AWS releases EKS Platform Version 2; adds support for Horizontal Pod Auto Scaling and Kubernetes Metrics Server



Amazon Web Services (AWS) announced that its Amazon Elastic Container Service for Kubernetes (EKS) platform version eks.2 is now available. This update enables API Aggregation for EKS clusters, adding support for Horizontal Pod Auto Scaling and the Kubernetes Metrics Server. This makes it easy to scale Kubernetes workloads managed by Amazon EKS in response to custom metrics.

Previously, HPA was not supported by Amazon EKS because any component with a dependency on API Aggregation, such as the Kubernetes Metrics Server, would not start if the core Kubernetes API server was not using Client Certificate Authentication. Amazon EKS uses only webhook authentication to provide integration with AWS Identity and Access Management (IAM).

Now, the Kubernetes Metrics Server supports webhook authentication, including with AWS IAM. This makes it possible to use the Kubernetes Metrics Server and Horizontal Pod Autoscaling for Amazon EKS clusters and ensures a consistent authentication mechanism for EKS clusters that maximizes cluster security.

This integration enables users to scale Kubernetes services based on metrics that the user defines, making it easier to run production workloads with Amazon EKS.

Amazon EKS platform versions are used to refer to a specific patch version of Kubernetes, as well as the Kubernetes API server configuration. New platform versions are released to reflect when Kubernetes patch versions are released or changes are made to how EKS has configured the Kubernetes API server.

All EKS clusters created earlier are on PlatformVersion eks.1, and new clusters will be on the latest platform version (currently eks.2). Clusters running PlatformVersion “eks.2” have API Aggregation enabled and, as a result, support the Horizontal Pod Autoscaler and Kubernetes Metrics Server. Users must adopt version 0.3.0 or greater of Kubernetes Metrics Server with Amazon EKS. Over the coming weeks, all EKS clusters will be patched and will move to the “eks.2” platform version.

Amazon EK) is a managed service that makes it easy to run Kubernetes on AWS without needing to stand up or maintain own Kubernetes control plane. Kubernetes is an open-source system for automating the deployment, scaling, and management of containerized applications.

Amazon EKS runs Kubernetes control plane instances across multiple Availability Zones to ensure high availability.

Amazon EKS automatically detects and replaces unhealthy control plane instances, and it provides automated version upgrades and patching for them. Amazon EKS is also integrated with many AWS services to provide scalability and security for applications, including Elastic load balancing for load distribution; IAM for authentication; and Amazon VPC for isolation.

Amazon EKS runs up-to-date versions of the open-source Kubernetes software, so that users can adopt existing plugins and tooling from the Kubernetes community. Applications running on Amazon EKS are fully compatible with applications running on any standard Kubernetes environment, whether running in on-premises data centers or public clouds. This means users can migrate any standard Kubernetes application to Amazon EKS without any code modification required.

Previously, HPA was not supported by Amazon EKS because any component with a dependency on API Aggregation, such as the Kubernetes Metrics Server, would not start if the core Kubernetes API server was not using Client Certificate Authentication. Amazon EKS uses only webhook authentication to provide integration with AWS Identity and Access Management (IAM).

To solve this, we made modifications to upstream Kubernetes in order to allow the Metrics Server to work with a Kubernetes API server configuration that does not use Client Certificate Authentication. AWS worked with the Kubernetes community to merge this change upstream and add this change into Kubernetes versions 1.9, 1.10, and 1.11.

Now, the Kubernetes Metrics Server supports a Kubernetes API server that uses webhook authentication. This makes it possible to use the Kubernetes Metrics Server and Horizontal Pod Autoscaling for Amazon EKS clusters, and ensures a consistent authentication mechanism for EKS clusters that maximizes cluster security. This allows users to scale Kubernetes services based on metrics that can be defined, making it easier to run production workloads with Amazon EKS.

 

Leave a Reply

WWPI – Covering the best in IT since 1980