AWS Public Sector Blog
Announcing Amazon Elastic Kubernetes Service (EKS) in AWS GovCloud (US)
Amazon Elastic Kubernetes Service (Amazon EKS) is now generally available in AWS GovCloud (US) Regions.
Now government organizations and commercial organizations in government-regulated industries who adopt Kubernetes as their standard for orchestrating containers can use Amazon EKS to deploy a managed Kubernetes cluster on AWS. According to the 2019 Cloud Native Computing Foundation survey of their community, Amazon EKS is the leading method for deploying Kubernetes.
Amazon EKS and AWS GovCloud (US)
Many customers use AWS GovCloud (US) Regions to run their mission-critical applications. As these applications are developed and modernized, customers are increasingly choosing to deploy their applications using containers to support DevSecOps initiatives. The United States Department of Defense (DoD) recently announced their DevSecOps (DSOP) Initiative, which standardizes the use of containers to package applications and Kubernetes to orchestrate containers across the DoD.
Containers provide a standard API for DevSecOps teams to build, test, secure, deploy, and run their applications across multiple environments. Customers build enterprise container registries on top of Amazon Elastic Container Registry (ECR) to secure their software supply chain, accelerate the software development process, and/or scale their applications to accomplish their mission. Kubernetes enables customers to deploy nearly every type of workload, including web applications, batch processing, machine learning (ML), mobile, scheduled tasks, workflows, and many more.
Amazon EKS deeply integrates Kubernetes with Amazon Web Services (AWS) to enable customers to leverage a broad range of services already available in AWS GovCloud (US), which include:
- AWS Identity and Access Management (AWS IAM): Amazon EKS uses IAM for centralized and secure authentication using STS tokens. AWS integrates this with kubectl for a seamless developer experience. Users can centrally manage access to the cluster with IAM roles with support for federated identity.
- Amazon Key Management Service (Amazon KMS): The AWS Encryption Provider integrates with Amazon KMS, enabling customers to use FIPS 140-2 validated cryptography to secure their Kubernetes Secrets.
- Amazon Elastic Load Balancing (Amazon ELB): Amazon EKS supports exposing Kubernetes Service’s using Classic Load Balancers and Network Load Balancers. You can expose ingress resources using the Application Load Balancer Ingress Controller.
- Amazon Virtual Private Cloud (Amazon VPC): Amazon EKS uses native VPC networking to facilitate container networking. AWS assigns pods to IP addresses from the VPC (or Secondary VPC) CIDR ranges. This supports VPC Flow Logs and Guard Duty, allowing customers to gain visibility into the container traffic.
- Amazon Elastic Container Registry (Amazon ECR): Amazon ECR is integrated with Kubernetes to enable organizations to pull their container images without ever leaving their network over private endpoints.
- Amazon Elastic Block Storage (Amazon EBS) and Amazon Elastic File System (Amazon EFS): Amazon EKS uses the Container Storage Interface (CSI) drivers to integrate EBS and EFS storage into containers. This enables you to mount Amazon EBS volumes and Amazon EFS file systems directly into containers.
- Amazon SageMaker: Amazon SageMaker Operators for Kubernetes makes it simple for developers and data scientists that use Kubernetes to train, tune, and deploy ML models in Amazon SageMaker.
Amazon EKS also supports upstream Kubernetes tools such as Cluster Autoscaler and Horizontal Pod Autoscaler so that customers can scale up to meet demand and scale down to save costs when resources are no longer needed.
Our AWS Partner Network (APN) Partners have deep expertise in helping commercial and public sector customers migrate their applications to containers on AWS. They have proven infrastructure, software, and industry-specific solutions that help you build and run your applications on Kubernetes. Several APN Technology Partners are using Amazon EKS today in other AWS regions to deliver containerized workloads.
Get started deploying kubernetes today
Amazon EKS in AWS GovCloud (US) supports managed and self-managed worker nodes. To get started, deploy a cluster using eksctl, the AWS Command Line Interface (CLI), the AWS Software Development Kit (SDK), or AWS CloudFormation.
Learn more about AWS GovCloud (US) Regions or contact the AWS GovCloud (US) team with questions. Visit the Amazon EKS product page to learn more about the service, and check out this Amazon EKS workshop.
Subscribe to the AWS Public Sector Blog newsletter to get the latest in AWS tools, solutions, and innovations from the public sector delivered to your inbox, or contact us.