AWS has unveiled a new container service that will allow its users to run Kubernetes on AWS server without needing to install and operate a separate Kubernetes cluster. The service can be identified as a major advancement for AWS which will allow the users migrate smoothly, who had, though, previously found Amazon ECS slightly rigid when it yielded optimum results only when operated on AWS’ own server.
Amazon Elastic Container Service for Kubernetes is a managed service that transcends this obstacle. With this cross platform achievement, AWS will certainly attract (or at least keep) its customers for it has eradicated one major obstacle of transferring clusters on personal server of AWS—inter-cloud exchange. Kubernetes is known to be an open-source system used for automating the deployment, scaling, and managing containerized applications. While Kubernetes had previously posed significant challenges to producing applications, where one was required to manage scaling and availability of Kubernetes masters and persistence layer, Amazon EKS has eased this tedious task by rendering an automatic selection of appropriate instance types. It runs them across multiple Availability Zones along with replacing unhealthy masters through constant heath monitoring. Even the patch and upgrade routines of master and worker nodes no longer need to be monitored manually, which required a lot of expertise and, above all, a tremendous amount of manpower and time. Amazon EKS automatically upgrades the nodes and prepares them for high availability. It runs three Kubernetes masters across three Availability Zones to achieve this flawless feat.
Amazon EKS, just like ECS, can be integrated with many AWS services to provide direct scalability and security for various applications, including Elastic Load Balancing for load distribution, IAM for authentication, Amazon VPC for isolation, AWS PrivateLink for private network access, and AWS CloudTrail for logging. It runs the latest version of the open-source Kubernetes software, which allows the user to have all the latest and existing plugins and tools from the Kubernetes community. Due to the absolute compatibility offered with Amazon EKS for application running on standard Kubernetes Environment, the user can easily migrate any standard Kubernetes application to Amazon EKS without any code modification.
Having stated the common properties of Amazon EKS, let’s look at the major benefits for opting it:
Secure
Security is of paramount importance in this cloud based IT world. With more advanced features, the Amazon EKS is loaded with highly advanced security features for the Kubernetes Environments of any managed cloud service. The migrated workers are launched on the user’s Amazon EC2 instances, where no compute resources are exposed to other customers.
It allows the users to manage the Kubernetes cluster using standard Kubernetes tools such as kubectl CLI for managing Kubernetes, through AWS Identity and Access Management (IAM) authenticated public endpoints or through PrivateLink.
Fully Compatible with Kubernetes Community Tools
Since Amazon EKS runs the latest version of the open-source Kubernetes software, all the existing and even newer features, plugins, and applications are supported in it. Applications that are already running in an existing Kubernetes environment will be fully compatible, and can be flawlessly moved to Amazon EKS cluster.
Fully Managed and Highly Available
Amazon EKS eradicates the need to install, manage, and scale personal Kubernetes clusters. With this development, EKS is one step ahead of the ECS. The worker and master clusters of Kubernetes are automatically made highly available which are distributed across three different Availability Zones for each cluster, due to which, worker and master servers start functioning more smoothly than ever before. Amazon EKS manages the multi Availability Zone architecture and delivers resiliency against the loss of an Availability Zone. Furthermore, it automatically detects and replaces unhealthy masters and provides automated version upgrades and patching for the masters.
Amazon EKS integrates IAM with Kubernetes which enables the user to register IAM entities with the native authentication system in Kubernetes. The user no longer has to worry about manually setting up credentials for authenticating with the Kubernetes masters which also allows IAM to directly authenticate with the master itself as well as granularly control access to the public endpoint with regards to the targeted Kubernetes masters.
Besides that, it also gives the option of using PrivateLink to access Kubernetes masters directly from personal Amazon VPC. With PrivateLink, Kubernetes masters and Amazon EKS service endpoint appear as an elastic network interface with private IP addresses in Amazon VPC, which opens the threshold for accessing the Kubernetes masters and the Amazon EKS service directly from Amazon VPC, without using public IP addresses or requiring the traffic to traverse the internet.
Related Stories
Amazon SageMaker in Machine Learning
Amazon ECS: Another Feather in AWS’ Cap