Containerization & Orchestration

If you’ve ever created a website, built a backend API, or even deployed a simple app on your laptop or a cloud service, you know this: ✅ Apps need to run somewhere — a laptop, a server, or in the cloud ✅ You need to install dependencies (libraries, runtimes, etc.) for the app to work properly ✅ Moving your app from your laptop to another system often breaks things — different OS versions, missing libraries, and so on That’s where containers come in... View the full article

Learning Kubernetes and DevOps can be challenging, especially when juggling multiple resources—watching videos, switching between slides, and trying to copy commands from PDFs. We get it. That’s why we built KodeKloud Notes—a centralized, interactive, and user-friendly platform where you can access all the essential text-based content from our courses in one place... View the full article

We all know the feeling: the pit in your stomach when a critical application goes down (and you have no idea what went wrong). In today's always-on world, downtime isn't just inconvenient; it can be catastrophic to your reputation and even your business. So, how can you ensure your Kubernetes infrastructure is truly resilient? The answer might surprise you: test it with a Chaos Day. The post Is Your Kubernetes Infrastructure Resilient? Test It with a Chaos Day appeared first on Security Boulevard. View the full article

Docker Init is a game-changer for DevOps engineers who want to containerize applications with speed and precision. In this tutorial, we’ll explore what the docker init command does, why it’s important, and how to use it to containerize a Node.js app in seconds. We’ll also compare Docker Init vs Docker Compose vs Dockerfile approaches, list supported languages, and share pro tips for getting the most out of this Dockerfile generator CLI. Whether you’re looking to learn how to dockerize a Node.js app fast or understand where Docker Init fits in your workflow, this guide has you covered… View the full article

When it comes to AI, inference is where today’s generative AI models can solve real-world business problems. Google Kubernetes Engine (GKE) is seeing increasing adoption of gen AI inference. For example, customers like HubX run inference of image-based models to serve over 250k images/day to power gen AI experiences, and Snap runs AI inference on GKE for its ad ranking system. However, there are challenges when deploying gen AI inference. First, during the evaluation phase of this journey, you have to evaluate all your accelerator options. You need to choose the right one for your use case. While many customers are interested in using Tensor Processing Units (TPU), they …

Topic was moved to forum Security

Amazon Elastic Kubernetes Service (Amazon EKS) now offers Bottlerocket FIPS (Federal Information Processing Standards) AMIs for EKS managed node groups, helping customers to meet federal compliance requirements while leveraging the security of Bottlerocket and the operational benefits of EKS managed node groups. Bottlerocket is a Linux-based operating system optimized for running containers that follows a minimal, immutable design for enhanced security and performance. The FIPS-enabled Bottlerocket AMIs for EKS include FIPS 140-3 validated cryptographic modules and are configured by default to use FIPS-enabled AWS service endpoints, making it easier for customers in re…

Today, we’re excited to announce the public preview of Multi-Cluster Orchestrator, a new service designed to streamline and simplify the management of workloads across Kubernetes clusters. Multi-Cluster Orchestrator lets platform and application teams optimize resource utilization, enhance application resilience, and accelerate innovation in complex, multi-cluster environments. As organizations increasingly adopt Kubernetes to deploy and manage their applications, the need for efficient multi-cluster management becomes critical. Challenges such as resource scarcity, ensuring high availability, and managing deployments across diverse environments create significant operati…

At Google Cloud, we’re continuously working on Google Kubernetes Engine (GKE) scalability so it can run increasingly demanding workloads. Recently, we announced that GKE can support a massive 65,000-node cluster, up from 15,000 nodes. This signals a new era of possibilities, especially for AI workloads and their ever-increasing demand for large-scale infrastructure. In this blog post, we explore a benchmark that simulates these massive AI workloads on a 65,000-node GKE cluster. As we look to develop and deploy even larger LLMs on GKE, we regularly run this benchmark against our infrastructure as a continuous integration (CI) test. We look at its results in detail, as well…

