Containers

Category: Amazon Elastic Kubernetes Service

Optimize IP addresses usage by pods in your Amazon EKS cluster

Many enterprise customers adopt multi-account strategy to meet their business needs and at the same time reduce the security blast radius. Customers have had problems maintaining network topology because of constant growth and increased workloads. They can quickly run out of IP space while planning out the VPC Classless Inter-Domain Routing (CIDR). In this blog, […]

Read More

Designing a secure container image registry

As organizations move to containers, there can be a sense that they are losing control or visibility of the software that is deployed to their environments. Historically, once a server is in production, a scanning tool runs on a regular basis to detect vulnerabilities on the operating system. Once a vulnerability is detected, an operations […]

Read More

Using Gatekeeper as a drop-in Pod Security Policy replacement in Amazon EKS

Jason Umiker If you are managing a Kubernetes cluster or you are a security professional responsible for one then you likely have heard that you should be implementing Kubernetes Pod Security Policies (PSPs) on the cluster in order to improve your security posture. Using PSPs can help to block pods from being disruptive to their […]

Read More

Securing Kubernetes applications with AWS App Mesh and cert-manager

While working with customers on their projects, I often hear “I want to secure all my traffic with granular encryption-in-transit, close to application code, but decouple security from it.” That’s where AWS App Mesh can help. In this blog, I will briefly discuss how to apply some of the Well Architected Framework Security Pillar design […]

Read More

Introducing security groups for pods

Security groups, acting as instance level network firewalls, are among the most important and commonly used building blocks in any AWS cloud deployment. It came as no surprise to us that integrating security groups with Kubernetes pods emerged as one of the most highly requested Amazon Elastic Kubernetes Service (Amazon EKS) features, as seen on […]

Read More

Creating Kubernetes Auto Scaling Groups for Multiple Availability Zones

Kubernetes is a scalable container orchestrator that helps you build fault-tolerant, cloud native applications. It can handle automatic container placement, scale up and down, and provision resources for your containers to run. While Kubernetes can take care of many things, it can’t solve problems it doesn’t know about. Usually these are called unknown unknowns and […]

Read More

ICYMI: AWS Cloud Containers Conference

On July 9th, the AWS Containers team hosted the first AWS Cloud Containers Conference (C3). The full day, virtual conference covered deep dives, launches, and demos on Amazon EKS, Amazon ECS, AWS Fargate, Amazon ECR, and AWS App Mesh. As well as, a keynote from GM of Kubernetes, Bob Wise, and closing remarks from Chief […]

Read More

Introducing the AWS Controllers for Kubernetes (ACK)

AWS Controllers for Kubernetes (ACK) is a new tool that lets you directly manage AWS services from Kubernetes. ACK makes it simple to build scalable and highly-available Kubernetes applications that utilize AWS services. Today, ACK is available as a developer preview on GitHub. In this post we will give you a brief introduction to the […]

Read More

Amazon EKS on AWS Graviton2 generally available: considerations on multi-architecture apps

Today, Amazon EKS on AWS Graviton2 is generally available and with this post we want to give you some background on what this means for you and how it works in practice. We had first-generation AWS Graviton from early 2019 on in preview and many of you participated in the AWS Graviton2 preview program launched […]

Read More

Introducing launch template and custom AMI support in Amazon EKS Managed Node Groups

Amazon Elastic Kubernetes Service (EKS) now supports EC2 Launch Templates and custom AMIs for managed node groups. When combined, these new features provide flexible configuration and customization options for Amazon EC2 instances which are managed as Kubernetes nodes by EKS. This enables you to leverage the simplicity of managed node provisioning and lifecycle management features […]

Read More