters.
- External Secrets Operator
External Secrets Operator is a managed application within our platform and this is what you need to know.
- Storage
Advanced usage of persistent volumes, especially for Cloud Provider users.
- TLS certificates with cert-manager
Configure cert-manager to automatically obtain TLS certificates for Ingresses.
- CoreDNS
Here we describe how you can customize the configuration of the managed CoreDNS service in your clusters.
- Cost-optimization
How to optimize costs of Workload Clusters resources with available tools on Giant Swarm.
- External DNS
This section provides configuration guides for advanced use cases of the External DNS App.
- High-availability
How to increase the uptime of your workload clusters by using multiple availability zones for worker nodes, or using control plane nodes in several availability zones.
- Spot instances/VMs
AWS spot instances and Azure spot virtual machines are a simple way to save on compute cost, if your use case permits it. Here you find documentation for using them with Giant Swarm Kubernetes clusters.
- Crossplane
A brief overview of Crossplane and the (experimental) managed solution offered by Giant Swarm.
- GitOps
Learn how to use GitOps to manage the workload clusters and all the resources running in them.
- Node pools
A general description of node pools as a concept, it's benefits, and some details you should be aware of.
- Automatic termination of unhealthy nodes
Unhealthy cluster nodes can lead to impaired workload reliability and wasted cluster resources. Here we explain how you can activate automatic termination of such nodes.
- IAM roles for service accounts
This article describes how to use a new feature that allows binding of specific AWS IAM roles to a service account of a pod.
- Security policy enforcement
This article describes the security policies enforced in a cluster and how to resolve failing resources.
- Tag Persistent Volumes on AWS
This article describes how tag Persistent Volumes using a EBS Storage Class on AWS.
- Use cgroups v1
This article describes how to force nodes to use legacy control groups (cgroups) v1 instead of the default v2.
- Cluster autoscaler
Here we describe how you can customize the configuration of the managed cluster autoscaler service in your workload clusters.
- OIDC auth for workload clusters
A general explanation on how to install and configure Dex to work as an authenticator mechanism to provide OpenID tokens.
- Labelling clusters
Guide on using labels with workload clusters for the purpose of grouping, categorization and selection.
- Authenticating with Azure AD
Tutorial on how to setup Authentication with Microsoft Azure Active Directory in kubectl.
- Accelerated networking on Azure
A general description of the accelerated networking for Azure VMs feature and how it works on Giant Swarm clusters.
- Egress IP address on Azure
How to reuse an existing public IP address for outgoing traffic of worker nodes on Azure.
- Using GPUs
Here we explain how to make the GPU driver for Flatcar container linux available so that workloads can use GPUs.
- Etcd Quota Backend Bytes
Since version 18.3.0 it's now possible to adjust the Etcd `--quota-backend-bytes` which allows to increase Etcd's keyspace database size.
- Network pools
A general description of network pools as a concept, it's benefits, and some details you should be aware of.
- Custom admission controllers
Tutorial on how to create your own admission controller to enforce custom rules and policies in the resources created in your Kubernetes cluster.
- Multi-account
By default, all your workload clusters run in the same cloud provider account. With multi-account support for AWS and Azure, you can define a specific cloud provider account to use per organization.
- Kernel settings
Complete list of the kernel settings we apply to all cluster nodes, be it control plane or worker.