In this edition we feature general availability of Amazon EKS support in SageMaker HyperPod and Benefits with Purpose Built Container OS, Bottlerocket.
Important Announcement
AWS is coming to Salt Lake City for KubeCon + CloudNativeCon North America 2024 !
Join us at our booth F1 from Wednesday through Friday to connect with AWS experts, grab exclusive swag, and dive into live demos. We’ll cover exciting topics like GitOps, Platform Strategy, AI/ML, Karpenter, Observability, and more.
Don’t miss out!
New AWS services and features
Amazon EKS support in Amazon SageMaker HyperPod to scale foundation model development
- SageMaker HyperPod is purpose-built to accelerate foundation model (FM) training by providing a more resilient infrastructure optimized for large-scale distributed training, allowing you to train on thousands of accelerators faster and reduce time to train models by up to 40%
- SageMaker HyperPod is pre-configured with SageMaker distributed training libraries to help you efficiently improve performance by distributing model training data into smaller chunks, so it can be processed in parallel across accelerators.
- It automatically detects, diagnoses, and recovers from the faults, so you can train FMs for months at a time without disruption
- Amazon EKS Support in SageMaker HyperPod is now generally available.
- EKS support in HyperPod combines the benefits of SageMaker HyperPod offering self-healing performant clusters with the containerization capabilities of Amazon EKS, aiding in resilient orchestration of HyperPod compute resources
Container Insights now announces SageMaker HyperPod node health observability on EKS
- EKS orchestrated HyperPod clusters also integrate with CloudWatch Container Insights to provide out-of-the-box observability, by auto-discovering HyperPod node health status and visualizing them in curated dashboards.
- Container Insights assists you in optimizing training durations by classifying failing nodes as “pending reboot” and “pending replacement,” and guiding you on maintaining node health in case automatic node replacement is disabled.
Amazon ECR announces support for dual-layer server-side encryption in the AWS GovCloud (US) Regions
- Dual-layer server-side encryption with keys stored in AWS Key Management Service (DSSE-KMS) enables you to meet stronger compliance and regulatory requirements of applying multiple layers of encryption to your container images.
- Once this feature is enabled, ECR automatically encrypts your images twice when pushed and decrypts twice when pulled using your encryption keys managed by Amazon Key Management Service (KMS).
- This article covers expanded support for dual-layer server-side encryption in the AWS GovCloud (US) Regions
AWS blogs
[Blog] Secure Cross-Cluster Communication in EKS with VPC Lattice and Pod Identity IAM Session Tags
- Amazon VPC Lattice is an application layer networking service that gives you a consistent way to connect, secure, and monitor service-to-service communication when microservices leverage different compute options such as AWS Lambda, Amazon Elastic Container Service (ECS), and Amazon Elastic Kubernetes Service (Amazon EKS).
- When working on Amazon EKS, Amazon VPC Lattice comes with the AWS Gateway API Controller that implements the Kubernetes Gateway API.
- Maintaining the security and integrity of your application data, even when it is being transmitted across different clusters or accounts is of paramount importance.
- This blog dives deep into a comprehensive and adaptable reference for enabling cross-cluster communication for your Amazon EKS-based applications, using the power of Amazon VPC Lattice and other AWS services in a secure fashion.
[Blog] Unlocking Benefits with Bottlerocket: A Purpose-Built Container OS
- General-Purpose Operating Systems (GPOS) are designed to accommodate a wide range of applications and use cases, providing a versatile environment for diverse computing needs. However, this inclusivity presents challenges in terms of optimization and fleet management.
- On the other hand, Single-Purpose Operating Systems (SPOS) are designed and optimized for specific tasks streamlining fleet management responsibilities.
- The blog article aids as a guide to understand Motivation for SPOS and how users are experiencing benefits from Bottlerocket OS, purpose-built Container OS.
[Blog] How to Run WebAssembly on Amazon EKS
- WebAssembly (Wasm) is a binary instruction format designed to run alongside JavaScript in web browsers.
- Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications, with a promise to bring near-native performance to web applications.
- This blog post will explore how Amazon EKS can be utilized as underlying infrastructure for running WebAssembly applications.
Community news and articles
- Kubernetes v1.31 marks the first release after the project has successfully celebrated its first 10 years.
- This article covers release theme “Elli”, highlights of features graduating to Stable and Beta, New alpha features and removal of last remaining all in-tree integrations with cloud providers.
Strimzi for running Apache kafka workloads on Kubernetes
- Strimzi provides a way to run an Apache Kafka cluster on Kubernetes in various deployment configurations.
- This article covers key features of Strimzi, its benefits and how you can get started with deploying Kafka on Kubernetes
Videos and webinars
- Automate Container Security with Amazon Bedrock | ft. Amazon ECR, EKS, Inspector and Lambda
- Flexible Kubernetes Cluster Management with SpectroCloud
Open source projects
KWOK stands for Kubernetes WithOut Kubelet, a toolkit that enables setting up a cluster of thousands of Nodes in seconds. It provides two tools:
- kwok, responsible for simulating the lifecycle of fake nodes, pods, and other Kubernetes API resources.
- kwokctl, CLI tool designed to streamline the creation and management of clusters, with nodes simulated by kwok.