Skip to main content


Cluster is the component of Common in charge of providing a company-wide Kubernetes Cluster.

Public Oath

Fluid Attacks will constantly look for new stack that simplifies serving applications to the Internet in a secure and automated manner.


  1. The module is managed as code using Terraform.
  2. We have one Kubernetes cluster called common-k8s that is shared by all the components.
  3. The cluster is hosted on EKS by Amazon Web Services (AWS).
  4. The cluster is divided into namespaces, which keep resources in isolation from other namespaces.
    • The default namespace is unused, we try to put things into a namespace appropriate to the product.
    • The dev namespace currently holds the ephemeral environments of Integrates.
    • The prod-integrates namespace holds the production deployment of Integrates, and a Celery jobs server.
    • The kube-system namespace holds cluster-wide deployments for, load balancer, DNS, node termination handler, cloudflared, observability and autoscaler.
    • Other kube-* namespaces exist, but they are not used for anything at the moment.
  5. Every namespace runs in a specific worker group whose physical machine instances run on EC2 by Amazon Web Services (AWS).
  6. The cluster spawns machines on all availability zones within us-east-1 for maximum spot availability.
  7. The cluster supports autoscaling based on several metrics like cpu consumption, memory consumption and queue size.
  8. It provides observability tools for debugging.
  9. It creates AWS application load balancers and Cloudflare DNS records for ingress resources.
  10. It supports a Cloudflare ZTNA tunnel that allows developers to access the AWS VPC via Cloudflare WARP.
  11. Developers can access the cluster via Okta for debugging.


Please read the contributing page first.