Echoing others' comments below; great work (as usual) Tom and Theo! During t=19:10 to 21:10, the key difference in the 2 scenarios is the location of the Worker node -- Public Subnet as in the first case (Source NAT enabled, _EXTERNALSNAT=false) where the NAT Gateway is bypassed and goes directly to IGW because it already has route to Internet (it's in the Public subnet with such a route), and Private Subnet as in the 2nd case (Source NAT disabled, _EXTERNALSNAT=true) where the NAT Gateway performs the necessary translation (or NAT64 if it's an IPv6 address) before advertising to IGW and onward to the Internet. Tom did explain this, but the slide transition was fast so I missed this initially; this nuance helped me understand the two use-cases; it may help others too.
One of the best videos out there on Amazon EKS networking !!
Echoing others' comments below; great work (as usual) Tom and Theo! During t=19:10 to 21:10, the key difference in the 2 scenarios is the location of the Worker node -- Public Subnet as in the first case (Source NAT enabled, _EXTERNALSNAT=false) where the NAT Gateway is bypassed and goes directly to IGW because it already has route to Internet (it's in the Public subnet with such a route), and Private Subnet as in the 2nd case (Source NAT disabled, _EXTERNALSNAT=true) where the NAT Gateway performs the necessary translation (or NAT64 if it's an IPv6 address) before advertising to IGW and onward to the Internet. Tom did explain this, but the slide transition was fast so I missed this initially; this nuance helped me understand the two use-cases; it may help others too.
Great content on EKS networking options, so far best video I have found 🎉
Kudos to both architects
Awesome !! Certainly one of the best content on the subject
so prefix solution is only supported on nitro instance types , which is again not good.
great talk, thansk
Super good presentation!
Loved the presentation and ease of explanation!👍
非常好👍