Amazon has launched the Amazon Elastic Kubernetes Service (EKS) Anywhere for Snowball. This release automates the creation and management of EKS clusters on AWS Snowball Edge devices. These devices can run with or without an internet connection.
Solution Overview
- An AWS Snowball Edge appliance is connected to a local area network (LAN) router via an RJ45, SFP+, or QSFP+ physical network interface and is assigned a routable IP address on the LAN subnet using Dynamic Host Configuration Protocol (DHCP).
- Two virtual network interfaces are created to connect two Amazon Elastic Compute Cloud (Amazon EC2) instances to the physical network interface of the AWS Snowball Edge appliance for further administration.
- For disconnected environments without Internet access, a local Harbor registry can be hosted on an Amazon EC2 instance located on the AWS Snowball Edge appliance.
- The workflow for creating a cluster starts from an Amazon EKS Anywhere administrative instance (EKS-A Admin) running on the AWS Snowball Edge appliance, where a kind of bootstrap cluster running in a Docker container ingests a cluster configuration file to create the corresponding Amazon EKS Anywhere cluster.
- Cilium is used as a container network interface (CNI) plugin, and direct network interfaces (DNIs) are created and associated with each cluster node, allowing capsules to communicate with each other without network address translation (NAT).
- The kube-vip is used as a control plane load balancer. In this context, kube-vip operates as a static module on the control plane nodes and will use the Address Resolution Protocol (ARP) to update the route mapping between the virtual IP address (VIP) of the cluster endpoint and the corresponding hardware Media Access Control (MAC) address upon failure. kube-vip also uses the Kubernetes Go client library to perform leader selection for new nodes on the control plane in the event of a failure.
Getting Started
Prior to ordering an AWS Snowball Edge appliance to host an Amazon EKS Anywhere cluster, you must first perform the necessary steps to build an Amazon EKS Distro Amazon Machine Image (AMI) based on the Ubuntu 20.04 LTS – Focal subscription from the AWS Marketplace using Kubernetes Image Builder.
The generated template manifest contains default configurations for several different objects, including a Clusterobject, a SnowDatacenterConfig object, and two SnowMachineConfig objects for the corresponding control plane and data plane nodes.
Some of the attributes for these objects will need to be changed based on the specific configuration of your local network, while others can be optionally changed to meet the requirements of your particular use case. For example, each SnowMachineConfig object should reference the Amazon EKS Distro Ubuntu AMI as well as the physical network interface IP address for each target device you want to allocate your nodes to.
AWS partners can validate their compliance solutions using the Amazon EKS Anywhere compliance and validation framework. At the time of writing, several partners have validated, including HashiCorp, Dynatrace, Kubecost, and Sysdig.
Snow’s Amazon EKS Anywhere is now in general availability. In addition to the pricing model for AWS Snowball, an additional subscription to Amazon EKS Anywhere Enterprise is required to obtain support for Amazon EKS Anywhere clusters.