Containers

Category: Technical How-to

Leverage AWS secrets stores from EKS Fargate with External Secrets Operator

Leverage AWS secrets stores from EKS Fargate with External Secrets Operator

Secrets management is a challenging but critical aspect of running secure and dynamic containerized applications at scale. To support this need to securely distribute secrets to running applications, Kubernetes provides native functionality to manage secrets in the form of Kubernetes Secrets. However, many customers choose to centralize the management of secrets outside of their Kubernetes […]

Read More
Run an active-active multi-region Kubernetes application with AppMesh and EKS

Run an active-active multi-region Kubernetes application with AppMesh and EKS

As application architects we have come across many customers who are moving towards a container-only strategy for their most critical application workloads. While using managed container services like Amazon Elastic Container Service (ECS), Amazon Elastic Kubernetes Service (EKS), and AWS Fargate make it easy to manage complex workloads, AWS offers a lot more in terms […]

Read More
title img: Troubleshooting Amazon EKS API Servers with Prometheus

Troubleshooting Amazon EKS API servers with Prometheus

It’s every on-call’s nightmare—awakened by a text at 3 a.m. from your alert system that says there’s a problem with the cluster. You need to quickly determine if the issue is with the Amazon EKS managed control plane or the new custom application you just rolled out last week. Even though you installed the default […]

Read More
Read the blog post about Harden Amazon EKS in minutes with Styra DAS Free and OPA

Harden Amazon EKS in minutes with Styra DAS Free and OPA

In the Amazon EKS Best Practices Guide, AWS recommends Open Policy Agent (OPA) as a policy-as-code (PaC) solution for Kubernetes pod security. The long list of pros provided for PaC focuses mainly on the flexibility and comprehensive control that PaC provides when compared with built-in pod security admission. While PaC brings powerful flexibility, it can […]

Read More
Read the blog post on Amazon EKS and Spot Instances in action at Delivery Hero.

Amazon EKS and Spot Instances in action at Delivery Hero

This post was coauthored by Christos Skevis, Senior Engineering Manager, Delivery Hero; Giovanny Salazar, Senior Systems Engineer, Delivery Hero; Miguel Mingorance, Senior Systems Engineer at Delivery Hero at the time the blog post was written; Cristian Măgherușan-Stanciu, Senior Specialist Solutions Architect, Flexible Compute, AWS; and Sascha Möllering, Principal Specialist Solutions Architect, Containers, AWS. This post […]

Read More
Read the blog post on customizing scheduling on Amazon EKS

Customizing scheduling on Amazon EKS

The interest in Kubernetes spiked in the fall of 2019, according to Google Trends. The US Department of Defense’s announcement that they had deployed Kubernetes on an F-16 could have attributed to the surge in interest. Today, Kubernetes is found in virtually every industry; from building Blockchain networks to 5G networks, customers use Kubernetes to […]

Read More
A title image for the blog reading Using IAM database authentication with workloads running on Amazon EKS

Using IAM database authentication with workloads running on Amazon EKS

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes. When running containerized workloads on Amazon EKS, it is common to store the stateful parts of the application outside of the Kubernetes […]

Read More
Title image for Track costs with detailed billing reports for Amazon EKS on AWS Fargate

Track costs with detailed billing reports for Amazon EKS on AWS Fargate

Many AWS customers use Amazon Elastic Kubernetes Service (Amazon EKS) to run container workloads on AWS Fargate because it offers reduced operational complexity with right-sized, on-demand compute for containers. As customers scale their deployments on Fargate, they have expressed a need to track consumption with more specificity, such as usage from individual pods, namespaces, clusters, […]

Read More
Abstract image with title

Measuring portability time objective as a metric for migrating to Red Hat Openshift Service on AWS (ROSA)

This post was co-written by Mark Taylor, OpenShift Systems Engineer, IBM Consulting; Ian Packer, Chief AWS Architect, IBM Consulting; and Arnaud Lauer, Partner Solutions Architect, AWS. Customers are putting greater focus on portability as part of their strategies when adopting cloud computing. Red Hat OpenShift Service on AWS (ROSA) platform provides an agile and flexible […]

Read More

Fine-grained IAM roles for Red Hat OpenShift Service on AWS (ROSA) workloads with STS

Red Hat OpenShift Service on AWS (ROSA) is a fully managed OpenShift service, jointly supported by both Red Hat and Amazon Web Services (AWS) and managed by the Red Hat SRE team. This relieves customers of cluster lifecycle management, allowing them to focus on building applications rather than maintaining the OpenShift clusters. ROSA has recently […]

Read More