In case you missed it, last week during the re:Invent keynote, Andy Jassy announced Amazon EKS Anywhere, a new deployment option for Amazon Elastic Kubernetes Service (Amazon EKS) that enables you to easily create and operate Kubernetes clusters on-premises thanks to the launch of Amazon EKS Distro (EKS-D). EKS-D is a Kubernetes distribution based on and used by Amazon EKS that follows the same Kubernetes version release cycle as Amazon EKS. You can read more about the EKS-D launch in the announcement post.
Putting the “Anywhere” in EKS Anywhere, EKS-D means that you can run EKS-D on-premises, in a cloud, or on your own systems. This means there is more you will need to do, including installation, securing, managing, and more. This is where the AWS Partner Network can really help, and we teamed up with a number of partners that are providing additional capabilities or help should you need it.
In this post, we explain some of the capabilities those AWS Partners are providing, and we round up their posts and videos about the launch of EKS-D.
Customers running containerized workloads on AWS have benefited from AWS data centers and a network architected to protect information, identities, applications, and devices, so as to meet security and compliance requirements. Security remains a top priority regardless of where you run EKS-D, and AWS Partners provide products and services that allow you to maintain this focus on security as you look to run EKS-D anywhere. From a runtime security or compliance perspective, AWS Partners provide a number of options.
Falco is an open source runtime security tool originally built by AWS Partner Sysdig that you might already be familiar with and using, and their Sysdig’s Secure DevOps solution provides capabilities you can use to detect and respond to runtime threats continuously and validate compliance, as well as to monitor and troubleshoot. Support for this solution now includes EKS-D.
Kube-bench and kube-hunter a couple of the open source security tools developed by AWS Partner Aqua Security and form part of their Aqua KSPM solution that takes a pioneering approach to effectively tackle misconfigurations, obscured visibility, security best practice knowledge gaps, enforcement of least privilege access, and the most accurate evaluation of workload security compliance. Aqua Security has worked to ensure that all those security controls extend to this new distro.
AWS Partner Alcide helps organizations by providing a solution to help with continuous security guardrails across Kubernetes workloads and deployments, and can now provide the same standard of operational security with the addition of EKS-D.
Finally, Calico is a popular open source networking and network security solution for containers, and AWS Partner Tigera has committed to support both Calico and Calico Enterprise on EKS-D.
After security, operational reliability and excellence is a high priority for customers. A number of AWS Partners are already helping customers achieve this across incident management, monitoring, observability, and support tooling and capabilities. Regardless of whether you are using any of these Partner solutions, customers have choice in how to meet operational requirements.
AWS Partner Splunk announced support for EKS-D in their Infrastructure Monitoring solution that provides out-of-the-box monitoring of Kubernetes Control Plane where customers choose to run Kubernetes. AWS Partner Epsagon also supports EKS-D if you are using their solution to monitor control plane metrics (API server latencies, etcd latencies, etc.), cluster state metrics (kube-state-metrics), resource metrics (pod request limits, node capacity, etc.), as well as leverage the power of Amazon CloudWatch and Prometheus.
EKS-D fully integrates with AWS Partner Sumo Logic’s Solution for Kubernetes, providing customers with an integrated solution to monitor, diagnose, troubleshoot, and secure Kubernetes applications. When it comes to automatically visualizing and monitoring applications, AWS Partner Instana also works seamlessly on Kubernetes clusters using EKS-D, and you can leverage Instana’s fully automatic discovery and instrumentation on all your workloads.
AWS Partner Datadog also partnered at launch to bring you deep visibility into EKS-D so you can monitor all of your clusters—whether self-hosted or in the cloud—within the Datadog platform.
For many customers the developer experience is super important, and a number of AWS Partners have already integrated their solutions with EKS-D. Whether you want to use these solutions to accelerate the development life cycle, you want to use EKS-D in a number of different deployment models, or perhaps you want to get started quickly, some AWS Partners have already created walk through guides. Also, some AWS Partners have validated and tested integration into tooling that many developers may already be using, and that will help customers manage Amazon EKS clusters wherever they are deployed.
AWS Partner Weavework’s Kubernetes Platform (WKP) enables customers to accelerate cluster delivery and security, while use developer best practices and policy management with GitOps workflows. The Weave Kubernetes Platform leverages EKS-D as the source for Kubernetes builds to provision Kubernetes clusters consistent with Amazon EKS in AWS.
