
Zalando Manages 140 Kubernetes Clusters - hjacobs
https://srcco.de/posts/how-zalando-manages-140-kubernetes-clusters.html
======
sandGorgon
> _Each cluster lives in a completely new and isolated AWS account._

Google Cloud does this so well. I still dont understand why AWS cant create
project level isolation. Conceptually it is IAM with some namespaces ... or
even autogenerated IAM.

But the usability is incredible.

~~~
hjacobs
True, but at least they now have an API for account creation (AWS
Organizations) --- it was really painful in 2015/16 to script (in the
browser!) all necessary steps for account creation (add credit card, remove it
again [to switch to invoice], etc)

~~~
sandGorgon
No it doesn't work very well. Because AWS organisation absorb billing as well.
We use reseller billing in both AWS and GCP.

In GCP, the projects don't affect the billing. However in AWS, I can't have
accounts in one organisation and consolidated billing in another (the reseller
Organization).

Its a mess.

