Naturally AWS is one of the primary Cloud providers for implementation of Cloud Native practices.
Amazon is proactively working the Cloud Native Computing Foundation (CNCF) to integrate components with AWS ECS for container network interface (CNI). AWS native VPC networking will work with CNI plugin. It means CNIs can operate at the same networking efficiency that AWS instances enjoy with each other.
In order to run containers, developers have to set up AMIs, daemons, and IAMs. AWS Fargate allows developers to run containers without the worry of managing servers and clusters. As you would expect they support container implementation like Kubernetes and Docker.
CodeStar, CodeCommit, CodePipeline, CodeBuild and CodeDeploy offers a DevOps ‘toolchain’ for speeding the software development, build and deploy lifecycle. CodeDeploy also supports GitHub so that you can deploy application revisions stored in GitHub repositories or Amazon S3 buckets to instances.
AWS offers an excellent range of best practice white papers explaining the best practice use of the services, such as an Introduction to DevOps, Practicing Continuous Integration and Delivery on AWS, and using Jenkins on AWS, their dedicated blog offers regular insights, and this video offers guidance from one of their presentations, describing Cloud Native DevOps on AWS.
Kubernetes as a Service
Amazon is also concentrating on Kubernetes integration with AWS installers, IAM security, and EKS, etc. Around 63% of all Kubernetes workloads run on AWS. Amazon is investing resources to ensure the Kubernetes users get a better experience.
An important component of the Kubernetes implementation on AWS is keeping it open source. AWS is not using a forked version of the platform. It is working with the community to reach consensus on any new feature or update.
However, Amazon is trying to ensure seamless Kubernetes integration with AWS features. Here are a few key integrations:
- IAM Authentication with Kubernetes: AWS is working with Heptio to create an open source project to integrate Kubernetes access and AWS IAM authentication.
- IAM Roles for Pods: The kube2iam open source project handles another part of Kubernetes management. Instead of sharing IAM credentials, containers inside Kubernetes clusters get their own IAM credentials based on annotations. AWS is also working on integration with both Hashicorp Vault and Secure Production Identity Framework for Everyone (SPIFFE).
Amazon has taken all the learning and features from their work with Kubernetes customers and created Amazon Elastic Container Service for Kubernetes (Amazon EKS). It is a fully managed service that will use the open source version of the system to run Kubernetes clusters. Customers wouldn’t have to worry about installing and operating the Kubernetes master or configuring a cluster of workers.
Amazon EKS is still under development. It is being created on the following tenets:
- Intended for enterprises to run production-grade workloads.
- Provide a native and upstream Kubernetes experience.
- Make the integration seamless and eliminate extra work.
- Actively contribute to the Kubernetes project.
Currently, Amazon is working to get EKS released in 2018. Amazon Fargate integration with EKS will take place later.