Containers

Tag: Kubernetes

GitOps-driven, multi-Region deployment and failover using EKS and Route 53 Application Recovery Controller

One of the key benefits of the AWS Cloud is it allows customers to go global in minutes, easily deploying an application in multiple Regions around the world with just a few clicks. This means you can provide lower latency and a better experience for your customers at minimal cost while targeting higher availability service-level […]

Amazon EKS add-ons: Advanced configuration

This post is a follow-up to our previous post, Amazon EKS add-ons preserve customer edits. Introduction In October 2022, the Amazon Elastic Kubernetes Service (Amazon EKS) add-ons team introduced the ability to preserve edits, enabling customers to safely modify the configuration of Amazon EKS add-ons by using the Kubernetes application programming interface (API). This enhancement […]

Expose Amazon EKS pods through cross-account load balancer

Introduction Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service to run and scale Kubernetes applications in the cloud or on-premises. Kubernetes Ingress is an API resource that allows you manage external or internal HTTP(S) access to Kubernetes services running in a cluster. The AWS Load Balancer Controller in Amazon EKS creates Application […]

Blue/Green Kubernetes upgrades for Amazon EKS Anywhere using Flux

Introduction Amazon EKS Anywhere (Amazon EKS-A) allows customers to run containerized workloads on customer-managed hardware. Amazon EKS-A cluster upgrades are performed in place using a rolling process (similar to Kubernetes Deployments). Upgrades can only happen one minor version at a time (e.g., version 1.20 to 1.21) and Control plane components will be upgraded before worker […]

Windows Authentication on Amazon EKS Windows pods

Per Microsoft documentation: Windows-based networks commonly use Active Directory (AD) to facilitate authentication and authorization between users, computers, and other network resources. Enterprise application developers often design their apps to be AD-integrated and run on domain-joined servers to take advantage of Integrated Windows Authentication, which makes it easy for users and other services to automatically […]

Transparent encryption of node to node traffic on Amazon EKS using WireGuard and Cilium

Introduction As the move to cloud native architectures continues to accelerate, one of the common challenges we hear from our customers is that adopting security best practices in Kubernetes clusters can be challenging. One area in particular that has come up in conversations often is how best to encrypt data in transit. This data encryption […]

Microservices development using AWS controllers for Kubernetes (ACK) and Amazon EKS blueprints

Introduction Microservices architectures make applications easier to scale and faster to develop, which enables innovation and accelerating time-to-market for new features. For business applications with multiple clients (web, mobile, desktop, and smart devices), the application programming interface (API) Gateway microservices design pattern is helpful for adding centralized control and security. Containers and serverless are two […]

Exposing Kubernetes Applications, Part 3: NGINX Ingress Controller

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In Part 1, we explored Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discussed handling of these resource types via Service and Ingress controllers, […]

Exposing Kubernetes Applications, Part 2: AWS Load Balancer Controller

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In Part 1 of the series, we explored Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discussed the handling of these resource types via […]