What is Docker Bake?Docker Bake is a powerful utility introduced by Docker as part of the docker buildx plugin. Inspired by tools like make and docker-compose, Docker Bake lets you define and run multiple Docker builds in parallel using a single configuration file (docker-bake.hcl or docker-bake.json). If you're managing multiple Docker images, especially in a microservices setup, Docker Bake simplifies your build process dramatically... View the full article

This blog post was co-authored by Alex Kestner, Sr Product Manager – EKS; Todd Neal, Sr. Software Engineer – EKS; Neelendra Bhandari, Sr Software Dev Manager – EKS; and Sai Vennam, Principal Specialist Solutions Architect. At re:Invent 2024, we launched Amazon Elastic Kubernetes Service (Amazon EKS) Auto Mode, a new feature that provides a production-ready, Kubernetes conformant cluster that is ready to host your workloads out of the box. In this post, we dive into what this means for your Kubernetes workloads and look under the hood of EKS Auto Mode clusters. Introduction to EKS Auto Mode EKS Auto Mode is a streamlined way to run applications on Kubernetes. It autom…

This post was jointly authored by Elizabeth Fuentes (Developer Advocate), Ikenna Izugbokwe (Principal SA), and Steven David (Principal SA). Amazon Elastic Kubernetes Service (Amazon EKS) provides add-ons that streamline supporting operational capabilities for Kubernetes applications. Still, customers rely on a wide range of Kubernetes add-ons to run their containerized applications. These add-ons come from different sources such as Amazon Web Services (AWS), AWS Partners, and the open-source community, each bringing specialized expertise to solve specific user problems. However, to consume these, customers discover various sources, navigate multiple deployment tools, m…

Today, Amazon Elastic Kubernetes Service (EKS) announced a new catalog of community add-ons that includes metrics-server, kube-state-metrics, cert-manager, prometheus-node-exporter, and external-dns. This enables you to easily find, select, configure, and manage popular open-source Kubernetes add-ons directly through EKS. Each add-on has been packaged, scanned, and validated for compatibility by EKS, with container images securely hosted in an EKS-owned private Amazon Elastic Container Registry (ECR) repository. To make Kubernetes clusters production-ready, you need to integrate various operational tools and add-ons. These add-ons can come from various sources includin…

Kubernetes has transformed how we build and manage cloud-native applications. But when it comes to networking — especially handling ingress traffic — the traditional Ingress API has shown limitations. That’s where the Gateway API steps in — a powerful evolution designed to handle modern traffic routing needs with more flexibility, extensibility, and control. In this blog, we’ll explain what the Gateway API is, how it differs from the old Ingress API, why it matters, and how to get started... View the full article

Today, Amazon Elastic Kubernetes Service (EKS) announced a new control to prevent accidental cluster upgrades when issues are already detected that may impact application compatibility with the next Kubernetes version. This feature leverages EKS upgrade insights and is significant step towards giving cluster administrators confidence with Kubernetes version upgrades. EKS upgrade insights automatically scan clusters against a list of potential Kubernetes version upgrade impacting issues such as deprecated Kubernetes API usage. EKS periodically updates the list of insight checks to perform, based on evaluations of changes in the Kubernetes project, as well as changes int…

Do you work with Kubernetes every day? Want to learn about the latest advancement in Kubernetes and the Cloud Native Space? Come join us for KubeCon + CloudNativeCon Europe 2025 in London (April 1-4), the premier event for folks running Kubernetes in the cloud! As the creator of the Kubernetes project and a key leader in this space, Google Cloud is excited to showcase the latest contributions and our commitment to the Kubernetes community. Join us at booth S100 to discover our sessions, lightning talks, hands on labs, and demos — plus, some friendly competition in a game of Kubernetes Family Feud! We will begin the week with our pre-conference Google Container Day on Apri…

dacadoo is a global Swiss-based technology company that develops solutions for digital health engagement and health risk quantification. Their products include a software-as-a-service (SaaS)-based digital health engagement platform that uses behavioral science, AI, and gamification to help end users improve their health outcomes. The company embarked on a journey to modernize an API to quantify health and lifestyle data plus a risk engine to calculate mortality and morbidity probabilities based on years of scientific research data. To transform a virtual machine–based API service into a globally redundant, scalable health score and risk calculation solution dacadoo ch…

