Amazon Web Services has emitted EKS Anywhere, enabling users to create on-premises Kubernetes clusters with tooling consistent with that in the public cloud service – though currently only VMware is supported for production.
The launch of EKS Anywhere means that AWS joins Google (with GKE on-prem, part of Anthos) and Microsoft (with Azure Kubernetes Service on Azure Stack HCI, in having an on-premises deployment option for its Kubernetes service.
It is a somewhat confusing story, though, since there are multiple ways to run AWS Kubernetes on-premises:
- EKS on Outposts, an Outpost being hardware and software that is supplied, installed, managed and patched by AWS, but running in the customer's data centre. (This is not EKS Anywhere though.)
- EKS Distro, this being an open source Kubernetes distribution which is used by EKS Anywhere. This is free but designed for self-management.
- EKS Anywhere. This builds on EKS Distro with additional management tools. It can be managed from the EKS console with a connector (in public preview) or via the command-line. A support subscription is available.
A blog post outlines some of the nuances.
The security model, according to AWS developer advocate Channy Yun, is that the customer is responsible, except that "AWS is responsible for building and delivering a secure tool. This tool will provision an initially secure Kubernetes cluster."
Support is also available from the open source community, by opening a GitHub issue.
AWS CEO (now Amazon CEO) Andy Jassy presents EKS Anywhere at re:Invent 2020
The advantage of EKS Anywhere is consistency with EKS in the cloud, particularly when managed via the connector, and the availability of AWS support. In many cases customers will use the AWS Controllers for Kubernetes, a collection of Kubernetes custom resource definitions and controllers which give access to AWS services.
"The idea behind AWS Controllers for Kubernetes (ACK) is to enable Kubernetes users to describe the desired state of AWS resources using the Kubernetes API and configuration language," the docs say.
The range of services covered is limited, and many of those that are listed are described as "Proposed" or "In progress," but some, including RDS (Relational Database Service) and S3 (storage service) are marked as Released.
Although called EKS Anywhere, only two environments are currently supported. One is development clusters using Docker, and the other is production clusters using VMware vSphere. AWS says that "other deployment targets will be added in future, including bare metal support in 2022."
GKE on-prem also requires VMware, while Microsoft's AKS on-premises runs on Hyper-V in either Windows Server 2019 or Azure Stack HCI.
The VMware requirement is a win for VMware, which has posted today about using EKS Anywhere with its Modern App Connectivity services.
EKS Anywhere is free to run, though AWS support begins at $24,000 per cluster per year, and VMware of course has its own licensing requirements. Another point to watch is bandwidth costs, incurred if an EKS Anywhere solution is pulling data down from the AWS cloud network.
- EKS appeal: 'Just snap install' it, says Canonical as AWS's container game goes hybrid
- AWS boss calls for racial justice, slams enterprise rivals, unveils a raft of real and promised services
- 75% of databases to be cloud-hosted by 2022, says Gartner while dishing on the weak points of each provider
- Google admits Kubernetes container tech is so complex, it's had to roll out an Autopilot feature to do it all for you
Content Delivery Network provider Cloudflare claims that AWS data egress charges have a markup of approaching 8,000 per cent in the USA and Europe – though AWS said that "our costs reflect the extreme levels of redundancy that our customers get in our data center and broader networks."
What is the point of EKS Anywhere? It is unlikely to cost less than EKS on the AWS cloud, and as a user on Hacker News noted, "to me the 4 main benefits of EKS is 1. managed control plain. 2. ebs storage integration. 3. amazon vpc network integration. 4. IAM integration. EKS anywhere provides none of these."
Perhaps the main use case is where some applications need to be run on-premises for compliance reasons, or where users have both the expertise and the requirement for full control over the hardware. Edge computing is another use case. Running on Kubernetes can also give a degree of application portability, but if that is the requirement, an AWS-flavoured Kubernetes distro is not the obvious solution. ®