[Collab] Add EKS deployment support with Terraform, Helm, and security hardeningΒ #474
Description
Hi Opensandbox team! π
We are from CloudThinker and first of all, thank you for open-sourcing OpenSandbox β it's a great project and we've been actively using it in production on AWS EKS. We have built out deployment tooling and security improvements that we'd like to contribute back upstream.
Changes
- Terraform configuration for provisioning EKS clusters (VPC, subnets, IAM roles, ECR repositories, EBS CSI driver, snapshot controller)
- Helm values sample for EKS deployments with placeholder-based configuration
- Security hardening in the bootstrap process β SUID/SGID stripping, capability dropping, proper file ownership for the sandbox user
- Documentation β getting started guide, custom images guide, and EKS deployment walkthrough
Related
Link: https://github.com/cloudthinker-ai/opensandbox-on-eks
Would love to hear your thoughts on the best way to contribute these back β happy to open individual PRs per area or a single one, whatever works best for you. Thanks again for the awesome work!