#kubernetes
Explanation 5
- Updated 2026-06-02
ECR Pull-Through Cache
The ECR Pull-Through Cache (PTC) is an AWS-managed feature that transparently mirrors container images from upstream public registries into your own Amazon ECR. Skyscrapers uses it to guard your EKS clusters from upstream registry outages and rate limits, …
- Updated 2026-05-12
Dynamic, whitelabel-style Ingress to your application
If your application allows for end-customers to use their custom domain, we’ve offered Caddy to provide on-demand SSL certificates for a while. However with our Kubernetes reference solution there is a more native and scalable solution through the …
- Updated 2026-05-12
Helm
Overview Helm is a package manager for Kubernetes, providing a simple and efficient way to manage Kubernetes applications. It allows users to define, install, and upgrade even the most complex Kubernetes applications. Helm uses a packaging format called …
- Updated 2026-05-12
Ingress
Overview An Ingress Controller is a specialized load balancer for Kubernetes that manages external access to services within a cluster. While Kubernetes Services expose applications internally, an Ingress Controller acts as the entry point for HTTP/HTTPS …
- Updated 2026-05-12
Kube-green
Introduction Kube-green is an open-source Kubernetes operator that automatically shuts down and restarts workloads on a defined schedule. Its primary use case is reducing resource consumption and cloud costs by scaling down environments during off-hours, …
How-to guides 7
- Updated 2026-06-02
How-to use the ECR Pull-Through Cache
This guide covers how to enable the ECR Pull-Through Cache for your clusters. The default tier (quay.io and registry.k8s.io) is fully managed by Skyscrapers; there is nothing for you to do. The opt-in tiers (docker.io, ghcr.io, registry.gitlab.com) require …
- Updated 2026-05-28
Wireguard VPN
Introduction This page describes how to use the Wireguard VPN add-on to securely connect to your Kubernetes cluster and AWS VPC. While we recommend using Tailscale as full-fledged solution, we also provide Wireguard as a simple, cheaper and self-managed …
- Updated 2026-05-12
AWS Load Balancer Controller
Introduction This page describes how to use the AWS Load Balancer Controller as Ingress Controller in your Kubernetes cluster. The ALB controller provisions AWS Application Load Balancers for your Kubernetes Ingress resources. Pre-requisites First …
- Updated 2026-05-12
Cert-Manager
Let’s Encrypt certificates SSL certificates can be automatically fetched and setup for applications deployed on the Kubernetes cluster via cert-manager. We deploy a letsencrypt-prod ClusterIssuer by default, which uses dns01 validation via Route 53. …
- Updated 2026-05-12
Kube-green Setup
Introduction This guide shows how to enable kube-green on your cluster and configure sleep schedules to automatically scale down workloads during off-hours. For background on what kube-green is and how it works, see the explanation page. Enabling …
- Updated 2026-05-12
OpenVPN
Note The OpenVPN component in the SKsycrapers platform is considered deprecated and will be removed during the course of 2025. We recommend using Tailscale or Wireguard instead for secure VPN connectivity to your environment: Refer to our Tailscale setup …
- Updated 2026-05-12
Traefik Ingress
Introduction This page describes how to use various features of Traefik as an Ingress Controller in your Kubernetes cluster. These are the most common examples we notice when helping our customers to set up Ingresses. Pre-requisites First determine whether …
Changelog (2025) 23
- 2025-12-08
Upgraded cluster add-ons
The following updates have been rolled out to all non-production clusters. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: amazon-eks-ami v20251120 Root block volume has been migrated from gp2 …
- 2025-12-04
New Feature: Seekable OCI Parallel Pull mode for Amazon EKS
We have implemented support for an experimental feature called Seekable OCI (SOCI) parallel pull mode in our node pools. This enhancement allows for faster and more efficient container image pulls by enabling parallel downloads of image layers, …
- 2025-12-04
New Feature: S3 CSI Driver for EKS Clusters
We are excited to announce support for the S3 Container Storage Interface (CSI) Driver on our EKS clusters. This new feature allows Kubernetes workloads to seamlessly interact with Amazon S3 storage, enabling applications to read and write data directly to …
- 2025-11-13
Upgrading EKS clusters to v1.33 + node auto repair feature
Update 2025-10-21: These changes have been rolled out to all clusters. We are rolling out EKS v1.33. Please make sure to update to our recommended client versions matching this upgrade. This upgrade promotes the in-place resource resize API to beta, …
- 2025-09-25
Upgraded cluster add-ons
The following updates have been rolled out to all non-production clusters. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: amazon-eks-ami v20250904 aws-ebs-csi-driver v1.48.0-eksbuild.2 …
- 2025-08-06
Upgraded cluster add-ons
The following updates have been rolled out to all non-production clusters. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: amazon-eks-ami v20250715 aws-ebs-csi-driver v1.46.0-eksbuild.1 …
- 2025-07-31
