More about Multicloud Storage
- Google Anthos: The First True Multi Cloud Platform?
- Amazon EKS Anywhere and ECS Anywhere Multicloud Services
- Azure Arc: Hybrid and Multicloud Deployment on Azure
- What is Block Storage: Pros, Cons, and Comparisons
- Multicloud Kubernetes: Centralizing Multicloud Management
- Multicloud Storage: Everything You Need to Know
- Multicloud Architecture: Partitioned, Cloud Burst and DR
- Google Hybrid Cloud with Anthos and Cloud Volumes ONTAP
- Creating a Multicloud Deployment Plan with Cloud Volumes ONTAP
- Hybrid Deployment with Google Anthos: An Intro
- Multicloud & Hybrid Architectures: Benefits and Challenges
The wide range of cloud providers and services available today in the market are putting hybrid and multicloud storage and compute technologies at top of mind to business decision makers and engineers alike.
In this post we’ll take a look at the new Amazon EKS and ECS Anywhere, two services that AWS is offering to target this growing cloud deployment strategy.
This article will cover:
- Kubernetes: The Central Technology Behind Hybrid and Multicloud Services
- AWS ECS Anywhere: The Simplest Way To Run Container Workloads In Any Environment
- AWS EKS Anywhere: Amazon Managed Kubernetes in Any Environment
- What’s Next for ECS & EKS Anywhere Open
- Storage Considerations for ECS and EKS
Kubernetes: The Central Technology Behind Hybrid and Multicloud Services
A technology often associated with hybrid and multicloud architectures is Kubernetes: an open-source project for orchestration of container-based workloads. In recent years, Kubernetes has been growing exponentially in both popularity and adoption by start-ups and large enterprises.
Kubernetes' vendor agnostic characteristics make it a very sought-after option to successfully implement hybrid and multicloud strategies that benefit from a strong technology alignment and common toolset across environments. These agnostic characteristics include:
- Rich features such as autoscaling and secrets management
- Strong support for both on-premises and cloud environments
Kubernetes has been at the core of the hybrid and multicloud managed service offerings from both Google, with Google Anthos), and Microsoft, with Azure Arc. Until recently, the only AWS option for addressing hybrid cloud needs was AWS Outposts, which is strictly a hardware-based solution. Despite having a managed Kubernetes service, AWS Elastic Kubernetes Service (EKS), Amazon never made it possible for users to extend the container infrastructure outside the AWS cloud environment. In truth, hybrid and multicloud were topics that Amazon purposely avoided for a long time, but the fierce competition combined with today’s enterprise cloud needs made AWS re-think it’s strategy.
The recent launch of the Anywhere feature for AWS ECS and EKS clusters represents a pivotal change for Amazon.
AWS ECS Anywhere: The Simplest Way To Run Container Workloads In Any Environment
Amazon Elastic Container Service (Amazon ECS) was the first AWS-managed container orchestration service. ECS gives AWS customers an easy-to-use control plane that makes it simple to run container-based workloads, either via virtual instances (EC2) or fully serverless (Fargate), while integrating natively with additional AWS managed services such as CloudWatch and App Mesh to provide enhanced capabilities such as service mesh, logging, metrics, among others.
What Is AWS ECS Anywhere?
The introduction of the ECS Anywhere feature gives AWS customers the possibility to deploy their ECS tasks in non-AWS environments. The same easy-to-use management layer, which is defined by the customer in a given AWS Region, is always up to date and can govern all the resources within the cluster regardless of their location and execution environment.
Any machine in a non-AWS environment can become part of an ECS cluster in three simple steps:
- AWS Systems Manager (SSM) agent is set up in a physical or virtual machine, turning it into a “managed instance.”
- The new converged version of the AWS ECS agent is installed and configured in the machine/managed instance, enabling it to register into an existing ECS cluster.
- A new ECS Launch type “EXTERNAL” in addition to “EC2” and “FARGATE” will appear and be made available to the ECS cluster.
