In this edition we feature Amazon EKS support for Kubernetes version 1.31 and general availability of EKS Optimized Accelerated AMIs for NVIDIA and AWS Neuron workloads.

Important Announcement

AWS is coming to Salt Lake City for KubeCon + CloudNativeCon North America 2024 !

Join us at KubeCon Salt Lake City at Booth F1, where you can learn about Kubernetes best practices, strategies, and our latest innovations from AWS experts. The AWS booth will feature live, interactive product demonstrations focused on cost optimization, observability, security, governance, data and AI/ML, and platform strategy.

Don’t miss this opportunity to engage with the Kubernetes community and connect with AWS experts!

New AWS services and features

• Amazon EKS and Amazon EKS Distro now supports Kubernetes version 1.31

  • Kubernetes version 1.31 introduces several key improvements, including stable support for AppArmor security modules, storing timestamps for persistent volume phase transitions, and the beta VolumeAttributeClass API for modifying mutable properties of persistent volumes managed by compatible drivers like Amazon EBS CSI driver starting v1.35.0.
  • EKS now supports Kubernetes version 1.31 in all the AWS Regions where EKS is available, including the AWS GovCloud (US) Regions.

• Amazon EKS now supports using NVIDIA and AWS Neuron accelerated instance types with AL2023

  • EKS optimized accelerated AMIs for Amazon Linux 2023 are generally available in all AWS Regions including the AWS GovCloud (US) Regions across all standard supported EKS versions as well as extended support versions 1.23 and higher.
  • These new AMIs are based on the Amazon EKS optimized AMI for AL2023 and include support for NVIDIA and AWS Neuron workloads. The EKS Optimized NVIDIA AMI includes NVIDIA drivers, NVIDIA Fabric Manager and NVIDIA container toolkit, and the EKS Optimized Neuron AMI includes the Neuron driver

• Finch expands support to Linux, streamlining container development across platforms

  • Finch is an open source command line tool that allows developers to build, run, and publish Linux containers.
  • Finch simplifies container development by bundling a minimal native client with a curated selection of open-source components, allowing developers to build and manage containers without the hassle of managing intricate details.
  • This article covers details around expansion of Finch support to Linux alongside macOS and Windows operating systems.

AWS blogs

• [Blog] Announcing AWS Neuron Helm Chart

  • AWS Neuron is the SDK used to run deep learning workloads on AWS Inferentia and AWS Trainium based instances. With Neuron, customers can quickly start using Inferentia/Trainium instances through services like Amazon Sagemaker, Amazon Elastic Container Service (ECS), Amazon Elastic Kubernetes Service (EKS), AWS Batch, and AWS Parallel Cluster.
  • When using Neuron with EKS, you are required to setup the Neuron device plugin, scheduler extension, node problem detector, and monitoring plugins for efficient resource utilization, monitoring, and resilience when using Inferentia and Trainium instances for inference and training workloads on Kubernetes clusters.
  • This blog article serves as walkthrough deep dive for Neuron Helm Chart which streamlines the deployment of Neuron components by consolidating the necessary components into a single, directly deployable solution. This means that you can deploy the individual components such as Neuron Device Plugin, Neuron Scheduler, and Node Problem Detector with minimal effort and full flexibility.

• [Blog] Migrating from AWS App Mesh to Amazon VPC Lattice

  • Amazon VPC Lattice is a fully managed service, announced at re:invent 2022, that enables consistent connectivity, security, and monitoring of communications between various AWS services, such as Amazon Elastic Container Service (Amazon ECS), Amazon Elastic Kubernetes Service (Amazon EKS), AWS Lambda, and Amazon Elastic Compute Cloud (Amazon EC2).
  • The blog article aids as a guide to understand how VPC Lattice can help simplify the management of complex, distributed applications and provide guidance for Amazon EKS customers on migrating from App Mesh to VPC Lattice.

• [Blog] AWS and Kubecost Collaborate to Deliver Kubecost 2.0 for Amazon EKS Users

  • In August 2022, Amazon Elastic Kubernetes Service (Amazon EKS) announced the availability of an Amazon EKS-optimized bundle of Kubecost for cluster cost visibility.
  • This blog post will explore how you can benefit from new features as a part of Kubecost 2.0 .

• [Blog] Powering the Next Generation of AI Workloads on Amazon EKS with Anyscale

  • Ray is an open-source framework that manages, executes, and optimizes compute needs for AI workloads.
  • Ray, launched as a research project in 2016, is quickly becoming a standard for orchestrating AI workloads, especially with Kubernetes.
  • This blog post will explore how RayTurbo, optimized Ray engine from Anyscale, can be used with Amazon EKS.

Community news and articles

• Updated etcd Project Journey Report is live – the project now has more than 5,500 individual contributors!

  • etcd is one of CNCF’s longest-standing graduated projects.
  • This article covers updated project journey report

• Managing AWS EKS access entries with Terraform and OpenTofu

  • The aws-auth ConfigMap is deprecated and EKS Access Entries is recommended method to provide IAM users/roles access to Kubernetes APIs.
  • This article covers how you can manage access entries using Terraform and OpenTofu

Videos and webinars

• Project Ceiba - AWS and NVIDIA constructing the world’s largest AI supercomputer: Extended Version
  • Project Ceiba , a groundbreaking collaboration between AWS and NVIDIA, aims to push the boundaries of artificial intelligence (AI) by constructing the largest AI supercomputer in the cloud.
  • Hosted exclusively on AWS, this cutting-edge supercomputer will power NVIDIA’s research and development efforts in AI.

Open source projects

• Eraser
  • When deploying to Kubernetes, it’s common for pipelines to build and push images to a cluster, but it’s much less common for these images to be cleaned up, especially a host of non-compliant images lingering on the nodes.
  • Eraser aims to provide a simple way to determine the state of an image by leveraging Trivy for vulnerability scanning, and delete it if it meets the specified criteria. Custom scanning solutions can be provided in place of Trivy. In case, scanner is disabled, Eraser will operate as garbage collector removing all non-running images in your cluster.