[ACTION REQUIRED] Bitnami deprecates free container support
Bitnami has announced that starting August 28 2025, it will stop publishing free-of-charge supported container images and Helm charts. (Announcement: https://github.com/bitnami/charts/issues/35164) What’s changing? Bitnami will stop updating and supporting …
- 2025-07-04
Upgraded cluster add-ons
Update 2025-07-15: These changes have been rolled out to all clusters. The following updates have been rolled out to all non-production clusters. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: …
- 2025-06-25
Loki label optimisations to improve performance, rollout finished
We have finished deploying our announced changes to the default indexed labels and structured metadata we assign to Loki logs. Please read on to know what changes have been made and how this impacts you. Please reach out if you have any questions, need …
- 2025-06-10
Grafana CVE-2025-4123 mitigation
On 21/05 Grafana disclosed a high severity security vulnerability, identified as CVE-2025-4123. We want to inform you that last week we rolled out mitigations for this vulnerability to all our managed clusters. In the end we don’t believe our …
- 2025-05-26
Addons migration from OpenTofu to Flux complete and next steps
In this post, we’re excited to share that we have successfully completed the migration of our Kubernetes (K8s) add-ons as announced in our previous post. The management of these add-ons has now transitioned from our existing OpenTofu-based approach (using …
- 2025-05-20
[ACTION REQUIRED] Upgraded cluster add-ons
The following updates have been rolled out to all clusters. As usual there’s improvements across various add-ons, ensuring enhanced performance and security. There’s possibly some actions required on your side regarding Grafana, so please read …
- 2025-05-08
[ACTION REQUIRED] Loki label optimisations to improve performance
We intend to make breaking changes to the Loki labels we assign to logs collected from your clusters. These changes aim to improve Loki’s performance by reducing high-cardinality labels and removing duplicates (e.g. namespace removed in favor of …
- 2025-04-17
Upgraded cluster add-ons
The following updates have been rolled out to all non-production clusters. As usual there’s also improvements across various other add-ons, ensuring enhanced performance and security. There’s no notable major updates. aws-ebs-csi-driver …
- 2025-03-25
All clusters patched against IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514)
Last night Kubernetes sent out a Security Advisory regarding multiple vulnerabilities in the Nginx Ingress Controller, including the critical CVE-2025-1974. If you’re an AWS account owner, you likely also received an email from AWS warning against …
- 2025-03-12
Upgraded cluster add-ons
Update 2025-03-24: These changes have been rolled out to all clusters. The following updates have been rolled out to all non-production clusters. As usual there’s also improvements across various other add-ons, ensuring enhanced performance and …
- 2025-03-05
Migrating from OpenTofu to Flux: A leap forward in our Kubernetes management
In this post, we’re excited to announce our plans to shift the management of Kubernetes (K8s) add-ons from our existing OpenTofu-based approach (using Terragrunt and Concourse CI) to Flux. This change is part of our broader effort to simplify our platform …
- 2025-02-27
DockerHub rate limits - system components updated
Since our previous announcement regarding the new DockerHub rate limits starting March 1st, we have updated and made sure that all system workloads managed by Skyscrapers, like ingress controllers, monitoring, istio etc., will not be affected by these new …
- 2025-02-21
[ACTION REQUIRED] Change in DockerHub rate limits on March 1st 2025
Starting March 1, 2025 DockerHub will limit unauthenticated image pulls further from 100 per 6-hours per IP address to 10 per hour per IP address: https://docs.docker.com/docker-hub/usage/. This is a reduction of 40%! Please read this post carefully to …
- 2025-02-05
Upgrading EKS clusters to v1.32
We are rolling out EKS v1.32. Please make sure to update to our recommended client versions matching this upgrade. This upgrade includes an important change in how PersistentVolumeClaims (PVCs) are handled by StatefulSets. When a StatefulSet is deleted, …
- 2025-01-30
New Dex onboarding docs and support for Google Group scope
We are excited to announce that we have completely rewritten our Dex onboarding documentation. This documentation will guide you through the steps required to configure your Identity Provider (like Google, Microsoft or Github) so we can integrate it as …
- 2025-01-23
[ACTION REQUIRED] Upgraded cluster add-ons
The following updates have been rolled out to all non-production clusters. Notable updates include a major release for Prometheus, bringing a new UI. As usual there’s also improvements across various other add-ons, ensuring enhanced performance and …
- 2025-01-07
Upgrading EKS clusters to v1.31
We are rolling out EKS v1.31. Please make sure to update to our recommended client versions matching this upgrade. Timeline: Testing & rollout to non-production clusters has happened in the past days Production rollouts are expected to finish at the …