Central Services Portal is in Beta. We need your feedback to ensure the best possible user experience. Any feedback you provide will help us help you! Please use the feedback tool at the bottom of any page.

Search Icon

Central Services Portal is in Beta. We need your feedback to ensure the best possible user experience. Any feedback you provide will help us help you! Please use the feedback tool at the bottom of any page.

Janus

What is it?

Janus is a multi-tenant EKS based kubernetes platform for running your containerized applications in public cloud and has the following features:

  • The platform in built on zero-trust policy to provide security, scalability & high availability for applications running inside.
  • Janus has dev and prod clusters running in active-passive setup(blue-green) in US-East and US-West regions for high availablility and zero-downtime. All clusters have the ability to autoscale based on demand and have Istio service mesh, which provides a uniform and more efficient way to secure, connect, and monitor microservices.
  • Multi-tenancy is achieved by separating application teams into namespaces within a cluster. Resource quotas are allocated by namespace based on team’s requirement. Right now, there is no hard limit on resources.
  • Janus supports bringing in your own certificates or use our cert-manager service to setup and manage TLS certs. Janus also has in-house observability stack for Monitoring(with Grafana dashboards), Logging & Tracing(with Opensearch dashboards) for all applications running inside.

Who is it for?

Janus is designed for teams that:

  • Require a scalable and highly available Kubernetes platform for running containerized applications in the public cloud.
  • Prioritize security and are looking for a platform built on a zero-trust policy.
  • Need a multi-tenancy solution to separate application teams and manage resource allocations effectively.
  • Value observability and require robust monitoring, logging, and tracing capabilities for their applications.
  • Prefer a platform with built-in features like Istio service mesh and TLS certificate management.
  • Are looking for a solution that can handle both development and production workloads with high availability and zero-downtime.

Janus is well-suited for organizations that want to leverage the benefits of Kubernetes while ensuring security, scalability, and efficient management of their containerized applications.

How to use it?

Setting up access to your dev/prod environments

Install the following tools (one time setup)

Authenticate with AWS account with selected IAM role

This is needed periodically – auth tokens expire every 8 hours

For example (you can substitute –role param below, if have other roles assigned to you and enter your password and MFA token when prompted):

➜  ✗ aadawscli --profile-name janususer --account-id 991476798176 --role OneCloud/janus-k8s-user

*This will open a web browser and prompt you to enter password and MFA token. After successful authentication you will get the following message*

Credentials saved successfully with profile name - janususer
To use these credentials, append the --profile janususer option at the end of each aws cli command.

You can use this script to set up AWS profiles for janus in US and EU.

Set up kubernetes (kubectl) context (one per cluster)

Use the aws profile authenticated in the previous step.
It’s also a good idea to specify the cluster alias (–name param below) to a short human-readable name.
The default alias (if –name is not specified) is the long cluster ARN.

Start with the dev/test cluster:

aws --profile janususer eks update-kubeconfig \
    --name eks-janus-test-east1-eksCluster-3127f11 \
    --alias janususerus

Set up contexts for all janus clusters

You can use these scripts to set up contexts for all janus dev and prod clusters.

Example:

~/projects/user-resources/scripts main ❯ DRYRUN=false AWS_PROFILE=janususer ./configure_contexts.bash                                                           task !13/32
+ aws eks update-kubeconfig --name eks-janus-test-east1-eksCluster-3127f11 --region us-east-1 --alias da-use1
Updated context da-use1 in /Users/vranga000/.kube/config
+ aws eks update-kubeconfig --name eks-janus-test-east1-b-eksCluster-767dd6d --region us-east-1 --alias db-use1
Updated context db-use1 in /Users/vranga000/.kube/config
+ aws eks update-kubeconfig --name eks-janus-prod-east1-eksCluster-4fd37c3 --region us-east-1 --alias pa-use1
Updated context pa-use1 in /Users/vranga000/.kube/config
+ aws eks update-kubeconfig --name eks-janus-prod-east1-b-eksCluster-e46fcb0 --region us-east-1 --alias pb-use1
Updated context pb-use1 in /Users/vranga000/.kube/config
+ aws eks update-kubeconfig --name eks-janus-prod-west2-eksCluster-6b856b5 --region us-west-2 --alias pa-usw2
Updated context pa-usw2 in /Users/vranga000/.kube/config
+ aws eks update-kubeconfig --name eks-janus-prod-west2-b-eksCluster-89fa69d --region us-west-2 --alias pb-usw2
Updated context pb-usw2 in /Users/vranga000/.kube/config

Deploy your application / service

 
Using helm charts

Helm charts are a great way to package and deploy applications to kubernetes clusters.
We have created a starter template to get started with packaging your chart for deployment to janus.

Point desired service CNAME to cluster gateway

cnames for janus clusters

Onboarding

For onboarding your application to Janus, please refer to the GitHub repo.

Start Onboarding

Support & Feedback

Support & feedback description

Slack Teams Feedback

Made with heart icon in Philadelphia
Presented by DevX | dx | Comcast Cloud Technologies

wpChatIcon
wpChatIcon
Provide Feedback