AWS EKS (Elastic Kubernetes Service)

What is AWS EKS?

Amazon Elastic Kubernetes Service (AWS EKS) is a managed service that allows you to run Kubernetes on AWS without installing, operating, (or) maintaining your control plane or nodes.  Kubernetes is a portable, extendable, open-source source system for managing containerized workloads and services.

AWS EKS: 

• Ensures high availability by running and scaling the Kubernetes control plane across several AWS Availability Zones.
• Scales control plane instances automatically based on load, identifies and replaces unhealthy control plane instances, and offers automated version upgrades and patching.
• It integrates with numerous AWS services to give your applications scalability and security, including the following capabilities:
  • Elastic Load Balancing for load dispersion 
  • Amazon ECR for container images
  • Amazon VPC for isolation
  • IAM for authentication
• Runs the most recent versions of the open-source Kubernetes software, allowing you to leverage all of the Kubernetes community's plug-ins and tools.

Amazon EKS Deployment Features

• Managed Kubernetes Clusters

  AWS EKS provides managed Kubernetes Clusters like Managed Control Plane, Service Integrations, Hosted Kubernetes Console, EKS Add-Ons, and Managed Node Groups.

• Use eksctl for launching nodes and single-line management

  Use the eksctl command-line tool to get Amazon EKS up and running in minutes. To construct your EKS cluster, use the "eksctl create cluster" command. Eksctl may ease cluster management and operations, such as managing nodes and add-ons.

• Networking and Security

  AWS EKS quickly provides security for the clusters with the help of other services of AWS. Some critical services include AWS IAM authenticator, VPC Native networking, Service Mesh, and the support of IPv6.

• Load balancing

  Application Load Balancer(ALB), Network Load Balancer (NLB), and Classic Load Balancer are all supported by Amazon EKS for Elastic Load Balancing.

  With your Amazon EKS cluster, you may use any Kubernetes-supported ingress controller or standard Kubernetes cluster load balancing.

• Serverless Compute

  EKS supports AWS Fargate for serverless computing in Kubernetes applications. Fargate eliminates the need for server provisioning and management, allows you to specify and pay for resources per application, and increases security through application isolation by design.

• Logging

  Amazon EKS is connected with AWS CloudTrail to enable visibility into EKS administration processes, including audit history. CloudTrail is used to monitor API calls to the Amazon EKS API. AWS EKS also sends control plane logs to AWS CloudWatch for analysis, debugging, and auditing.

• Certified Conformant

  Amazon EKS runs upstream Kubernetes and is a certified Kubernetes-conformant so you can utilize all of the Kubernetes community's current plug-ins and tools. Amazon EKS supports applications operating in any standard Kubernetes environment, on-premises, or in public clouds.

• Advanced Workload Support

  Amazon EKS contains an optimized Amazon Machine Image (AMI) with customized NVIDIA drivers for GPU-enabled Amazon EC2 instances. It makes it simple to execute computationally complex workloads such as machine learning (ML), deep learning (DL), high-performance computing (HPC), financial analytics, and video transcoding.

• Open-Source Compatibility

  Amazon EKS is fully compatible with Kubernetes community tools. Examples are  CoreDNS, which generates a DNS service for your cluster,  Kubernetes Dashboard web-based UI, and the kubectl command line tool, which enables you to access and control your cluster on Amazon EKS.

• EKS Connector

  AWS EKS allows users to connect any Kubernetes cluster to AWS and view it in the EKS console. It supports connection with AWS EKS anywhere cluster, AWS EC2, and other Kubernetes clusters.

How Does Amazon EKS Work?

Amazon EKS runs on the Kubernetes architecture, which includes a control plane and worker nodes.

Three load-balanced master nodes are deployed on the control plane in a high-availability (HA) arrangement. AWS manages master nodes, which provide all of the functionality required to build and operate Kubernetes, including access to the EKS API.

EKS users establish worker nodes within Amazon EC2 instances. They are in charge of hosting pods of containers that make up container-based applications. Within a Kubernetes cluster, nodes are often arranged into groups, and different node groups might exist.

Worker node clusters interface with the control plane through the EKS API, role-based access control (RBAC), and Amazon VPC. It limits traffic and ensures security between the control plane and user-run clusters.

Amazon EKS is used in a variety of ways. To start, a user can run one EKS cluster for each application. Second, a single cluster may handle several applications. To isolate apps within the cluster, the latter will necessitate the usage of Identity and Access Management (IAM) security and Kubernetes namespaces.

EKS Pricing

An Amazon EKS cluster comprises a control plane and the Amazon EC2 or AWS Fargate computing on which pods operate.  Amazon EC2 and Fargate both provide:

• On-Demand Instances - Users pay per the second usage for the instances, with no long-term obligations or upfront fees. 
• Savings Plans - Users can save money by committing to a continuous level of usage for one or three years in USD per hour.

Advantages of AWS EKS

• Highly Available EKS manages the Kubernetes management architecture across various AWS Availability Zones, automatically identifies and replaces unhealthy control plane nodes, and delivers on-demand, zero-downtime updates and patching.

• Fargate Support EKS supports AWS Fargate, which provides serverless computing for containers. Fargate eliminates the need for server provisioning and management, allows you to specify and pay for resources per application, and increases security through application isolation by design.

• Security AWS EKS automatically updates your cluster control plane with the most recent security fixes. AWS collaborates closely with the community to ensure that essential security vulnerabilities are addressed before deploying new versions and fixes to existing clusters.

• Community Support Applications managed by AWS EKS are fully compatible with applications by other standard Kubernetes services. AWS actively collaborates with the Kubernetes community, including contributions to the Kubernetes code base that enable you to use AWS services.

EKS vs. ECS

Amazon EKS is a subset of Amazon EC2 Container Service (ECS), one of the first managed container services. Amazon ECS offers a unique orchestration layer, which makes it simpler to interface with other AWS solutions than EKS. However, moving containerized apps away from Amazon's cloud is more complicated.

Amazon EKS supports Fargate and completely transfers management of the underlying EC2 instances to AWS. As a result, a developer will only need to worry about the containers themselves. They will not be required to provision, scale, or patch any servers. EKS likewise uses AWS Outposts. However, the generated clusters are deployed to the AWS cloud.

Amazon EKS joins a growing list of Kubernetes-based container services, including Microsoft Azure Kubernetes Service, Google Kubernetes Engine, RedHat OpenShift, VMware Tanzu, and Docker Enterprise Edition. Because they all use the same orchestration layer, plug-ins, scripts, and cluster settings can be transferred between these systems.

EKS is compatible with the G3, G4, inf, and P instance families, which are designed to handle x86-accelerated Amazon EKS-optimized AMIs. Traditional A, C, HPC, M, and T families are designed to use x86 and Arm AMIs.

Additional Resources

1. Kubernetes Interview Questions and Answers