AWS Partner Rancher Labs added experimental support in Rancher’s RKE2 Kubernetes distribution to allow users to leverage third-party Kubernetes components, with EKS-D replacing the kubelet, kube-apiserver, etcd, CoreDNS, and kube-controller-manager in RKE2. The blog post explains how to get EKS-D up and running on with an Ubuntu 20.04 OS with RKE2.
If you are using IaC when provisioning Kubernetes clusters, then you will be happy to know that AWS Partner Pulumi already published a walk through on writing IaC to deploy EKS-D with just a few lines of code.
AWS Partner Kubermatic KubeOne also offers out-of-the-box support for EKS-D, and their KubeOne solution provides an infrastructure-agonistic and open source Kubernetes cluster lifecycle management tool that automates the deployment and Day 2 operations of single Kubernetes clusters. With Terraform integration and ease of use, users can install EKS-D on AWS and Amazon Linux 2 with minimal operational effort.
AWS Partner Kubestack provides a local development environment allowing developers to follow a GitOps developer model, updating automatically as they make changes. With EKS-D, that local development environment is now closer to the EKS production environments they are using, reducing the risk that promoting changes will fail.
AWS Partner Canonical has provided a quick post on how to install EKS-D in only one line, with the EKS Snap. The post provides details of what components are installed, so if you run Ubuntu, then this is a great place to start.
AWS Partner VMware’s Tanzu is a portfolio of products and solutions that allow customers to develop, build, deploy, and operate containerized applications on Kubernetes. As a launch partner, VMware announced that customers could use Tanzu’s capabilities with EKS-D.
AWS Partner Rafay has a product called Managed Kubernetes Platform (MKP) that now integrates EKS-D, allowing you to easily provision and manage the lifecycle of EKS-D, whether that is on premises or in AWS. The Rafay MKP provides a nice wizard-driven approach, or use a declarative approach to automate the provisioning and ongoing lifecycle.
AWS Partner Nirmata announced it now has integrated support for cluster provisioning and life-cycle management of on-premises enterprise Kubernetes clusters using Amazon EKS-D into its Nirmata Day 2 Kubernetes platform, a solution that increases operational simplicity and provides enhanced supportability for enterprises.
If you are using Itsio, then you might be interested to know that AWS Partner Tetrate now supports Amazon EKS-D in Tetrate Service Bridge, a solution that provides application connectivity and seamless portability, allowing customers to choose the right time to move containerized workloads between on-premises and AWS cloud.
Finally, as a launch partner, AWS Partner Upbound has enabled EKS-D within the Upbound Cloud, the production implementation of popular open source control plane project that helps customers create reliable and secure Kubernetes clusters on-premises, in the cloud, and at the edge.
This was a quick round up of how AWS Partners are working to support customers with Amazon EKS Distro. To learn more, read the partner blog posts, and check out the re:Invent session by Raja Jadeja, Amazon EKS Distro: An open source distribution of Kubernetes.
- Alcide: Alcide and Amazon EKS Distro
- Aqua Security: Secure your Digital Transformation on Amazon EKS-Distro with Aqua
- Canonical: Amazon EKS Distro (EKS-D) snap
- Datadog: Announcing Datadog support for Amazon EKS Distro
- Epsagon: Amazon EKS Distro, Epsagon, and EKS Monitoring
- Instana: Instana brings best-in-class observability with the New Amazon Kubernetes distribution
- Kubermatic: Run Amazon EKS Distro With Kubermatic KubeOne
- Kubestack: Localhost EKS development environments with EKS-D and Kubestack (plus demo video)
- Nirmata: Nirmata delivers consistent hybrid cloud Kubernetes with AWS EKS Distro
- Pulumi: Getting Started with Amazon EKS Distro & Pulumi
- Rafay: How to Provision and Manage Amazon EKS Distro (EKS-D) Using Rafay
- Rancher: Deploying Amazon EKS Distro with RKE2
- Splunk: Monitor Amazon EKS Distro (EKS-D) with Splunk Infrastructure Monitoring
- Sumo Logic: Sumo Logic partners with AWS to monitor Amazon EKS Distro
- Sysdig: Security, compliance, and visibility for Amazon EKS-D
- Tetrate: Tetrate expands AWS partnership to bring enterprise grade Istio for EKS and EKS Distro
- Tigera: Tigera to Support Amazon EKS-Distro
- Upbound: AWS and Upbound Partner on EKS-D Launch
- VMware Tanzu: VMware Tanzu and Amazon EKS Distro Help Customers Make Best Use of Kubernetes
- Weaveworks: Weaveworks Brings GitOps to Amazon EKS Distro (plus demo with video)