Containers

Multi-tenant design considerations for Amazon EKS clusters

This post was contributed by Roberto Migli, AWS Solutions Architect.  Amazon Elastic Kubernetes Service (Amazon EKS) is used today by thousands of customers to run container applications at scale. One of the common questions that often we hear is: how do we provide a multi-tenant Amazon EKS cluster to our teams? Should I run one cluster, […]

Read More

De-mystifying cluster networking for Amazon EKS worker nodes

Running Kubernetes on AWS requires an understanding of both AWS networking configuration and Kubernetes networking requirements. When you use the default Amazon Elastic Kubernetes Service (Amazon EKS) AWS CloudFormation templates to deploy your Amazon Virtual Private Cloud (Amazon VPC) and Amazon EC2 worker nodes, everything typically just works. But small issues in your configuration can result […]

Read More

Upcoming Changes to IP Assignment for EKS Managed Node Groups

When using Amazon EKS, all nodes need the ability to connect to the EKS-hosted Kubernetes cluster and to other AWS APIs such as Amazon Elastic Container Registry (ECR) or Amazon S3. Nodes can run in private or public subnets. For private subnets, this traffic typically routes through an AWS PrivateLink connection to reach endpoints within […]

Read More

Enabling cross-account access to Amazon EKS cluster resources

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that makes it easy for you to run Kubernetes on AWS without needing to stand up or maintain your own Kubernetes control plane. The recent launches of managed node groups and Amazon EKS on AWS Fargate removes the need to provision and manage infrastructure for pods. Kubernetes […]

Read More

Enable traffic encryption between services in AWS App Mesh using AWS Certificate Manager or customer-provided certificates

Today, we announce the general availability of an AWS App Mesh feature that enables traffic encryption between services using AWS Certificate Manager (ACM) or customer-provided certificates. We sought feedback from our customers last year through the AWS App Mesh roadmap issues #38 and #39 and the features were made available on the AWS App Mesh […]

Read More

Using EKS encryption provider support for defense-in-depth

Gyuho Lee, Rashmi Dwaraka, and Michael Hausenblas When we announced that we plan to natively support the AWS Encryption Provider in Amazon EKS, the feedback we got from you was pretty clear: can we have it yesterday? Now we’re launching EKS support for the encryption provider, a vital defense-in-depth security feature. That is, you can […]

Read More

Using Amazon FSx for Windows File Server as persistent storage on Windows Containers

This post was contributed by Marcio Morales, Sandeep Srinivas Indraganti, Alain Vetier, and Pavneet Ahluwalia. In this blog post, we are going to walk through a step-by-step process on how to use Amazon FSx for Windows File Server as persistent storage for Windows Containers running on Amazon Elastic Container Service (ECS). We will achieve this […]

Read More

Access Logging Made Easy with AWS App Mesh and Fluent Bit

I’ve found that the term microservices can have different meanings and benefits depending on who you talk to. However, the one benefit where I’ve typically found consensus is that microservices allow your teams to have the freedom to choose the best tool for each job. Meaning, microservices architectures shouldn’t follow a “one size fits all” […]

Read More

The role of AWS Fargate in the container world

In 2017, we introduced a serverless service to run containers at scale called AWS Fargate. Today, customers are launching tens of millions of containers on it every week. Customers keep telling us that the reason they love Fargate is because it removes a lot of the infrastructure undifferentiated heavy lifting. For example, they no longer […]

Read More

API Gateway as an Ingress Controller for Amazon EKS

When teams deploy microservices on Amazon EKS, they usually expose a REST API for use in front ends and third-party applications. A best practice is to manage these APIs with an API Gateway. This provides a unique entry point for your APIs and also eliminates the need to implement API-specific code for things like security, […]

Read More