Containers

Start off your KubeCon 2020 with AWS at Container Day on August 17th, 8:00 AM – 4:00 PM (PDT). In this full-day virtual event, we’ll cover how Amazon EKS makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS. Virtual sessions throughout the day will consist of technical deep dives, product […]

Today, we’re announcing a new Center for Internet Security (CIS) benchmark for Amazon Elastic Kubernetes Service (EKS). This new benchmark is optimized to help you accurately assess the security configuration of Amazon EKS clusters, including security assessments for nodes to help meet security and compliance requirements. Security is a critical consideration when configuring and maintaining […]

NOTICE: October 04, 2024 – This post no longer reflects the best guidance for configuring a service mesh with Amazon EKS and its examples no longer work as shown. Please refer to newer content on Amazon VPC Lattice. ——– In this blog post we explain service mesh usage in containerized microservices and walk you through […]

NOTICE: October 04, 2024 – This post no longer reflects the best guidance for configuring a service mesh with Amazon ECS and Amazon EKS, and its examples no longer work as shown. For workloads running on Amazon ECS, please refer to newer content on Amazon ECS Service Connect, and for workloads running on Amazon EKS, […]

Developers can now use Docker Compose and Docker Desktop to deploy applications to Amazon ECS If you were to ask any developer who has worked with containers, you find out they have used or are aware of Docker Desktop and the Docker CLI for building applications on their desktop. They’ve also most likely used Docker […]

The first official command line tool for Amazon Elastic Container Service (Amazon ECS) was created in 2015. In December 2019, we shared the preview release of a new command line experience, redesigned from the ground up to make it easier for you to deploy your applications on Amazon ECS. Today, we are sharing some of […]

At AWS, we’ve been exploring new approaches of making it easier to define Kubernetes applications. Last month, we announced the alpha release of cdk8s, an open-source project that enables you to use general purpose programming languages to synthesize manifests. Today, I would like to tell you about cdk8s+ (cdk8s-plus), which we believe is the natural […]

Update 12/05/20: EKS on Fargate now supports capturing applications logs natively. Please see this blog post for details. Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to run your applications on AWS Fargate. You can run Kubernetes pods without having to provision and manage EC2 instances. Because Fargate runs every pod in VM-isolated environment, […]

Introduction Achieving complete isolation between multiple tenants running in the same Kubernetes cluster is impossible today. The reason is because Kubernetes was designed to have a single control plane per cluster and all the tenants running in the cluster, share the same control plane. Hosting multiple tenants in a single cluster brings some advantages, the […]

With the introduction of IAM roles for services accounts (IRSA), you can create an IAM role specific to your workload’s requirement in Kubernetes. This also enables the security principle of least privilege by creating fine grained roles at a pod level instead of node level. In this blog post, we explore a use case where […]