In simple line, Amazon EKS is generally available, bringing fully-managed Kubernetes to AWS.
Amazon launched Amazon EKS in November at its re:Invent 2017 conference. Till the time this article is written, Amazon EKS is available in the US East (N. Virginia) and US West (Oregon) Regions only.
The cost of running EKS is $0.20 per hour for the EKS Control Plane, apart from EC2, EBS, and Load Balancing prices for resources that run in your account.
How does Amazon EKS work?
Amazon EKS works by provisioning (starting) and managing the Kubernetes control plane for you. At a high level, Kubernetes consists of two major components – a cluster of ‘worker nodes’ that run your containers and the control plane that manages when and where containers are started on your cluster and monitors their status.
Without Amazon EKS, you have to run both the Kubernetes control plane and the cluster of worker nodes yourself. With Amazon EKS, you provision your cluster of worker nodes using the provided Amazon Machine Image (AMI) and AWS CloudFormation script and AWS handles provisioning, scaling, and managing the Kubernetes control plane in a highly available and secure configuration. This removes a significant operational burden for running Kubernetes and allows you to focus on building your application instead of managing AWS infrastructure.
Major Features of Amazon Elastic Container Service for Kubernetes (EKS)
Amazon Elastic Container Service for Kubernetes (EKS) is a managed Kubernetes service that makes it easy for you to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane.
Availability and Scalability of Nodes – Amazon EKS automatically manages the availability and scalability of the Kubernetes control plane nodes that are responsible for
Starting and stopping containers,
Scheduling containers on virtual machines,
Storing cluster data, and other tasks.
Health check of Nodes – Amazon EKS Automatically detects and replaces unhealthy control plane nodes for each cluster.
Amazon EKS Integration – Great Integration with AWS networking and security services, such as Application Load Balancers for load distribution, IAM for role based access control, and VPC for pod networking.
Managed Kubernetes Control Plane – Amazon EKS provides a scalable and highly-available control plane that runs across multiple AWS availability zones.
Kubernetes Masters in three Availability Zones – Amazon EKS runs the Kubernetes control plane across three Availability Zones in order to ensure high availability, and it automatically detects and replaces unhealthy masters.
Amazon EKS with IAM Authentication – Amazon EKS integrates Kubernetes RBAC (the native role based access control system for Kubernetes) with IAM authentication through a collaboration with Heptio. You can assign RBAC roles directly to each IAM entity allowing you to granularly control access permissions to your Kubernetes masters.
Amazon EKS with VPC Support
Your EKS clusters run in an Amazon VPC, allowing you to use your own VPC security groups and network ACLs. No compute resources are shared with other customers. This provides you a high level of isolation and helps you use Amazon EKS to build highly secure and reliable applications.
Container Interface – EKS uses the Amazon VPC CNI to allow Kubernetes pods to receive IP addresses from the VPC means The Container Network Interface for Kubernetes uses Elastic Network Interfaces to provide secondary IP addresses for Kubernetes Pods.
Amazon EKS Logging
Amazon EKS is integrated with AWS CloudTrail to provide visibility and audit history of your cluster and user activity. You can use CloudTrail to view API calls to the Amazon EKS API.
Amazon EKS with EBS – Kubernetes PersistentVolumes (used for cluster storage) are implemented as Amazon Elastic Block Store (EBS) volumes.
Amazon EKS with Route 53 – The External DNS project allows services in Kubernetes clusters to be accessed via Route 53 DNS records. This simplifies service discovery and supports load balancing.
Amazon EKS Support – Amazon EKS runs up-to-date versions of the open-source Kubernetes software, so you can use all the existing plugins and tooling from the Kubernetes community.
Google Container Engine – Google Kubernetes Engine is a powerful cluster manager and orchestration system for running your Docker containers.
ECS – Amazon Elastic Container Service (Amazon ECS) is a highly scalable, fast, container management service that makes it easy to run, stop, and manage Docker containers on a cluster.
EKS – Amazon Elastic Container Service for Kubernetes (Amazon EKS) makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS.
Kubernetes cli tools
kubectl – Main CLI tool for running commands and managing Kubernetes clusters.
JSONPath – Syntax guide for using JSONPath expressions with kubectl.
kubeadm – CLI tool to easily provision a secure Kubernetes cluster.
kubefed – CLI tool to help you administrate your federated clusters.
Minikube – This is the simplest way to get a Kubernetes cluster on your Mac or Windows machine.
Kops – kops helps you create, destroy, upgrade and maintain production-grade, highly available, Kubernetes clusters from the command line. AWS (Amazon Web Services) is currently officially supported, with GCE in beta support , and VMware vSphere in alpha, and other platforms planned.
kubernetes config reference
kubelet – The primary node agent that runs on each node. The kubelet takes a set of PodSpecs and ensures that the described containers are running and healthy.
Container runtime – Container runtime is Docker engine which resides in each node
kube-proxy – Can do simple TCP/UDP stream forwarding or round-robin TCP/UDP forwarding across a set of back-ends.
Cluster control plane (AKA master)
kube-apiserver – REST API that validates and configures data for API objects such as pods, services, replication controllers.
Cluster state store – All persistent cluster state is stored in an instance of etcd. This provides a way to store configuration data reliably.
kube-controller-manager – Daemon that embeds the core control loops shipped with Kubernetes.
kube-scheduler – Scheduler that manages availability, performance, and capacity.
Federation – A single Kubernetes cluster may span multiple availability zones.
federation-apiserver – API server for federated clusters.
federation-controller-manager – Daemon that embeds the core control loops shipped with Kubernetes federation