Hacker News new | ask | show | jobs
by mjfisher 2297 days ago
Digital Ocean is still significantly cheaper (unsurprisingly). They don't charge for the control plane, so you just pay the normal prices for the droplets and resources you use. It's well integrated, allowing K8 to provision load balancers and volumes, and the Terraform provider for it works well.

My (admittedly small) cluster of 3x 4Gb droplets, an external load balancer, and volumes enough for logs, databases and filesystems costs about 70 USD/Month. It's been absolutely rock solid too. I have very few minor gripes and a lot of positive things to say about it.
2 comments
gingerlime 2297 days ago
Isn't it more limited though, e.g. with auto-scaling not available for nodes, but only for pods?
link
photonios 2297 days ago
DigitalOcean now has a node auto-scaling as well [1]. It was released very recently. It was not available in the first general release.

[1] https://www.digitalocean.com/docs/kubernetes/how-to/autoscal...

link
mjfisher 2297 days ago
Yes, it is absolutely more limited. That, single-IP load balancers, and no direct equivalent of VPCs spring to mind as the biggest differences. AWS still makes a lot of sense in a lot of cases. It is worth noting DO has a decent API, so if wouldn't be _that_ hard to implement autoscaling yourself if you needed it.
link
tmpz22 2297 days ago
What’s the story for automatically provisions TLS certificates for your load balancer been like?
link
DelightOne 2297 days ago
I don't know about terminating on the load balancer level, but it works fine on the ingress-level (http router) with cert-manager, nginx-ingress-controller and the Ingress-definition.
link
mjfisher 2297 days ago
That's exactly how I manage it too. It means there only needs to be one load balancer per cluster, and adding a new SSL cert is just a matter of adding a couple of lines to the ingress config.
link
status_quo69 2297 days ago
Load balancer certs via annotations are supported, but they're a bit iffy when pairing with controllers like ambassador, since ambassador expects to own TLS termination (although the ambassador docs do say this is configurable). https://www.digitalocean.com/docs/kubernetes/how-to/configur...
link
bndw 2297 days ago
aside: ambassador definitely supports external TLS termination (tested with AWS ELB).
link
DelightOne 2297 days ago
Ah good to know, thank you!
link