Amazon EKS

Amazon EKS

Amazon Elastic Kubernetes Services (EKS) is a provision to run Kubernetes applications on the AWS cloud platform. EKS provides an automated framework, where tasks such as patching, node provisioning, and updates can be performed.

Kubernetes

Kubernetes is an extensible, portable, and open-source platform that manages containerized applications.

A brief history on Kubernetes:

In the traditional system of software development, there were physical servers and resource allocation issues with respect to executing multiple applications on the same server. And there was no mechanism to define boundaries for each application. The result of an application taking up more memory resources than others led to underperformance and inefficiencies.

Such a situation gave rise to the need for virtualization, which allows running multiple Virtual Machines (VM’s), with separate applications running on each VM, therefore, allowing the applications to run in isolation on a single server. VM’s had its own set of limitations, such as dependency on its operating system on top of the virtualized hardware. (VM is an operating system-dependent component).

Emergence of Containerized services

The early 70s gave rise to the concept of isolated environments, where services could run in isolation. With containers in place, the degree of dependency lowered on the system, paving the way for a more loosely coupled architecture where the services such as storage, network, and so on were independent of each other and focused on individual application execution.

Container benefits vary across several parameters such as –

• Easy and efficient container image creation.
• Alerts on system health metrics.
• Being on the cloud, building, and testing has never been easier.
• Loosely coupled and distributed architecture.
• Higher efficiency due to efficient resource utilization.
• Fully automated framework leads to less time consumption.

Kubernetes on Amazon EKS

Kubernetes offers great ease in maintaining and scheduling containers, performing health checks, and handling a gamut of operational activities. Amazon provides a platform for easy deployment of cluster work nodes using predefined Amazon Machine Images (AMI’s) and CloudFormation (a service that helps set up AWS resources). EKS will provision and scale Kubernetes panels to ensure availability, scalability, and security.

Steps for creating EKS on AWS:

• Install and set up your AWS before beginning with EKS. One can use AWS CLI (Command Line Interface) to create a cluster in EKS.
• Assign roles.
• Create an EKS role and assign permission for that role to users.
• Assign a name for a role and click on Create role button.
• Create Virtual Private Cloud for EKS.
• Open CloudFormation and click on Create New Stack button.
  
Note: Virtual cloud provides a secure framework for communication between worker nodes and AWS Kubernetes API server.
• Create an EKS cluster (with the help of the required command).
• Launch Kubernetes worker nodes.

We list a few components from the EKS cluster section, as follows, to familiarize you with the interface:

• Clustername – the name of a Kubernetes cluster.
• NodeGroupname – the name of the node group.
• NodeAutoscalingGroupMinSize – refers to the number of nodes a worker node group can auto-scale.
• NodeInstanceType – instance type used by worker nodes.

EKS Architecture

The architecture aims to explain the interaction between the worker nodes in one Virtual Private Cloud (VPC) with EKS in an AWS environment.

The simple architecture explains the topology that exists within any AWS platform for an EKS cluster. Let us understand each component in the above diagram, as follows:

• EC2 worker nodes – Elastic Compute Cloud is a collection of work node group instances deployed on Amazon’s EC2 Autoscaling Group. EC2 nodes can be thought of as a cluster that communicates with the cluster’s (EKS) control panel for an AWS account through an API server endpoint.
• Autoscaling Group – a logical grouping of work nodes for automatic scaling and management.
• Network Load Balancer – this is simply a bridge between the sender and the receiver. In this context, the client sends a request to connect with the EKS and the load balancer. Thus, establishing a connection between the work nodes and the EKS control panel.
• ENI – Elastic Network Interface is a networking component that has IPV4 addresses, security groups, a MAC address, and connects one VPC with another.
• Static IP – the device IP (on which an AWS account is running).
• Kubectl Exec/Logs – this is a log that lists the interactions between the client system and the backend. It works regularly and allows inspection and debugging of applications.
• TLS – Transport Security Layer (TLS) is a layer on any network for cryptographic communications.

Kubernetes clusters exist within machines and those clusters are termed nodes.

Nodes can be of two types –

• The Control Panel can be thought of as the brain of the cluster.
• A Worker Node is a location where the actual container images run.

Compliance for Amazon EKS:

Amazon EKS has been certified by various compliance programs. We list some of the services as follows:

• SOC Compliance: The purpose of AWS System and Organization Controls Reports help auditors to understand the AWS controls, which supports operations and compliance.
• PCI Compliance: Payment Card Industry Data Security Standard (PCI DSS) is an information security standard and applies to process sensitive information data.
• IRAP: The Information Security Registered Assessors Program provides a mechanism for customers belonging to the Australian Government to prevent data from unauthorized access while procuring cloud services.
• C5: Cloud Computing Compliance Controls Catalog is an attestation scheme by the German government which acts as a shield against common cyber threats.

Benefits of AWS EKS:

• A fully managed service, providing access to the complete range of Kubernetes services without the hassles of managing infrastructure.
• Each administrator can focus and concentrate on their EKS clusters without worrying about the underlying architecture.
• Fastest processing and automatic load distribution.
• Scalable as per need.

Conclusion

Owning a platform that automates your daily task is no less than a blessing in disguise. The cloud infrastructure has removed the barriers that posed a challenge for perming fast and efficient software development build and deployment. Amazon EKS is one such solution that aims to leverage the benefits of Kubernetes within Amazon’s cloud platform with its autoscaling and parallel processing features. One simply needs to subscribe to the services and can perform their development activities within the comfort of their workspaces.