You have your installation running and your first workload clusters are up and running? Then you can find more advanced guides for optimization and specific solutions in this section.
From advanced configuration options for NGINX ingress controller, to running multiple ingress controllers, this sections provides some great depth around ingress.
- Service Mesh
Setup and configuration options for Linkerd, offering Service Mesh capabilities to your users.
This section focuses on advanced configurations as well as most critical upgrades for Workload Clusters.
- External Secrets Operator
External Secrets Operator is a managed application within our platform and this is what you need to know.
Advanced usage of persistent volumes, especially for Cloud Provider users.
- TLS certificates with cert-manager
Configure cert-manager to automatically obtain TLS certificates for Ingresses.
Here we describe how you can customize the configuration of the managed CoreDNS service in your clusters.
How to optimize costs of Workload Clusters resources with available tools on Giant Swarm.
- External DNS
This section provides configuration guides for advanced use cases of the External DNS App.
How to increase the uptime of your workload clusters by using multiple availability zones for worker nodes, or using control plane nodes in several availability zones.
- Spot instances/VMs
AWS spot instances and Azure spot virtual machines are a simple way to save on compute cost, if your use case permits it. Here you find documentation for using them with Giant Swarm Kubernetes clusters.
A brief overview of Crossplane and the (experimental) managed solution offered by Giant Swarm.
Learn how to use GitOps to manage the workload clusters and all the resources running in them.
- Node pools
A general description of node pools as a concept, it's benefits, and some details you should be aware of.
- Automatic termination of unhealthy nodes
Unhealthy cluster nodes can lead to impaired workload reliability and wasted cluster resources. Here we explain how you can activate automatic termination of such nodes.
- IAM roles for service accounts
This article describes how to use a new feature that allows binding of specific AWS IAM roles to a service account of a pod.
- Security policy enforcement
This article describes the security policies enforced in a cluster and how to resolve failing resources.
- Tag Persistent Volumes on AWS
This article describes how tag Persistent Volumes using a EBS Storage Class on AWS.
- Use cgroups v1
This article describes how to force nodes to use legacy control groups (cgroups) v1 instead of the default v2.
- Cluster autoscaler
Here we describe how you can customize the configuration of the managed cluster autoscaler service in your workload clusters.
- OIDC auth for workload clusters
A general explanation on how to install and configure Dex to work as an authenticator mechanism to provide OpenID tokens.
- Labelling clusters
Guide on using labels with workload clusters for the purpose of grouping, categorization and selection.
- Authenticating with Azure AD
Tutorial on how to setup Authentication with Microsoft Azure Active Directory in kubectl.
- Accelerated networking on Azure
A general description of the accelerated networking for Azure VMs feature and how it works on Giant Swarm clusters.
- Egress IP address on Azure
How to reuse an existing public IP address for outgoing traffic of worker nodes on Azure.
- Using GPUs
Here we explain how to make the GPU driver for Flatcar container linux available so that workloads can use GPUs.
- Etcd Quota Backend Bytes
Since version 18.3.0 it's now possible to adjust the Etcd `--quota-backend-bytes` which allows to increase Etcd's keyspace database size.
- Network pools
A general description of network pools as a concept, it's benefits, and some details you should be aware of.
- Custom admission controllers
Tutorial on how to create your own admission controller to enforce custom rules and policies in the resources created in your Kubernetes cluster.
By default, all your workload clusters run in the same cloud provider account. With multi-account support for AWS and Azure, you can define a specific cloud provider account to use per organization.
- Kernel settings
Complete list of the kernel settings we apply to all cluster nodes, be it control plane or worker.