EKS Foundational Platform
Amazon EKS is a managed Kubernetes service that allows you to run Kubernetes in AWS cloud and on-premises data centers. AWS handles the availability and scalability of the Kubernetes control plane, which oversees tasks such as scheduling containers, managing application availability, and storing cluster data. With EKS Auto Mode, AWS also manages compute (node provisioning), networking (load balancers), and storage (EBS CSI), significantly reducing operational overhead. We use Karpenter Node Pools for additional compute configurations and EKS Capabilities for managed Argo CD, ACK, and KRO. Be aware that you'll need to upgrade the cluster quarterly due to the significant pace of Kubernetes innovation. Although EKS has a steeper learning curve compared to ECS, it offers greater flexibility and control, making it ideal for organizations already utilizing Kubernetes.
The Problem
Although Amazon EKS is a managed service, there is still much that is needed to set up any given cluster. First of all, we must decide how we want to deploy Nodes for the cluster. EC2 instance backed nodes, Amazon Fargate, or Karpenter all provide solutions for the foundation of a cluster. Next we must provide a method to authenticate with the cluster. Amazon IAM roles can grant API access to the EKS service but do not grant control within Kubernetes. Kubernetes system roles are native to the cluster, but we need to be able to scope finer access of users and resources than what is provided natively. Furthermore, we need to connect each cluster to our network and DNS architecture. Clusters must be secure and protected from the public internet, yet developers still need to be able to connect and manage cluster resources. And finally, we need a place to storage application data.
Our Solution
Cloud Posse deploys EKS through a number of components. Each component has a specific responsibility and works in harmony with the rest. We deploy an EKS cluster with EKS Auto Mode enabled, which delegates compute, networking, and storage management to AWS. Auto Mode automatically provisions nodes, manages load balancers, and handles core addon lifecycle. We configure EKS Capabilities — such as managed Argo CD, ACK, and KRO — directly through the cluster component. We then deploy a set of operators for the cluster that connect it to our network and DNS architecture. Simply adding the relevant annotation to a given resource triggers the creation and management of Load Balancers in AWS, adds routing to the relevant Route 53 Hosted Zone, provisions certificates, and more. These resources set the foundation for any application platform. From this foundation, your application will be fully secure, scalable, and resilient.