This post was co-authored by Henrique Santana, Container Specialist, AWS and Luis Felipe, Principal Solutions Architect, AWS. Introduction Many organizations have built their infrastructure using Amazon Elastic Compute Cloud (Amazon EC2) and Network Load Balancer (NLB), often with security policies built around the NLB’s static IP addresses. As these organizations adopt containerization and move to Amazon Elastic Kubernetes Service (Amazon EKS) for their modern applications, they face a significant challenge with preserving their existing endpoint configurations. This can make the modernization complex and risky, because changing the load balancer setup may disrupt cli…

Artificial Intelligence (AI) and Machine Learning (ML) are transforming industries — from healthcare and finance to retail and transportation. But as models become more complex and datasets grow larger, data scientists and engineers need powerful, scalable, and automated infrastructure to manage their workloads. Enter Kubernetes and Kubeflow. In this beginner-friendly guide, we’ll explore how Kubernetes and Kubeflow work together to simplify and scale AI/ML workflows — with examples, architecture insights, and essential concepts you need to know... View the full article

Amazon Elastic Container Service (Amazon ECS) today launched 8 new service-specific condition keys for Identity and Access Management (IAM). These new condition keys let you create IAM policies as well as Service Control Policies (SCPs) to better enforce your organizational policies in containerized environments. IAM condition keys allow you to author policies that enforce access control based on API request context. With today’s release, Amazon ECS has added condition keys that allow you to enforce policies related to resource configuration (ecs:task-cpu, ecs:task:memory, and ecs:compute-compatibility), container privileges (ecs:privileged), network configuration (ecs…

We are excited to announce that the HCP Terraform Operator for Kubernetes (formerly known as Terraform Cloud Operator) is now certified for Red Hat OpenShift. This certification marks a significant milestone in our commitment to provide reliable, scalable, and secure integrations between Terraform and Kubernetes for streamlined workflows across hybrid and multi-cloud environments... View the full article

The Kubernetes v1.32 release marks another significant step forward in the evolution of this powerful platform. With a total of 44 enhancements, this release includes: ✅ 13 Stable Features 🟡 12 Beta Features 🔴 19 Alpha Features These updates continue to reflect the strong commitment of the Kubernetes community to deliver high-quality, feature-rich releases... View the full article

Kubernetes version 1.32 introduced several new features and bug fixes, and AWS is excited to announce that you can now use Amazon Elastic Kubernetes Service (EKS) and Amazon EKS Distro to run Kubernetes version 1.32. Starting today, you can create new EKS clusters using version 1.32 and upgrade existing clusters to version 1.32 using the EKS console, the eksctl command line interface, or through an infrastructure-as-code tool. Kubernetes version 1.32 introduces several improvements including stable support for custom resource field selectors and auto removal of persistent volume claims created by stateful sets. This release removes v1beta3 API version of FlowSchema and…

Topic was moved to forum Multi-Cloud & Hybrid Cloud

Amazon Elastic Container Registry (Amazon ECR) provides a fully managed container registry service, offering high-performance hosting for reliably deploying application images anywhere. Amazon ECR service requires repositories to pre-exist before pushing container images. In this post, we explore a dynamic solution that leverages AWS CloudTrail, Amazon EventBridge, and AWS Lambda functions to automatically create Amazon ECR repositories on demand. This solution gives you the ability to implement UPSERT in Amazon ECR. By default, detailed events for actions taken in an AWS environment are integrated from CloudTrail into EventBridge. EventBridge is a service that provides…

