Containers

Getting started with Amazon EKS Anywhere

We are excited to announce the general availability of a new deployment option for Amazon Elastic Kubernetes Service (Amazon EKS) called Amazon EKS Anywhere. EKS Anywhere allows customers to create and operate Kubernetes clusters supported by AWS on customer-managed infrastructure. It provides consistent, automated cluster management for your hybrid needs. There are no upfront commitments or fees to use EKS Anywhere.

Many customers operate their own data centers for data residency, latency, regulatory, or compliance considerations. With EKS Anywhere, you get Amazon optimized defaults for cluster configuration, machine operating systems, and 3rd-party integrations. These optimizations let you focus on your business innovations rather than complex component compatibility or disparate deployments between your on-premises and cloud environments. EKS Anywhere supports VMware vSphere today, with support for other deployment targets in the near future, including support for bare metal coming in 2022.

EKS Anywhere uses Amazon EKS Distro, which provides binary and container image compatibility between your on-premises and Amazon EKS clusters in AWS. By default, EKS Anywhere uses Bottlerocket OS to give you a secure, container-optimized operating system with full AWS support.

To show you how easy it is to get started, let’s install the EKS Anywhere CLI, create a local development cluster, and deploy an example workload with only four commands. With three additional commands, we can also test the workload and delete the cluster. To check your system requirements, please read our Getting Started documentation.

Create your first cluster

EKS Anywhere CLI is distributed as a plugin to eksctl, so we need to install eksctl, eksctl-anywhere, and kubectl. To make that as simple and up-to-date as possible, we’ve created a homebrew formulae for you to install on macOS or Linux operating systems. If you would like to install the components manually, you can follow the instructions in the documentation.

brew install aws/tap/eks-anywhere

Generate a manifest file for your local cluster using the Docker provider. Manifest files ensure you’re able to manage the infrastructure as code and give a declarative interface for the entire cluster lifecycle.

We’ll name our first cluster local-cluster and generate the manifest with the following command:

eksctl anywhere generate clusterconfig local-cluster \
    --provider docker > local-cluster.yaml

The default configuration is all you need to get started with the Docker provider. Use that file to create a cluster on your local machine with this command:

eksctl anywhere create cluster -f local-cluster.yaml

This output will provide progress information as the cluster is created. To understand more about the cluster creation process, review the cluster creation workflow documentation.

Performing setup and validations
✅ validation succeeded {"validation": "docker Provider setup is valid"}
Creating new bootstrap cluster
Installing cluster-api providers on bootstrap cluster
Provider specific setup
Creating new workload cluster
Installing networking on workload cluster
Installing cluster-api providers on workload cluster
Moving cluster management from bootstrap to workload cluster
Installing EKS-A custom components (CRD and controller) on workload cluster
Creating EKS-A CRDs instances on workload cluster
Installing AddonManager and GitOps Toolkit on workload cluster
GitOps field not specified, bootstrap flux skipped
Deleting bootstrap cluster
🎉 Cluster created!

If you see this output, you have your first EKS Anywhere cluster!

Now, let’s deploy a workload to test it. An admin kubeconfig file will be in your current directory in the local-cluster/ folder. We’ve created an example workload you can deploy to test the cluster.

kubectl apply --kubeconfig ./local-cluster/local-cluster-eks-a-cluster.kubeconfig \
    -f "https://anywhere.eks.amazonaws.com/manifests/hello-eks-a.yaml"

You will see a hello-eks-a deployment and service created in your cluster.

deployment.apps/hello-eks-a created
service/hello-eks-a created

Verify the workload by forwarding the service port to our host’s port 3000 with the following command.

kubectl port-forward svc/hello-eks-a 3000:80 \
    --kubeconfig ./local-cluster/local-cluster-eks-a-cluster.kubeconfig

Check that the service is running and available with:

curl localhost:3000

You should see output that looks like this:

Once you’re done with the cluster, you can delete it with the following command:

eksctl anywhere delete cluster local-cluster

We are excited for you to use EKS Anywhere and believe it’s an excellent way to run Kubernetes on-premises. We also have exciting future integrations and providers planned. The EKS Anywhere roadmap will be available on GitHub, and we’d love to hear about your use cases and requests.

What customers are saying

We’ve been working with customers to make sure that their needs are met with EKS Anywhere. We’ve received the following feedback during our beta program:

Nokia Cloud and Network Services (CNS) helps communication service providers (CSPs) deploy, integrate, and scale Nokia CNS cloud-native software solutions and all generations of core networks in multi-vendor environments. “Nokia CNS has been a strong partner of AWS for many years and EKS is a key container platform in our multi-vendor virtual laboratory environment,” said Jitin Bhandari, Chief Technology Officer, Cloud and Network Services at Nokia. “We successfully deployed EKS Anywhere in our on-premises data centers. As an early adopter of EKS Anywhere, we are delighted to see the flexibility EKS Anywhere gives us in the choice of EKS provisioning and the consistency it provides for Kubernetes operations across the cloud and on-premises.”

