AWS Open Source Blog

Category: Amazon Elastic Container Service for Kubernetes

AWS + Kubernetes logos.

Using Pod Security Policies with Amazon EKS Clusters

You asked for it and with Kubernetes 1.13 we have enabled it:  Amazon Elastic Container Service for Kubernetes (EKS) now supports Pod Security Policies. In this post we will review what PSPs are, how to enable them in the Kubernetes control plane and how to use them, from both the cluster admin and the developer perspective. What is a Pod Security Policy and […]

Read More
EKS performance - resnet50.

Best Practices for Optimizing Distributed Deep Learning Performance on Amazon EKS

中文版 – In this post, we will demonstrate how to create a fully-managed Kubernetes cluster on AWS using Amazon Elastic Container Service for Kubernetes (Amazon EKS), and how to run distributed deep learning training jobs using Kubeflow and the AWS FSx CSI driver. We then will discuss best practices to optimize machine learning training performance […]

Read More
The Seattle Spheres - photo by Deirdré Straughan.

Open Source News Roundup: April 22, 2019

中文版 Upcoming Events RailsConf (April 30-May 2 in Minneapolis, Minnesota) – Lounge & Lanyard Sponsor. Workshop on Going Serverless with Ruby on AWS Lambda by Alex Wood and Jingyi Chen. PyCon (May 1-9 in Cleveland, Ohio) – Platinum Sponsor. Come find us at Booth #439 to see how AWS <3 Python. Percona Live (May 28-30 […]

Read More

Amazon EKS Control Plane Metrics with Prometheus

中文版 – Kubernetes core components provide a rich set of metrics you can use to observe what is happening in the Control Plane. You can see how many watchers are on each resource in the API Server, the number of audit trail events, the latency of the requests to the API Server, and much more. These […]

Read More

Using the FSx for Lustre CSI Driver with Amazon EKS

中文版 – The Container Storage Interface (CSI) is a standard for exposing storage on top of container orchestrators such as Mesos or Kubernetes. CSI gives storage providers like AWS the opportunity to create a thin wrapper which will allow a Kubernetes cluster to automatically provision and manage the entire lifecycle of the storage class. Storage […]

Read More
Kiali graph.

Observe Your Service Mesh with Kiali

中文版 – Observability in a service mesh gives you details about the topology of your microservices-based application. It tells what microservices are part of the service mesh, how are they connected, how much traffic is routed to them, and other details. This post from Heiko Rupp shows how Kiali can be used to visualize an […]

Read More
knative + TriggerMesh + EKS logos.

Deploying AWS Lambda-Compatible Functions in Amazon EKS using TriggerMesh KLR

中文版 – Custom AWS Lambda Runtimes were introduced at re:Invent 2018. Knative is an open source project to build, deploy, and manage serverless workloads. This post by Sebastien Goasguen explains that TriggerMesh’s Knative Lambda Runtime is a custom runtime that can run a Lambda function on Knative running on an Amazon EKS cluster. –Arun AWS […]

Read More
real-time status of Citi Bike stations in New York City.

Managing Amazon EKS Clusters with Rancher

中文版 – Rancher is a popular open-source tool used by many organizations to manage Kubernetes clusters. Rancher has extended support for Amazon Elastic Container Service for Kubernetes (Amazon EKS). With this capability, Rancher users no longer need to directly manage their own Kubernetes clusters on AWS. Using Amazon EKS with Rancher combines the ease of […]

Read More

Using Open Policy Agent on Amazon EKS

中文版 – Open Policy Agent (OPA) is a Cloud Native Computing Foundation (CNCF) sandbox project designed to help you implement automated policies around pretty much anything, similar to the way the AWS Identity and Access Management (IAM) works. With OPA, you can write a very slimmed-down policy using a language called rego which is based […]

Read More

Demystifying ENTRYPOINT and CMD in Docker

中文版 – As you begin your Docker container creation journey, you might find yourself faced with a puzzling question: Should your Dockerfile contain an ENTRYPOINT instruction, a CMD instruction, or both? In this post, I discuss the differences between the two in detail, and explain how best to use them in various use cases you […]

Read More