Interviewer: Welcome back to our CNCF Tool Interview Series Episode 04, where today we're setting sail with Docker, a name that's synonymous with container technology in the cloud-native world. Docker has not only simplified the development process but has also been a cornerstone in the journey of many developers and organizations towards achieving a streamlined DevOps culture. Let's dive in. 💡 Insight for our readers: DevOps is a set of practices and philosophies that aim to shorten the development life cycle, provide continuous delivery with high software quality, and encourage closer collaboration between development and operations teams. It emphasizes automation, moni…

Amazon Elastic Container Service (Amazon ECS) has now enhanced its functionalities by integrating support for Amazon Elastic Block Store (Amazon EBS) volume attachment to Amazon ECS tasks. This feature simplifies using Amazon ECS and AWS Fargate with Amazon EBS. Amazon ECS facilitates seamless provisioning and attachment of EBS volumes to ECS tasks on both Fargate and Amazon Elastic Cloud Compute (Amazon EC2) platforms. In Amazon ECS tasks, you have the flexibility to select EBS volume attributes, such as size, type, IOPS, and throughput, tailoring the storage to meet the specific needs of your application. Additionally, the capability to create volumes from snapshots all…

Today, Amazon CodeCatalyst announces a new runtime docker image for customers to use with their build and test actions within workflows, along with the ability to choose between curated images. The new image contains updated tooling, including Node18. View the full article

We are excited to announce that AWS Fargate for Windows containers on Amazon ECS has reduced infrastructure pricing by up to 49%. Fargate simplifies the adoption of modern container technology for ECS customers by making it even easier to run their Windows containers on AWS. With Fargate, customers no longer need to set up automatic scaling groups or manage host instances for their application. View the full article

Amazon Elastic Container Services (Amazon ECS) launches support for configuring timeout for service-to-service communication with its networking capability called ECS Service Connect. This feature enables you to set custom timeouts for Amazon ECS services running with Service Connect, supporting applications serving long-running requests. Amazon ECS is a fully managed container orchestration service that makes it easier for you to deploy, manage, and scale containerized applications. Customers can use ECS Service Connect capability to easily configure service discovery, connectivity and traffic observability for services running in Amazon ECS. This helps build application…

Amazon Elastic Container Service (Amazon ECS) launches support for automatic traffic encryption with Transport Layer Security (TLS) certificates for its networking capability called ECS Service Connect. With this support, ECS Service Connect allows your applications to establish a secure connection by encrypting your network traffic. Automatic traffic encryption with ECS Service Connect uses industry-leading encryption capabilities to secure your inter-service communication that helps you meet your security requirements. View the full article

Today, Amazon Elastic Container Services (Amazon ECS) announced managed instance draining, a new capability that facilitates graceful shutdown of workloads deployed on Amazon Elastic Compute Cloud (Amazon EC2) instances by safely stopping and rescheduling workloads to other, non-terminating instances. This capability enables customers to simplify infrastructure maintenance workflows, such as rolling out a new Amazon Machine Image (AMI) version, without needing to build custom solutions to gracefully shutdown instances without disrupting their workloads. View the full article

Customers running applications with more than one containers on Amazon Elastic Container Service (ECS) with AWS Fargate can now leverage Seekable OCI (SOCI) to lazily load specific container images within the Amazon ECS task definition. This eliminates the need to generate SOCI indexes for smaller container images within the task definition, while still getting the benefits of SOCI with larger container images, improving the overall application deployment and scale-out time. View the full article

PBS is a private, nonprofit corporation, founded in 1969, whose members are America’s public TV stations. They have been an AWS customer for over 10 years using around 100 services. This post about PBS’s success using Amazon Elastic Container Service (Amazon ECS) and AWS Fargate. This post covers their 10-year journey in the cloud. Also, we’ll cover how PBS evolved to use Amazon ECS and AWS Fargate to optimize their resilience, scalability, cost, and application development... View the full article