McAfee Enterprise is one of the world’s largest pure-play enterprise cybersecurity companies. “The Kubernetes approach provided by Amazon EKS Anywhere matches what we hear from our customers,” said Anand Ramanathan, VP of Product Management, McAfee Enterprise. “Giving customers a choice so they can engineer and manage their hybrid infrastructures using a unified dashboard and tooling consistent with Amazon EKS, enables customers to adopt hybrid infrastructures seamlessly. McAfee Enterprise supports these strategies with security from MVISION Cloud Native Application Protection Platform (CNAPP), which emboldens hybrid deployments in a manner that fits these strategies perfectly.”

DraftKings is a digital sports entertainment and gaming company created to fuel the competitive spirit of sports fans with products that range across daily fantasy, regulated gaming, and digital media. “We have a lot of workloads in the cloud, but we also have some in our own data centers, so it is essential that we have common infrastructure and tooling wherever possible,” said David Musicant, senior director, Architecture, DraftKings. “The vision for Amazon EKS Anywhere to provide strong operational consistency across the cloud and our data centers matches up with our needs. We look forward to working with AWS to explore the full potential of Amazon EKS Anywhere.”

Launch partners in action

Our partners are key to EKS Anywhere’s success. We have amazing partners that make sure you can extend EKS Anywhere with their existing integrations. We are excited to work with them and within the Kubernetes community.

Isovalent builds open source cloud-native networking software that solves networking, security, and observability for modern infrastructure. “We’re excited that AWS has chosen Cilium as the default networking and security layer for Amazon EKS Anywhere,” said Liz Rice, Chief Open Source Officer at Isovalent and Chair of the CNCF Technical Oversight Committee. “Amazon EKS Anywhere gives Kubernetes users a consistent platform, based on proven CNCF projects, that can run on any infrastructure. Now users can easily benefit from Cilium’s eBPF-powered connectivity, observability, and security wherever they run their applications.” Read more in their blog post: AWS EKS Anywhere chooses Cilium

Weaveworks is the original GitOps company and is a founding member of the Cloud Native Computing Foundation (CNCF). “With the official launch of Amazon EKS Anywhere, AWS is introducing the ability for customers to utilize a single Kubernetes distribution across their entire software development and operations pipeline,” said Alexis Richardson, CEO of Weaveworks. “Weave GitOps, powered by Flux, being part of the Amazon EKS Anywhere offering provides one of the best operational models to manage a shared services platform on Amazon EKS.” Read more in their blog post: Developer self-service and consolidated operations – anywhere.

Equinix is a global provider in colocation and network interconnection, including AWS Direct Connect locations. “With Amazon EKS Anywhere running on Equinix Metal, businesses can combine single-tenant bare metal from Equinix, the world-class Kubernetes experience of AWS, and private connectivity via 37 AWS Direct Connect on-ramps. Together, Amazon EKS Anywhere and Equinix Metal make it easier for digital leaders to bring their Kubernetes-based workloads from the cloud to the edge.” said Zac Smith, Managing Director, Equinix Metal. Read more in their blog post: Run Your Infrastructure Where You Want.

Kubecost is a popular open source cloud cost monitoring tool. “We’re excited to see customers adopt Amazon EKS Anywhere to enable a consistent Kubernetes management experience across their cloud and on-premises environments,” said Webb Brown, Co-Founder and CEO of Kubecost. “With Kubecost’s support of Amazon EKS Anywhere at launch, customers gain immediate cost visibility, optimization insights, and governance across their EKS and EKS-Anywhere workloads, in a centralized location. This integration gives infrastructure and engineering teams the tooling they need to truly own their resources from a chargeback perspective.” Read more in their blog post: Use Kubcost to Monitor EKS Anywhere Costs.

Sysdig enables companies to confidently secure containers, Kubernetes, and cloud services. “As AWS simplifies Kubernetes deployment beyond the public cloud with Amazon EKS Anywhere, putting the right container security practices in place is critical,” said Omer Azaria, Vice President of Engineering Security at Sysdig. “Sysdig is uniquely positioned to help customers monitor and secure hybrid cloud and container deployments with a single, unified solution. EKS Anywhere users can take advantage of the Sysdig Secure DevOps Platform to enable the visibility and security needed to reduce risk and ensure compliance from development through production.”Read more in their blog post: Securing Amazon EKS Anywhere with Sysdig.

Conclusion

We have taken years of production EKS knowledge and applied best practices to existing and new open source tools to help you accelerate your infrastructure modernization. EKS Anywhere couldn’t exist without the wonderful Kubernetes community. Check out the GitHub repo and join the community Slack channel in the Kubernetes workspace to contribute. If you want to deploy a production cluster on vSphere, follow the getting started guide for more details.

To learn more about EKS Anywhere, come watch the live demo on Containers from the Couch on Monday, September 13 at 12:00 PM PT/ 3:00 PM ET. We’ll also be deep diving into EKS Anywhere at the Container Days co-scheduled with KubeCon North America and at re:Invent.

TAGS: , ,
Justin Garrison

Justin Garrison

Justin Garrison is a Sr Developer Advocate in the AWS containers team. He is a long time open source contributor and cares deeply for open communities. Before AWS, Justin built infrastructure for Disney+ and animated movies such as Frozen II and Moana. You can reach him on Twitter via @rothgar