Containers

Tag: networking

Use shared VPC subnets in Amazon EKS

Introduction In the ever-changing landscape of cloud computing, organizations continue to face the challenge of effectively managing their virtual network environments. To address this challenge, many organizations have embraced shared Amazon virtual private clouds (VPCs) as a means to streamline network administration, and reduce costs. Shared VPCs not only provide these advantages but also enable […]

Increasing pod density for Windows nodes on Amazon EKS

Introduction Today, Amazon Web Services (AWS) announced the support of prefix delegation mode for Windows nodes running in Amazon Elastic Kubernetes Service (Amazon EKS). This feature increases the number of available IP addresses per node, thereby allowing customers to run more pods per Windows node on AWS Nitro based Amazon Elastic Cloud Compute (Amazon EC2) […]

Introducing AWS Gateway API controller for Amazon VPC Lattice, an implementation of Kubernetes Gateway API

Introduction Today, AWS announces the general availability of Amazon VPC Lattice a new feature of Amazon Virtual Private Cloud (Amazon VPC) that gives you a consistent way to connect, secure, and monitor communication between your services. As part of the launch of Amazon VPC Lattice, we’re excited to introduce the AWS Gateway API controller, an […]

Application Networking with Amazon VPC Lattice and Amazon EKS

Introduction AWS customers building cloud-native applications or modernizing applications using microservices architecture can adopt Amazon Elastic Kubernetes Service (Amazon EKS) to accelerate innovation and time to market while lowering their total cost of ownership. Many customers operate multiple Amazon EKS clusters to provide better tenant isolation and to meet organizational requirements. Often, there’s a need […]

Getting visibility into your Amazon EKS Cross-AZ pod to pod network bytes

Getting visibility into your Amazon EKS Cross-AZ pod to pod network bytes

Introduction Many customers use Amazon Elastic Kubernetes Service (Amazon EKS) to host their mission-critical applications. As a best practice, we ask our customers to spread their applications across multiple distinct availability zones (AZ). Because “everything fails all the time,” Werner Vogel, CTO, Amazon To achieve high availability, customers deploy Amazon EKS worker nodes (Amazon EC2 […]

Addressing IPv4 address exhaustion in Amazon EKS clusters using private NAT gateways

Addressing IPv4 address exhaustion in Amazon EKS clusters using private NAT gateways

Introduction The Amazon VPC Container Network Interface (CNI) plugin creates many advantages for pod networking when deployed on an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. First, it lets us reuse proven, battle-tested Amazon Virtual Private Cloud (Amazon VPC) networking and security best practices for building Kubernetes clusters on AWS. This allows us to use […]

Observability for AWS App Runner VPC networking

With AWS App Runner, you can quickly deploy web applications and APIs at any scale. You can start with your source code or a container image, and App Runner will fully manage all infrastructure, including servers, networking, and load balancing for your application. If you want, App Runner can also configure a deployment pipeline for […]

Amazon ECS on AWS Outposts

AWS Outposts is a fully managed service that offers the same AWS infrastructure, AWS services, APIs, and tools to virtually any data center, co-location space, or on-premises facility, in the form of a physical rack connected to the AWS global network. AWS compute, storage, database, and other services run locally on Outposts, and you can […]

Amazon EKS launches IPv6 support

The ongoing growth of the internet, particularly in the fields of mobile applications, IoT, and application modernization, has led to an industry-wide move to IPv6. With 128 bits of address space, IPv6 can provide 340 undecillion IP addresses, compared to 4.3 billion IPv4 addresses. Over the last several years, Amazon Web Services (AWS) has added […]

mTLS in App Mesh

Using mTLS with SPIFFE/SPIRE in AWS App Mesh on Amazon EKS

By Efe Selcuk and Apurup Chevuru and Michael Hausenblas You know that here at AWS we consider security as “job zero”, and in the context of the shared responsibility model we provide you with controls to take care of your part. One popular use case of service meshes is to strengthen the security posture of […]