Containers

Category: Technical How-to

Setting up end-to-end TLS encryption on Amazon EKS with the new AWS Load Balancer Controller

In this blog post, I’ll show you how to set up end-to-end encryption on Amazon Elastic Kubernetes Service(Amazon EKS). End-to end encryption in this case refers to traffic that originates from your client and terminates at an NGINX server running inside a sample app. I work with regulated customers who need to satisfy regulatory requirements […]

Read More

Advertising click-prediction modeling on Amazon EKS

In digital advertising, the ad click-through rate (CTR) model predicts the probability of a click given the ads and context x (for example, shopping query, time of the day, device). The output of a CTR model can be seen as a conditional probability p(y = click|x). A precise estimation of this probability influences our ability […]

Read More

Turbocharging EKS networking with Bottlerocket, Calico, and eBPF

This post is co-authored by Alex Pollitt, Co-founder and CTO at Tigera, Inc. Recently Amazon announced support for Bottlerocket on Amazon Elastic Kubernetes Service (Amazon EKS). Bottlerocket is an open source Linux distribution built by Amazon to run containers focused on security, operations, and manageability at scale. You can learn more about Bottlerocket in this […]

Read More

Authenticating with Docker Hub for AWS Container Services

Docker Hub has recently updated its terms of service to introduce rate limits for container image pulls. While these limits don’t apply to accounts under a Pro or Team plan, anonymous users are limited to 100 pulls per 6 hours per IP address, and authenticated free accounts are limited to 200 pulls per 6 hours. […]

Read More

Using EBS Snapshots for persistent storage with your EKS cluster

Originally, containers were a great fit for stateless applications. However, for many use cases there is a need for persistent storage, without which stateful workloads are not possible. Kubernetes first introduced support for stateful workloads with in-tree volume plugins, meaning that the plugin code was part of the core Kubernetes code and shipped with the […]

Read More
High level architecture

Ship and visualize your Istio virtual service traces with AWS X-Ray

AWS X-Ray is a managed distributed tracing system that helps customers gain end-to-end visibility of requests and provides rich visualization of connected services. This post will show how customers can integrate AWS X-Ray as a backend for Zipkin traces generated from services in a Istio service mesh.

Read More

Accelerate modernization of your application using App2Container

Introduction Many enterprises want to modernize their existing applications and containerize them to minimize disruptions that could stem from clunky, outdated and unscalable legacy systems. These enterprises need tools to simplify the containerization process of existing Java and .NET applications and increase operational efficiency, harmonize CI/CD processes, and increase agility. AWS App2Container (A2C) enables companies […]

Read More
Gif that shows canary deployment taking place

Create a pipeline with canary deployments for Amazon EKS with AWS App Mesh

In this post, we will demonstrate how customers can leverage different AWS services in conjunction with AWS App Mesh to implement a canary deployment strategy for applications running on Amazon Elastic Kubernetes Service (Amazon EKS). As stated in the post “Getting started with App Mesh and EKS”, many customers are currently implementing microservices in a […]

Read More

Windows Authentication on Amazon EKS Windows pods

Per Microsoft documentation: Windows-based networks commonly use Active Directory (AD) to facilitate authentication and authorization between users, computers, and other network resources. Enterprise application developers often design their apps to be AD-integrated and run on domain-joined servers to take advantage of Integrated Windows Authentication, which makes it easy for users and other services to automatically […]

Read More