CLD110 · Module 6 — Compute Services

Amazon EKS

Elastic Kubernetes Service — managed Kubernetes on AWS
EKS Kubernetes Containers Managed Service
Mesa Community College · AWS Academy
cld110_eks

What is Kubernetes?

Kubernetes (K8s) is an open-source container orchestration system originally developed by Google. It automates deployment, scaling, and management of containerized applications.

What Kubernetes does
  • Schedules containers onto nodes
  • Restarts failed containers automatically
  • Scales workloads up and down
  • Manages networking between containers
  • Rolling updates and rollbacks
  • Secrets and configuration management
The challenge with self-managed K8s
  • Running a production K8s cluster is operationally complex
  • The control plane (API server, scheduler, etcd) must be highly available
  • Upgrading Kubernetes versions is time-consuming and risky
  • Security patching of control plane components is ongoing work

This is where EKS fits: AWS runs and manages the Kubernetes control plane for you — you focus on deploying your workloads.

cld110_eks

EKS architecture: control plane & data plane

EKS architecture The EKS control plane (managed by AWS) contains the Kubernetes API Server, Scheduler, Controller Manager, and etcd. It runs across multiple AZs. Below it, the data plane contains worker nodes (EC2 or Fargate) that run pods containing containers. CONTROL PLANE — managed by AWS (runs across multiple AZs, always HA) API Server kubectl / clients entry point for all ops Scheduler Assigns pods to nodes based on resources Controller Manager Maintains desired state node, replication, endpoint etcd Distributed key-value store all cluster state lives here DATA PLANE — your worker nodes (EC2 or Fargate) Worker node 1 Pod container(s) Pod container(s) Pod container(s) Worker node 2 Pod container(s) Pod container(s) Fargate (serverless nodes) Pod isolated VM Pod isolated VM

AWS manages the control plane. Your team manages the data plane — either as EC2 worker nodes (managed node groups) or as serverless Fargate pods.

cld110_eks

Key Kubernetes concepts

Pod

The smallest deployable unit. One or more containers that share a network namespace and storage.


Each pod gets a unique IP inside the cluster. Containers in a pod communicate via localhost.

Deployment

Declares the desired number of pod replicas. Controller Manager ensures the count is maintained.


Rolling updates and rollbacks are managed by the Deployment controller.

Service

A stable DNS name and IP that load-balances across matching pods.


Pods come and go; a Service gives clients a consistent endpoint regardless.

Namespace

Virtual partition inside a cluster. Separates teams, projects, or environments (dev/staging/prod) within one cluster without separate infrastructure.

ConfigMap / Secret

ConfigMaps store configuration as key-value pairs; Secrets store sensitive data (passwords, tokens) in base64-encoded form and can be consumed by pods as env vars or mounted files.

cld110_eks

Data plane options: node groups vs Fargate

Consideration Managed node groups (EC2) Fargate profiles
What you manage Node AMI updates (AWS automates rolling update) Nothing — AWS manages all compute
Visibility EC2 instances visible in your account No visible instances
Pod isolation Shared OS on each node Each pod in its own micro-VM
GPU / special hardware Yes — choose GPU instance types No
DaemonSets Supported Not supported
Pricing EC2 instance pricing + EKS cluster fee Per-pod vCPU/memory + EKS cluster fee

You can mix node groups and Fargate profiles in the same cluster — use Fargate for stateless services, EC2 nodes for workloads that need DaemonSets or GPUs.

cld110_eks

ECS vs EKS: when to use which

Dimension Amazon ECS Amazon EKS
Orchestrator AWS-native, proprietary Kubernetes (open source, industry standard)
Learning curve Lower — simpler concepts Higher — K8s has a steep learning curve
Portability AWS-only K8s runs anywhere — GKE, AKS, on-prem
Ecosystem / tooling AWS native integrations Massive K8s ecosystem (Helm, Istio, ArgoCD…)
Operational overhead Lower Higher — more components to understand
Cost No control plane fee (ECS is free) $0.10/hr per cluster control plane
Best for AWS-only orgs, simpler container workloads Multi-cloud, existing K8s workloads, advanced orchestration
cld110_eks

Key takeaways

  • EKS = managed Kubernetes — AWS runs the control plane; you run workloads on the data plane
  • Control plane HA is automatic — AWS handles etcd replication and API server availability across AZs
  • Two data plane options: EC2 managed node groups (more control) or Fargate (serverless)
  • ECS vs EKS: choose ECS for simplicity on AWS, EKS for portability and the K8s ecosystem
  • kubectl works with EKS exactly as it does with any other Kubernetes cluster
The mental model

EKS gives you Kubernetes without the overhead of operating Kubernetes. The hard parts (HA control plane, etcd, upgrades) are AWS's problem.

If your team already knows Kubernetes or needs to run the same workloads across clouds, EKS is the right choice. For a simpler, AWS-native experience, ECS is faster to get started.

cld110_eks

Review questions

Recall
  • In EKS, which parts of Kubernetes does AWS manage, and which do you manage?
  • What is a Pod? How does it differ from a container?
  • What is the EKS control plane fee per hour?
  • Which EKS data plane option runs each pod in its own isolated VM?
Apply
  • A company runs Kubernetes on-premises and wants to migrate to AWS while keeping the same tooling and manifests. Should they use ECS or EKS? Why?
  • A team needs to run a GPU-based ML inference workload on EKS. Should they use Fargate profiles or managed node groups?
  • Your team is new to containers and is starting a greenfield AWS project. Which container orchestration service has a lower barrier to entry?

Module 6 summary: EC2 → Auto Scaling → Beanstalk → Lambda → ECS/Fargate → EKS — from full server control to fully serverless, this module covered the complete AWS compute spectrum.

cld110_eks