Containers

Turbocharging EKS networking with Bottlerocket, Calico, and eBPF

This post is co-authored by Alex Pollitt, Co-founder and CTO at Tigera, Inc. Recently Amazon announced support for Bottlerocket on Amazon Elastic Kubernetes Service (Amazon EKS). Bottlerocket is an open source Linux distribution built by Amazon to run containers focused on security, operations, and manageability at scale. You can learn more about Bottlerocket in this […]

Read More

Running Airflow on AWS Fargate

Apache Airflow is an open-source distributed workflow management platform that allows you to schedule, orchestrate, and monitor workflows. Airflow helps you automate and orchestrate complex data pipelines that can be multistep with inter-dependencies. This post presents a reference architecture where Airflow runs entirely on AWS Fargate with Amazon Elastic Container Service (ECS) as the orchestrator, […]

Read More

Automating image compliance for Amazon EKS using Amazon Elastic Container Registry and AWS Security Hub

Introduction As containers move to cloud native production environments, DevOps and security teams increasingly look to deploy DevSecOps pipelines that provide automated real-time visibility into container activity, restrict container access to host and network resources and detect and prevent exploits and attacks on running containers. In this blog post, we implement a solution that demonstrates […]

Read More

Running stateful workloads with Amazon EKS on AWS Fargate using Amazon EFS

With Amazon Elastic Kubernetes Service (EKS), you have the choice to run Kubernetes pods on EC2 instances or AWS Fargate. AWS Fargate, a serverless compute engine for containers, allows you to run Kubernetes workloads without creating and managing servers, scaling your data plane, right-sizing EC2 instances, or dealing with worker nodes upgrades. Fargate, thus far, […]

Read More

Authenticating with Docker Hub for AWS Container Services

Docker Hub has recently updated its terms of service to introduce rate limits for container image pulls. While these limits don’t apply to accounts under a Pro or Team plan, anonymous users are limited to 100 pulls per 6 hours per IP address, and authenticated free accounts are limited to 200 pulls per 6 hours. […]

Read More

Using EBS Snapshots for persistent storage with your EKS cluster

Originally, containers were a great fit for stateless applications. However, for many use cases there is a need for persistent storage, without which stateful workloads are not possible. Kubernetes first introduced support for stateful workloads with in-tree volume plugins, meaning that the plugin code was part of the core Kubernetes code and shipped with the […]

Read More

Easy as one-two-three policy management with Kyverno on Amazon EKS

This post is contributed by Raj Seshadri and Jimmy Ray As containers are used in cloud native production environments, DevOps and security teams need to gain real-time visibility into container activity, restrict container access to host and network resources, and detect and prevent exploits and attacks on running containers. Kyverno is a policy engine for […]

Read More

Latest updates to AWS Fargate for Amazon ECS

Recently, we announced features to improve the configuration and metric gathering experience of your tasks deployed via AWS Fargate for Amazon ECS. Based off of customer feedback, we added the following features: Environment file support Deeper integration with AWS Secrets Manager using secret versions and JSON keys More granular network metrics, as well as additional […]

Read More

Sending Envoy metrics from AWS App Mesh to Amazon CloudWatch

With AWS customers adopting AWS App Mesh with Amazon ECS and Amazon EKS, we have seen them with the following request on multiple occasions. This post will demonstrate the mechanism of getting metrics from Envoy to CloudWatch. “We have adopted AWS App Mesh as a service mesh solution for application-level networking for our micro services […]

Read More

Leveraging App Mesh with Amazon EKS in a Multi-Account environment

Today, many customers are adopting microservices to develop software faster, enable innovation, and accelerate the time-to-market for new features and products. The microservices approach is the implementation of small independent pieces of software that address specific business needs and communicate over well-defined APIs. In order to implement this development model, larger organizations are changing the […]

Read More