APPUiO Managed Kubernetes Services FAQ
1. General
Q: How long does it take to setup a Cloud Kubernetes Cluster?
A: A Cloud Kubernetes Cluster will be fully setup and handed over at the end of two sprints (four weeks).
Q: What is included inside this product / What are the benefits I receive from your services?
A: Details about the product, including type of features, can be found on https://products.vshn.ch/appuio/managed/kubernetes_services.html. In addition to providing a Cloud Kubernetes Cluster, we provide support for any questions that might arise. We take care of monitoring, maintenance and offer a backup solution (k8up). Leveraging terraform and Project Syn, we make sure your services are always in the desired state and available for you to run your applications. We also offer various SLAs for all our services.
Q: How much does it cost to run a cluster from vendor XYZ?
A: In addition to the cost from the different cloud providers, there is a management fee per cluster and per node. Depends on your specific requirements, we are happy to provide you with an individual offer.
Q: What VSHN exactly offers that AWS/Google/Azure/Exoscale Cloud is not offering?
A: (Same as above) Details about the product, including type of features, can be found on https://products.vshn.ch/appuio/managed/kubernetes_services.html. In addition to providing a Cloud Kubernetes Cluster, we provide support for any questions that might arise. We take care of monitoring, maintenance and offer a backup solution (k8up). Leveraging terraform and Project Syn, we make sure your services are always in the desired state and available for you to run your applications. We also offer various SLAs for all our services.
Q: Is GKE/GCP/EKS/AWS/AKS/Azure feature XYZ supported?
A: Details about the product, including type of features, can be found on https://products.vshn.ch/appuio/managed/kubernetes_services.html. If you need any additional features, feel free to contact us for an individual offer.
2. Logging / Monitoring
Q: Can I integrate with our existing logging/monitoring solution? (e.g. the Hyperscaler’s logging or monitoring solution)
A: You always have the option to leverage the Cloud Provider’s logging and monitoring offerings. In addition to that, we will always deploy our own monitoring stack managed by Project Syn, to integrate with our central monitoring and alerting.
Q: Should I use Cloud Specific Metrics and Logging?
A: It often makes sense to enable the cloud specific metrics and logging. Since cloud based deployments also log to those data stores, this gives a central view about your system.
Exception: For monitoring and alerting, Prometheus does make more sense for us, as it is available for all K8s distributions and flavors.
See the AKS draft: https://git.vshn.net/vshn/docs/products/-/merge_requests/147
3. Infrastructure
Q: Is it recommended deploying a cluster across different Availability Zones (AZs)? / What are the benefits, doing so?
A: Clusters deployed with multiple availability zones configured across a cluster provide a higher level of availability to protect against a hardware failure or a planned maintenance event. We therefore recommend to always deploy clusters across multiple zones unless it is a staging environment where service interruptions can occur at any time.
4. Network
Q: Overlapping IP Ranges with the existing customer networks?
A: If you have specific requirements regarding IP address subnets let us know as early as possible in the solution design process.
5. Access Management
Q: Is the Kubernetes API external available?
A: The kubernetes API is externally available via our central Rancher instance. In addition to that you can decide to also expose the kubernetes API at the cloud provider level.
6. Compute
Q: Is VSHN capable of providing ARM nodes?
A: We currently do not support clusters with ARM nodes.
7. Storage
Q: Availability on RWO, RWX, Object Storage, etc.?
| RWO |  | | |  |
| RWX | | |  * | |
| Object Storage | | | | |
| Local disks / local storage | | |
* (limited to File storage which starts with 1TB)
Q: Minimum amount of RWX?
| AKS (Azure) | Premium file share capacity: 100GiB Standard file share capacity: 4GiB |
| EKS (AWS) | At least 10GiB (Default) |
| GKE (Google) | Limited to File storage which starts with 1TB |
8. Ingress
Q: Application Load Balancer or/and NGNIX Ingress?
A: Per default, we setup the cluster with the chosen cloud vendor’s default load balancer. Upon request, it’s also possible to deploy an NGINX ingress controller instead of or in addition to the vendor’s load balancer.
9. Egress
Q: Which cloud vendor provides Fixed public IPs (to be used in firewall rules on different sites)
A: For outbound connections where a static IP address is required, the following solutions are available:
- GKE: Cloud NAT
- AKS: NAT Gateway
- EKS: NAT Gateway
- SKS: SKS NAT Gateway (untested)
10. Container Registry
Q: Container or Artifact Registry for the cluster possible / available?
A: We can provide the services offered by the different cloud providers:
- GKE: Artifact Registry
- AKS: Azure Container Registry
- EKS: Amazon Elastic Container Registry
- SKS: Not available
11. Data Encryption
Q: Are the K8up Backup encrypted?
A: All backups made by K8up are encrypted at rest, as we’re using restic in the background, which encrypts by default.