Cloud Networking and Security Designs for Amazon EKS

Cloud Networking and Security Designs for Amazon EKS

Aviatrix
Published by: Research Desk Released: Jun 16, 2021

Kubernetes based workloads are on the rise in both on-premises data centers and in the cloud. On-premises, enterprises leverage tight control over how Kubernetes clusters are created, deployed and networked. However, Kubernetes in cloud, while simplified, introduces challenges because enterprises lose much of the control they are used to. For example, while Kubernetes Container Network Interfaces (CNI) for intra cluster networking is very robust, a challenge many cloud architects face is networking and security for traffic egressing or ingressing Kubernetes clusters.

In this session, we will focus on how you can gain advanced networking and security controls for your Amazon EKS deployments. Additional TechTalks are planned specifically for Azure AKS and Google GKE. With Amazon EKS as the focus we will discuss:

  • Cloud networking deployment options for Amazon EKS
  • VPC CNI IP addressing considerations (e.g. Nodes, Pods, NAT)
  • Networking designs for inter-cluster and shared services
  • Security designs for firewall service insertion, network segmentation and ingress traffic considerations