Kubernetes on AWS

AWS ECS vs EKS: 6 Key Differences

 

What Is Amazon Elastic Container Service (ECS)?

What Is Amazon Elastic Kubernetes Service (EKS)?

Amazon Elastic Container Service (Amazon ECS) is a scalable managed service that lets you run and orchestrate a large number of containers. It is not based on Kubernetes.

 

To run a task, you use a task definition that defines containers. Tasks can be run in a service, which is a configuration that allows you to run and maintain multiple tasks simultaneously in a cluster. Tasks and services can be run via the AWS Fargate service, without having to manage the underlying servers. Alternatively, you can run on Amazon EC2 to gain more control.

 

Amazon ECS allows you to run and stop your containerized applications using simple API calls. You can enjoy standard Amazon EC2 features, as well as gain centralized control over the state of the cluster.

 

The placement of containers across a cluster can be scheduled according to your isolation policies, resource needs, and availability requirements. Amazon ECS operates your cluster and configuration management systems so you don’t have to handle or scale management infrastructure.

Amazon Elastic Kubernetes Service (EKS) lets you run Kubernetes on AWS as a managed service, while retaining compatibility with the open source K8s project.

 

The EKS service sets up and manages the Kubernetes control plane for you. Kubernetes is used to automate the deployment, scaling, and management of your container-based applications.

 

EKS maintains resilience for the Kubernetes control plane by replicating it across multiple Availability Zones. Unhealthy control plane instances are automatically detected and replaced, and version upgrades and patches are also applied automatically.

 

Amazon EKS lets you use existing tooling and plugins from the Kubernetes community. There is full compatibility between Amazon EKS and applications running on other Kubernetes environments. This makes it easy to migrate existing Kubernetes applications to Amazon EKS.

 

Learn more in our detailed guide to AWS EKS architecture

In this article, you will learn:

AWS ECS vs AWS EKS

1. Simplicity vs Flexibility

Amazon ECS is the AWS solution for managing containers at scale. It helps you speed up the process of building, deploying and migrating your containerized applications. Designed with simplicity in mind, Amazon ECS reduces the burden of setting up network, compute and security configurations, and managing scalability. For example, you don’t need to build a generalized abstraction if you need a load balancer—ECS seamlessly integrates features such as AWS Application Load Balancer (ALB) and Network Load Balancer (NLB).

A growing number of popular AWS services rely on ECS, including Amazon SageMaker, Polly, Lex and AWS Batch. The service is used by hundreds of thousands of customers, including many large enterprises.

Amazon EKS can handle the heavy lifting of building and running Kubernetes workloads at scale. Kubernetes is known for its vibrant community and ecosystem, open-source APIs and broad flexibility. With EKS, you can access the full power of Kubernetes features, while enjoying the convenience of a managed cloud service.

Amazon EKS provides the reliable, scalable, resilient and secure Kubernetes environment that allows Amazon.com to deliver great customer experience. If you want AWS resiliency when adopting Kubernetes, you should start with Amazon EKS.

Related content: read our guide to setting up an AWS Kubernetes cluster with EKS.

2. Pricing

Both ECS and EKS incur charges according to the resources used by your workloads, meaning that you pay for the EC2 machines that run your Kubernetes pods or ECS tasks. However, the main difference between ECS and EKS is that there is no extra charge for using ECS. Each EKS cluster costs $0.10 per hour, which amounts to an additional cost of up to $72 per month for every Kubernetes cluster you operate. Costs can add up if you plan to use multiple clusters.

For smaller scale operations, such as small microservices applications, you can use ECS without incurring extra costs. On the other hand, operations requiring high scalability may be better suited to EKS, because the savings you can generate with smart auto scaling and provisioning will be much bigger than the monthly cost of $72 per cluster.

3. Security

AWS offers a standard level of availability, reliability and security across all their services. Whether you are using ECS or EKS, you can control access to containers, pods, and tasks using AWS Identity and Access Management (IAM).

In terms of security, the difference between ECS and EKS is strictly operational—ECS has a deep integration with IAM while EKS requires add-ons to enable IAM functionality. Other options that enable similar functions in EKS, such as Kiam, have additional costs and add system complexity.

4. Portability

Amazon ECS is a proprietary technology by AWS. This means you will be locked into Amazon infrastructure and will not be able to move your clusters to another cloud provider or on-premises.

Amazon EKS is based on Kubernetes, so it has much better support for portability of workloads. You can run clusters in any other Kubernetes environment, whether on another cloud provider’s managed Kubernetes platform, a cloud-agnostic Kubernetes platform like Rancher, or plain self-managed Kubernetes.

5. Networking

When working with container services, it is important to have the ability to assign network interfaces directly to a task or pod. This improves security, letting you assign security groups to an individual group of containers, without opening all ports on the EC2 instance.

Amazon ECS lets you assign an elastic network interface (ENI) to a task, using awsvpc mode. Ordinarily, ECS allows only 8-15 network interfaces per EC2 instance. If you need more, the service now supports containers with a much higher limit for ENIs, but this requires special prerequisites. ECS lets you run up to 120 tasks per EC2 instance.

Amazon EKS lets you assign a dedicated network interface with a public IP address to a Kubernetes pod. This means all containers will share access to internal and external networks through this interface. In addition, you can also share an ENI between pods. Because EKS lets you run up to 750 pods per instance, it allows significantly more effective network interfaces per instance compared to ECS.

6. Community Support

Amazon ECS is not an open-source product, so it does not have a community as such. The product is supported by Amazon—see pricing for the available support plans.

Amazon EKS is based on Kubernetes, so you have access to the Kubernetes community, including Github repos, Slack channels, events, documentation, training resources, and more. You can also leverage the vast ecosystem of Kubernetes tools, Helm Charts, utilities and extensions.

Optimizing AWS ECS and EKS Storage with Cloud Volumes ONTAP

NetApp Cloud Volumes ONTAP, the leading enterprise-grade storage management solution, delivers secure, proven storage management services on AWS, Azure and Google Cloud. Cloud Volumes ONTAP capacity can scale into the petabytes, and it supports various use cases such as file services, databases, DevOps or any other enterprise workload, with a strong set of features including high availability, data protection, storage efficiencies, Kubernetes integration, and more.

In particular, Cloud Volumes ONTAP supports Kubernetes Persistent Volume provisioning and management requirements of containerized workloads.

Learn more about how Cloud Volumes ONTAP helps to address the challenges of containerized applications in these Kubernetes Workloads with Cloud Volumes ONTAP Case Studies.

New call-to-action

Yifat Perry, Product Marketing Lead

Product Marketing Lead

-
X