Category: Amazon Elastic Kubernetes Service

Introduction Windows Communication Foundation (WCF) is a framework created by Microsoft in 2008 for building service-oriented architecture (SOA) applications. It provides a set of libraries for building web services, using different network protocols to send and receive data between service endpoints. With the introduction of .NET Core in 2016 and the emergence of microservices, our […]

We are happy to announce the general availability of Amazon EKS Anywhere on Bare Metal. We released Amazon EKS Anywhere in 2021 with support to run on-premises Kubernetes clusters using VMware and today you can use EKS Anywhere to provision clusters without virtualization. The new functionality adds support for managing the full hardware lifecycle to […]

Introduction At one time, all servers were bare metal servers. We have come a long way with virtualization, cloud computing, and more recently with containers and serverless technologies. Despite these innovations, bare metal servers remain popular on premises. Customers run applications on bare metal infrastructure for performance benefits, to gain direct access to underlying hardware […]

Secrets management is a challenging but critical aspect of running secure and dynamic containerized applications at scale. To support this need to securely distribute secrets to running applications, Kubernetes provides native functionality to manage secrets in the form of Kubernetes Secrets. However, many customers choose to centralize the management of secrets outside of their Kubernetes […]

NOTICE: October 04, 2024 – This post no longer reflects the best guidance for configuring a service mesh with Amazon EKS and its examples no longer work as shown. Please refer to newer content on Amazon VPC Lattice. ——— As application architects we have come across many customers who are moving towards a container-only strategy […]

Years before Amazon Elastic Kubernetes Service (EKS) was released, our customers told us they wanted a service that would simplify Kubernetes management. Many of them were running self-managed clusters on Amazon Elastic Computer Cloud (EC2) and were having challenges upgrading, scaling, and maintaining the Kubernetes control plane. When EKS launched in 2018, it aimed to […]

Overview Data transfer costs can play a significant role in determining the overall design of a system. The Amazon Elastic Container Registry (Amazon ECR), Amazon Elastic Container Service (Amazon ECS), and Amazon Elastic Kubernetes Service (Amazon EKS) can all incur data transfer charges depending on a variety of factors. It can be difficult to visualize what […]

It’s every on-call’s nightmare—awakened by a text at 3 a.m. from your alert system that says there’s a problem with the cluster. You need to quickly determine if the issue is with the Amazon EKS managed control plane or the new custom application you just rolled out last week. Even though you installed the default […]

In the Amazon EKS Best Practices Guide, AWS recommends Open Policy Agent (OPA) as a policy-as-code (PaC) solution for Kubernetes pod security. The long list of pros provided for PaC focuses mainly on the flexibility and comprehensive control that PaC provides when compared with built-in pod security admission. While PaC brings powerful flexibility, it can […]

With the rapid growth of software as a service (SaaS) and cloud adoption, identity is the new security perimeter. AWS Identity and Access Management (IAM) and Kubernetes role-based access control (RBAC) provide the tools to build a strong least-privilege security posture. Single sign-on (SSO) uses federation with a central identity provider (IdP) to improve security by allowing […]