AWS ECS Anywhere high level view
The information exchanged between the external “managed instance,” where the Anywhere feature was configured and the Amazon ECS cluster control plane in the cloud is kept to a minimum. Only the information required to manage ECS tasks in that machine is included, such as host and container health. In case the connectivity between the external machine and ECS control plane is interrupted, the container tasks will continue running as before, and only the ability to update, scale tasks, or use other AWS services is affected.
Use Cases Enabled by AWS ECS Anywhere
One interesting aspect of ECS Anywhere is that the container tasks deployed outside AWS infrastructure, using the EXTERNAL launch type, are able to interact with cloud services within the ECS cluster AWS Region as if they were located there. They can also benefit from the local network connectivity of their real physical location.
These two benefits enable use cases where the system can benefit from having some application business logic close to local proximity services due low latency and high bandwidth requirements, such as mass processing of video files that exist in the organization premises.
Because ECS Anywhere is completely infrastructure agnostic, you can enroll any machine or device with a supported operating system capable of running the ECS and Systems Manager agents, such as virtual machines, bare metal servers and even small single-board computers like a Raspberry PI. This low barrier in terms of enrollment requirements gives the ability to easily fulfill any use case that requires the placement of a few container microservices outside AWS, including edge locations, without the constraints and operational requirements of a data center.
AWS EKS Anywhere: Amazon Managed Kubernetes in Any Environment
A microservices architecture can easily grow large and become quite complex. Larger container-based systems bring additional challenges that might prove difficult when compared to a simple container orchestration service like ECS.
Kubernetes on the other hand, is capable of handling complex architecture requirements and comes with out-of-the-box features such as:
- DNS management
- Secrets management
- Load balancing
- and more.
AWS Elastic Kubernetes Service (EKS) is a managed service for teams that want to use Kubernetes without the hassle of operating the entire infrastructure by themselves. EKS provides a fully managed Kubernetes control plane and, similarly to ECS, enables containers to run on top of EC2 or Fargate using Kubernetes pods.
Meet AWS EKS Anywhere
Kubernetes is known for enabling a certain level of portability across environments such as on-premises or different cloud providers. However, until the EKS Anywhere feature was announced, Amazon EKS customers were bound to the available AWS infrastructure to choose where to deploy their workloads. EKS Anywhere gives customers the ability to use Kubernetes clusters, made by their own virtual or physical machines, as a new deployment option.
Customers can either use their usual operating system (as long as it's supported), or the Amazon EKS Distro operating system. EKS Distro is the same Kubernetes distribution used in AWS and that includes out-of-the-box optional defaults for node OS, container runtime, service load balancer, container network interface (CNI), and ingress and storage classes consistent with AWS EKS Anywhere deployment target capabilities.
EKS Distro can be used to create a Kubernetes cluster in a non-AWS environment, providing a standard, secure and community supported version of Kubernetes, that is fully compatible with any open source cluster management tooling. EKS Anywhere works as a management layer and automation tooling for these clusters outside AWS infrastructure, enabling an easier cluster operation, lifecycle management, observability, backups and policy management.
AWS EKS Anywhere high level view
AWS EKS Anywhere Capabilities
An AWS EKS architecture that uses the Anywhere feature to manage clusters located on non-AWS infrastructure gives a similar level of capabilities compared to clusters deployed in AWS regions.
Some interesting out-of-the-box advantages compared with the operating a vanilla Kubernetes cluster:
- Built-in integration with AWS App Mesh (service mesh)
- Observability using centralized AWS logging and metrics collection (including Prometheus and Grafana support)
- Cluster backup/restore operations using snapshots stored in AWS S3 buckets
- OAuth and Open ID Connect federation with AWS IAM
- Cost management and optimization toolkit
- Perform compliance checks
- Audit trail reporting
- Enforcement of configuration policies
- AWS Premium support
However, it’s worth keeping in mind that most of these advantages require full, or at least partial, connectivity with the AWS EKS control plane.
