This content is part of the Essential Guide: Containers-as-a-service providers take some pressure off IT

Kubernetes on AWS users cheer, as AWS joins CNCF

It's Christmas in August for DevOps shops that favor Kubernetes for container orchestration and AWS for public cloud infrastructure.

AWS is finally on board with Kubernetes.

Amazon Web Services has joined the Cloud Native Computing Foundation (CNCF) as a platinum member. The CNCF is an open source governance organization created to oversee Kubernetes and other container-related technologies. IT pros who have already deployed Kubernetes on AWS said they hope this portends improved integration, new features and better support for the container orchestration platform in the public cloud.

AWS will contribute to CNCF projects Kubernetes and containerd, which was donated by Docker earlier this year. Adrian Cockcroft, a former Netflix engineer who is now vice president of cloud architecture strategy at AWS, represents AWS on the CNCF board of directors.

"A recent CNCF survey reports that 63 percent of respondents host Kubernetes on Amazon EC2 [Elastic Compute Cloud]," Cockcroft wrote in a blog post. He indicated that AWS will contribute code to Kubernetes, and he said he sees "opportunities to propose existing and future AWS open source projects to be incubated by CNCF."

This move represents an about-face for AWS around container orchestration. The company mystified industry observers last year when it launched its own AWS Blox container orchestration project.

However, there have been some recent hints that this was coming, with updates to projects that support Kubernetes on AWS, such as kops for creating Kubernetes clusters on EC2. Public documents revealed late last month that AWS attended recent meetings of the Kubernetes AWS Special Interest Group. Amazon previously indicated it intends to develop upstream Kubernetes as part of its expanded partnership with Red Hat on OpenShift in May 2017.

Kubernetes on AWS users line up with wish lists

Users who run Kubernetes on AWS already have wish lists for the container orchestration platform that has quickly gained popularity this year on the most popular public cloud.

"I would like to see them create a managed Kubernetes offering," said Cole Calistra, CTO of Kairos AR Inc., in Miami. The company provides human facial recognition and analytics algorithms for developers.

Calistra said he wants that offering to completely abstract the underlying infrastructure and integrate it into existing AWS products, such as Identity and Access Management, CloudWatch and EC2 Container Registry.

"[Something] more similar to Microsoft's Azure Container Instances, where you just deploy your containers and don't care about the underlying infrastructure ... but with Kubernetes primitives underlying it," he said.

Consultants that work with enterprises also have ideas about what AWS should do, particularly with the EC2 Container Service (ECS).

"My experience with ECS is that it doesn't have the same depth and, more importantly, on-premises capability that Kubernetes provides," said Chris Riley, director of solutions architecture at cPrime Inc., a consulting firm in Foster City, Calif., that focuses on Agile software development. "AWS would be best served to create a professional container service via Kubernetes and make ECS [a variant like] Elastic Beanstalk, simply an onboarding option for new container users."

Unlike ECS, Kubernetes is open source software that could reduce lock-in and is supported by a large community, Riley said. In his experience, performance and scalability are better documented and identified by Kubernetes contributors with thousand-pod tests and other publicly accessible data, as well as easy access to health checks and auditing and logging for deployments.

Kubernetes also offers more options for storage via two different interfaces, as well as better labelling to tag containers in pods. Riley also said he likes the direction of Kubernetes when combined with a new project called, which enables mutual Secure Sockets Layer connections between pods and hosts and refines secrets management.

Kubernetes on AWS a key piece of multicloud portability puzzle

Other customers that use Kubernetes on AWS foresee a seismic change in the public cloud computing market as a result of Amazon's decision to join CNCF. Now that all the major cloud platforms -- AWS, Microsoft Azure, Google Compute Cloud and IBM Bluemix -- support Kubernetes,  container portability across public clouds will become a practical reality for many enterprises.

"We want the ability to move, but we're not moving on a day-to-day basis," said Barry Libenson, global CIO for credit bureau Experian PLC, headquartered in Dublin. "But if there are pricing changes or reliability problems, we would like the ability to easily migrate our apps."

Amazon acknowledges and understands the enterprise reality is hybrid IT -- not just to avoid lock-in, but for cost, performance, data sovereignty, compliance and security reasons.
Jay Lymananalyst, 451 Research

Experian forbids its developers to attach their apps to any secondary public cloud services, such as Amazon's DynamoDB NoSQL database service, to maintain that portability. This raises concerns about how cloud service providers -- other than the very biggest in Azure and AWS -- will compete and remain viable businesses long term.

"I don't think the landscape is big enough for all the current players," Libenson said. "I don't know how they're going to differentiate themselves when we don't want differentiated services but portability."

This won't apply to every customer, of course. And portability utopia is far from assured, as Kubernetes versions are released at a quarterly clip, sometimes with expanded or deprecated features that break backwards compatibility. Moreover, cloud service providers can cause portability problems with proprietary extensions and patches to the software, said Gary Chen, analyst with IDC.

Ultimately, it is unknown what sort of services AWS will deliver based on these efforts. However, AWS' CNCF participation, and its recent partnerships with Red Hat and VMware, portend significant changes to Amazon's hybrid cloud strategy.

"Amazon acknowledges and understands the enterprise reality is hybrid IT -- not just to avoid lock-in, but for cost, performance, data sovereignty, compliance and security reasons," said Jay Lyman, analyst with 451 Research. Lyman's point of view is backed up by a 451 Research survey of 201 enterprise IT decision-makers in April. In the survey, 57% indicated they expect to deploy containers as a service across a combination of on-premises and public cloud infrastructures.

Beth Pariseau is senior news writer for TechTarget's Data Center and Virtualization Media Group. Write to her at [email protected] or follow @PariseauTT on Twitter.

Next Steps

Docker partnership with Azure increases cloud portability options

Cloud containers strengthen IT security

If cloud portability is the goal, think containers, not VMs

Dig Deeper on Managing Virtual Containers