T-Systems-Claim-Logo
Search
Birds-eye view of cargo containers

Managed EKS Service solves Kubernetes challenges

Using AWS as the foundation for your Kubernetes application workloads (K8s), T-Systems launches managed EKS service  

January 24 2022Madhu Kumar Yeluri

High visibility and security for your K8s

Kubernetes is the de-facto standard for running containerized, cloud-native applications at scale and is vital to the modern enterprise IT mix. But the container ecosystem is rapidly evolving with open-source projects, so keeping pace with change is difficult. We can add value to your organization with our Managed EKS service, developed by our container and K8s specialists using AWS’s cloud-native services.

A brief history of Containers

numerous different icons such as the recycle and wifi sign with a hand using a phone in the background

Containers have been around since the 1970s for creating an isolated environment where applications and services can run without interfering with other processes. Containers began as a Linux kernel process isolation construct encompassing cgroups (control groups). The release of Docker in 2013 popularized containers for the masses. Docker packages software into standardized units called containers with everything the software needs to run, including libraries, system tools, code, and runtime. 

Origin of Kubernetes

Around 2003-2004 Google developed an internal ‘run everything in containers mechanism’ called Borg - the predecessor to Kubernetes. In 2015, Kubernetes 1.0 (K8s) was released and quickly became the accepted container orchestration standard. Kubernetes is an open-source container orchestration engine for automating deployment, scaling, and managing containerized applications.
Kubernetes is Greek for pilot or helmsman, hence the steering wheel in the Kubernetes logo. 

A bright future for Kubernetes 

Gartner forecasts that container management revenue will grow from a relatively small base of $465.8 million in 2020 to $944 million in 2024. Gartner also predicts that, in 2022, over 75% of global organizations will be running containerized applications in production - a significant increase from under 30% in 2019. Further, Red Hat’s Kubernetes adoption, security and market trends report 2021 placed Kubernetes as the front runner for container orchestration.  

The classic challenges with Kubernetes

Architecture and technology innovation leaders invest in container platform tools to improve productivity and agility and reduce technical debt. And while it's plain that Kubernetes is a popular platform for building cloud-native applications, the Cloud Native Computing Foundation (CNCF) identified that several factors – such as culture and skills shortages, give rise to challenges. For example, around security, complexity, and monitoring. Further, many enterprises lack mature DevOps practices to operationalize and succeed with large-scale deployments.

According to Red Hat, misconfiguration is the top reason for Kubernetes-related security incidents, and 29% of those surveyed said their biggest concern about their company’s container strategy was a lack of investment in container security.

What is Amazon EKS?

Diagram of the EKS architecture

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service for running and scaling Kubernetes applications in the cloud or on-premises. The benefits of having Kubernetes on Amazon EKS include reduced maintenance overhead and ease of integration with AWS services.

How Amazon EKS helps security

Due to the nature of the public cloud, data protection measures are paramount. AWS services like Key Management Service (KMS) help encrypt persistent data used in EKS Clusters. For example, EBS volumes attached to EKS worker nodes. 
With Identity and Access Management (IAM) identity-based policies, you can specify allowed or denied actions and resources as well as the conditions under which activities are permitted or prohibited. Amazon EKS supports specific actions, resources, and condition keys.
We have adopted AWS’s Well-Architected Framework’s Security pillar principle for our EKS managed service, which will help you meet your business and regulatory requirements by following current AWS recommendations.

Our cloud native managed EKS service

Our managed EKS service addresses the common challenges around security, monitoring, back-up and restore, operational overhead, and maintenance. We’re planning to introduce more features soon.

Our service includes:

  • Amazon Elastic Kubernetes Service (EKS) – K8s Cluster provisioning
  • AWS Key Management Service (KMS) – Security – encryption of data at rest
  • Terraform – Infrastructure as Code (IaC) – Automation for EKS Landing zone
  • Identity and Access Management (IAM) – Fine-grained access control
  • Amazon CloudWatch / OpenSearch – Logging
  • Amazon Managed Service for Prometheus – Metric collection
  • Amazon Managed Service for Grafana – Monitoring/Dashboards

The benefits of our managed EKS service

Collectively, these advantages distinguish our managed EKS service from our competitors: 

  • Cost-effective - no requirement to purchase hardware or pay expenses during downtime
  • Time-saving - no need to spend time setting up and maintaining the core stack
  • Speed to market - accelerate the creation of your applications
  • Future-proof - the combined power of T-Systems and AWS Managed services lets you build future-proofed applications
  • Enhanced security - T-Systems and AWS continuously invest in security technologies and expertise
  • Dynamically scale – our solution helps rapidly add capacity in peak times and scale down as needed
  • Consultancy - our T-Systems AWS and CKA certified professionals can help you build custom solutions

Optimize your EKS estate with a review

The path to business agility is undeniably through adopting cloud-native applications, and Kubernetes plays a central role. Organizations that combine Kubernetes and cloud-native managed services are more likely to see positive results faster than working with Kubernetes alone. 
T-Systems is continuously working on expanding our container and K8s managed solutions. The scope of future releases for our Managed EKS service includes Container (Pods) Security, Multi-Tenancy, App Mesh, and Kafka (Amazon MSK), to mention a few.
Our EKS Well-Architected Review will equip you with essential guidance to optimize your EKS estate, apply best practices, realize cost savings, and more. As you might expect, we base our approach on AWS's Well-Architected Framework. To learn more, click here: EKS Well-Architected Review.

About the author
IM-Kumar-Yeluri-Madhu

Madhu Kumar Yeluri

Principal Cloud Architect, T-Systems International GmbH

Show profile and articles

Get our insights straight to your mailbox

Get the best expert tips on events, best practices, white papers and more.

This may also interest you

Do you visit t-systems.com outside of Germany? Visit the local website for more information and offers for your country.