Containers
Amazon EKS add-ons: Advanced configuration
This post is a follow-up to our previous post, Amazon EKS add-ons preserve customer edits. Introduction In October 2022, the Amazon Elastic Kubernetes Service (Amazon EKS) add-ons team introduced the ability to preserve edits, enabling customers to safely modify the configuration of Amazon EKS add-ons by using the Kubernetes application programming interface (API). This enhancement […]
Expose Amazon EKS pods through cross-account load balancer
Introduction Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service to run and scale Kubernetes applications in the cloud or on-premises. Kubernetes Ingress is an API resource that allows you manage external or internal HTTP(S) access to Kubernetes services running in a cluster. The AWS Load Balancer Controller in Amazon EKS creates Application […]
Announcing upcoming changes to the Amazon ECS console
Today, we’re excited to announce that the new Amazon Elastic Container Service (Amazon ECS) console becomes the default starting January 2023. The new console makes it easier to deploy containerized applications, configure load balancing, networking, monitoring, and gives you the new workflows for the effective operations and troubleshooting. Since its launch at re:Invent 2014, Amazon […]
Blue/Green Kubernetes upgrades for Amazon EKS Anywhere using Flux
Introduction Amazon EKS Anywhere (Amazon EKS-A) allows customers to run containerized workloads on customer-managed hardware. Amazon EKS-A cluster upgrades are performed in place using a rolling process (similar to Kubernetes Deployments). Upgrades can only happen one minor version at a time (e.g., version 1.20 to 1.21) and Control plane components will be upgraded before worker […]
Windows Authentication on Amazon EKS Windows pods
Per Microsoft documentation: Windows-based networks commonly use Active Directory (AD) to facilitate authentication and authorization between users, computers, and other network resources. Enterprise application developers often design their apps to be AD-integrated and run on domain-joined servers to take advantage of Integrated Windows Authentication, which makes it easy for users and other services to automatically […]
Managing access to Amazon Elastic Kubernetes Service clusters with X.509 certificates
Introduction Currently, customers are given two main options for end users to access Amazon Elastic Kubernetes Service (Amazon EKS) clusters when using utilities like kubectl – AWS Identity and Access Management (AWS IAM), or OpenID Connect (OIDC). However, some customers leverage X.509 certificates to authenticate their end-users for access to Amazon EKS clusters, especially those […]
Managing Pod Security on Amazon EKS with Kyverno
This blog post was co-written by Jim Bugwadia, Co-founder and CEO, Nirmata. This post is a follow-up to our previous blog, Implementing Pod Security Standards in Amazon EKS. Introduction Pods are the fundamental unit of execution in Kubernetes. In this post, we’ll look at how Kyverno can be used to manage pod security for Amazon […]
Happy 5th birthday, AWS Fargate!
In just 5 years, AWS Fargate has emerged as the mission-critical infrastructure for customers seeking to adopt container-based applications without managing underlying infrastructure. Its ability to provide serverless compute paired with a unique security model, where every container is wrapped in a virtual machine, has earned the trust of many organizations. AWS Fargate has been […]
Transparent encryption of node to node traffic on Amazon EKS using WireGuard and Cilium
Introduction As the move to cloud native architectures continues to accelerate, one of the common challenges we hear from our customers is that adopting security best practices in Kubernetes clusters can be challenging. One area in particular that has come up in conversations often is how best to encrypt data in transit. This data encryption […]
Kubernetes Sessions at AWS re:Invent 2022
AWS re:Invent 2022 is right around the corner, offering several sessions focused on container technologies on AWS. This post highlights the sessions for those interested in AWS Kubernetes technologies and related customer stories. The sessions are listed by session type to help you find the best format for you. The conference offers a variety of […]