Cluster Connectivity Support in AWS EKS Anywhere
AWS Kubernetes clusters operating in non-Amazon infrastructure have three types of connectivity support:
- Fully connected: When all clusters have permanent connectivity to EKS Anywhere, you gain complete infrastructure visibility using the EKS Web UI Console plus all aforementioned capabilities.
- Partially connected: When a cluster intermittent disconnects from the AWS EKS management layer for a certain period of time. While the applications will continue running in the cluster, certain features such as centralized logging and the EKS Web UI Console will only report information related to the last known state. Upon successful reconnection of the cluster, capabilities and data are restored in an eventual consistency manner.
- Disconnected: When a standalone cluster is created using the EKS Distro but not connected to AWS EKS management layer. Open source tools can still be used locally to operate the cluster.
Use Cases Enabled by AWS EKS Anywhere
AWS EKS Anywhere sets the bar a bit higher when it comes to the enrollment of machines/clusters compared with AWS ECS Anywhere. While it is a location-agnostic service, it requires either bare metal machines or virtualized infrastructure based on VMware vSphere 6.5 and up. Thus, it is not suitable for every environment and might create some compatibility constraints in a multicloud scenario.
A good AWS EKS example where the Anywhere feature brings several advantages is hybrid cloud. EKS Anywhere enables organizations to make the most of their existing on-premises infrastructure investments, by providing the same ways of working and tooling alignment to engineering teams, making infrastructure governance easier and decreasing the overall complexity.
What’s Next with ECS & EKS Anywhere Open?
When designing a new cloud architecture, it is preferable to keep all resources within a single provider. Of course, there are situations where that is simply not possible. Business and technical requirements might dictate that part of the workload needs to run elsewhere: a datacenter due to compliance or legislation, another cloud provider that offers a certain service or region, or even a remote edge device collecting metrics from its surroundings.
The Anywhere feature, allowed ECS and EKS customers to extend to those non-AWS environments using the same cloud-native ways of working, tooling and managed services that they are comfortable with. Using Anywhere, engineers don’t need to change their architecture and settle to use the lowest common denominator when it comes to the type of services (e.g. virtual machines) available between the different environments.
Amazon ECS and EKS Anywhere challenge the status quo by enabling AWS-native architectures to happen on top of any infrastructure location.
How About Storage for ECS and EKS?
One important aspect to consider, and that ECS and EKS Anywhere do not cover, is storage. Data accessibility and performance across independent physical locations can be challenging. In these scenarios, a service like NetApp Cloud Volumes ONTAP can make a big difference, provisioning and managing persistent storage volumes.
Cloud Volumes ONTAP is NetApp’s data management platform for hybrid and multicloud use in AWS, Azure, and Google Cloud. Its features help protect and reduce the costs of containerized workload storage. Kubernetes and the new Anywhere products can be supplemented by a range of features:
Cloud Volumes ONTAP features for Multicloud Deployments
- Single-pane data governance from the Cloud Manager console
- Instant, zero-cost data volume cloning
- Space- and cost-efficient snapshots
- High availability across regions
- Data replication
- Storage efficiencies
The ability to extend these benefits to multiple clouds can go hand-in-hand with Anywhere usage and go a long way to making multicloud deployments more manageable and cost-effective.
Conclusion: More Clouds=More to Manage
With more reasons than ever to adopt the multicloud and hybrid approach, AWS EKS and ECS Anywhere are poised to join a growing number of mulitcloud services available today.
Cloud Volumes ONTAP provides a simple way to orchestrate a dispersed and diverse cloud deployment, all while adding vital features that can support these new products and deployments that range across the data center and the cloud. In addition to this data hybridity, it provides functionalities such as data tiering, increased performance, cloning, storage efficiency, making it ideal to use in hybrid and multicloud environments.