Amazon Elastic Kubernetes Service (EKS) is a managed Kubernetes service that makes it easy for you to run Kubernetes on Amazon Web Services without needing to install, operate, and maintain your own Kubernetes control plane. Amazon EKS is certified Kubernetes conformant, so existing applications running on upstream Kubernetes are compatible with Amazon EKS.
Amazon EKS automatically manages the availability and scalability of the Kubernetes control plane nodes that are responsible for starting and stopping containers, scheduling containers on virtual machines, storing cluster data, and other tasks. Amazon EKS automatically detects and replaces unhealthy control plane nodes for each cluster.
Amazon EKS lets you run your Kubernetes applications on both Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Fargate. With Amazon EKS, you can take advantage of all the performance, scale, reliability, and availability of the Amazon Web Services platform, as well as integrations with Amazon Web Services networking and security services, such as Application Load Balancers for load distribution, IAM for role-based access control, and VPC for pod networking.
Managed Kubernetes control plane
Amazon EKS provides a scalable and highly-available control plane that runs across multiple Amazon Web Services availability zones. The Amazon EKS service automatically manages the availability and scalability of the Kubernetes API servers and the etcd persistence layer for each cluster. Amazon EKS runs the Kubernetes control plane across three Availability Zones in order to ensure high availability, and it automatically detects and replaces unhealthy masters.
Open Source CLI
EKSCTL is an open source command line tool allowing you to get up and running with Amazon EKS in minutes. Executing eksctl create cluster, will create the Amazon Identity and Access Management (IAM) Role and will then create the base Amazon VPC to manage network access to the Amazon EKS control plane. Once the control plane is active, EKSCTL can setup a node group to add worker node instances. A pre-configured kubeconfig will provide access to the cluster.
Networking and security
Amazon EKS makes it easy to provide security for your Kubernetes clusters, with advanced features and integrations to Amazon Web Services services and technology partner solutions. For example, IAM provides fine-grained access control and Amazon VPC isolates your Kubernetes clusters from other customers.
EKS Pod Identity
EKS Pod Identity simplifies the work customers need to do to setup applications on EKS clusters to access various Amazon Web Services services. EKS cluster administrators get a simplified workflow for obtaining Identity and Access Management (IAM) credentials required for authenticating Kubernetes applications to access resources such as S3 buckets, DynamoDB tables, and more. EKS Pod Identity makes it easy to use IAM roles across multiple clusters, and simplifies IAM policy management by supporting reuse of policies across IAM roles.
VPC support
Your EKS clusters run in an Amazon VPC, allowing you to use your own VPC security groups and network ACLs. No compute resources are shared with other customers. This provides you a high level of isolation and helps you use Amazon EKS to build highly secure and reliable applications. EKS uses the Amazon VPC CNI to allow Kubernetes pods to receive IP addresses from the VPC.
IAM authentication
Amazon EKS integrates Kubernetes RBAC (the native role based access control system for Kubernetes) with IAM authentication through a collaboration with Heptio. You can assign RBAC roles directly to each IAM entity allowing you to granularly control access permissions to your Kubernetes masters.
Load balancing
Amazon EKS supports using Elastic Load Balancing including Application Load Balancer (ALB), Network Load Balancer (NLB), and Classic Load Balancer.
You can run standard Kubernetes cluster load balancing or any Kubernetes supported ingress controller with your Amazon EKS cluster.
Serverless Compute
EKS supports Amazon Fargate to run your Kubernetes applications using serverless compute. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design.
Logging
Amazon EKS is integrated with Amazon CloudTrail to provide visibility and audit history of your cluster and user activity. You can use CloudTrail to view API calls to the Amazon EKS API.
Certified conformant
Amazon EKS runs upstream Kubernetes and is certified Kubernetes conformant, so you can use all the existing plugins and tooling from the Kubernetes community. Applications running on Amazon EKS are fully compatible with applications running on any standard Kubernetes environment, whether running in on-premises datacenters or public clouds. This means that you can easily migrate any standard Kubernetes application to Amazon EKS without needing to refactor your code.
Managed updates
Amazon EKS makes it easy to update running clusters to the latest Kubernetes version without needing to manage the update process. Kubernetes version updates are done in place, removing the need to create new clusters or migrate applications to a new cluster
You can initiate the installation of new versions and get details on the status of in-flight updates via the SDK, CLI or Amazon Web Services Console.
Support for advanced workloads
Amazon EKS provides an optimized Amazon Machine Image (AMI) that includes configured NVIDIA drivers for GPU-enabled P2 and P3 EC2 instances. This makes it easy to use Amazon EKS to run computationally advanced workloads, including machine learning (ML), high performance computing (HPC), financial analytics, and video transcoding.
Works with open source tools
Amazon EKS is fully compatible with Kubernetes community tools and supports popular Kubernetes add-ons. These include KubeDNS to create a DNS service for your cluster and both the Kubernetes Dashboard web-based UI and the kubectl command line tool to access and manage your cluster on Amazon EKS.
For more information see the Kubernetes community tools GitHub page