When it comes to container orchestration, K8s (Kubernetes) has become a de facto standard for managing applications and infrastructure at scale across on-premise data centers and public clouds. But as organizations look to deploy containerized workloads to devices at the edge of their network or for Internet of Things (IoT) applications, the full Kubernetes distribution can be overkill. This is where K3s comes in. Developed by Rancher Labs, K3s is a lightweight Kubernetes distribution designed specifically for resource-constrained edge and IoT environments. In this article, we'll walk you through the key differences between K3s and the upstream Kubernetes project to hel…

About a year ago, we published a post on how to Optimize your Spring Boot application for AWS Fargate, where we went into different optimization techniques to speed up the startup time of Spring Boot applications for AWS Fargate. We started the post with “Fast startup times are key to quickly react to disruptions and demand peaks, and they can increase the resource efficiency”. Seekable OCI (SOCI) is a new and simple way to reduce startup times for Java workloads running on AWS Fargate. It can be combined with the earlier optimizations, or you could just use SOCI for a simple win. Customers running applications on Amazon Elastic Container Service (Amazon ECS) with AWS Far…

Amazon Elastic Container Registry (ECR) Public has added new features that make it easier for customers to navigate the ECR Public Gallery and find the images they are looking for. New filters allow customers to search for images from well-known publishers such as Docker and Amazon, and a new landing page highlights those filters as well as other frequently used repositories. View the full article

Today, AWS announces the availability of AWS Fargate for Amazon ECS Windows containers in the AWS GovCloud (US) Regions. This feature simplifies the adoption of modern container technology for Amazon ECS customers by making it even easier to run their Windows containers on AWS. View the full article

In traditional business models, retailers handle order-fulfillment processes from start to finish—including inventory management, owning or leasing warehouses, and managing supply chains. But many retailers aren’t set up to carry additional inventory. The “endless aisle” business model is an alternative solution for lean retailers that are carrying enough in-store inventory while wanting to avoid revenue loss. Endless aisle is also known as drop-shipping, or fulfilling orders through automated integration with product partners. Such automation results in a customer’s ability to place an order on a tablet or kiosk when they cannot find a specific product of their choice …

Introduction Many applications built today or modernized from monoliths are done so using microservice architectures. The microservice architecture makes applications easier to scale and faster to develop, which enables innovation and accelerating time-to-market for new features. In addition, microservices also provide lifecycle autonomy enabling applications to have independent build and deploy processes, which provides technological freedom such that they can be implemented in different programming languages and provide scaling flexibility to scale up or scale down independently based on workload utilization. While microservices provide a lot of flexibility, the proc…

In 2022, we published Let’s Architect! Architecting microservices with containers. We covered integrations patterns and some approaches for implementing microservices using containers. In this Let’s Architect! post, we want to drill down into microservices only, by focusing on the main challenges that software architects and engineers face while working on large distributed systems structured as a set of independent services. There are many considerations to cover in detail within a broad topic like microservices. We should reflect on the organizational structure, automation pipelines, multi-account strategy, testing, communication, and many other areas. With this po…

The Hugging Face Hub is a platform that enables collaborative open source machine learning (ML). The hub works as a central place where users can explore, experiment, collaborate, and build technology with machine learning. On the hub, you can find more than 140,000 models, 50,000 ML apps (called Spaces), and 20,000 datasets shared by the community. Using Spaces makes it easy to create and deploy ML-powered applications and demos in minutes. Recently, the Hugging Face team added support for Docker Spaces, enabling users to create any custom app they want by simply writing a Dockerfile... View the full article

This blog focuses primarily on helping customers understand software supply chain security in the context of integrity and provenance—specifically, how cryptographic signatures can be used to simplify the process of ensuring the integrity of container images as they move through your software supply chain. We will also discuss how signing can help organizations validate their container images are coming from a trusted publisher, and how signing can be integrated with code scanning and approval workflows to facilitate a secure software supply chain. To be successful, signing and verification should be easily implemented and integrated with DevOps processes, ideally no…

Amazon ECS now fully supports multiline logging powered by AWS for Fluent Bit for both AWS Fargate and Amazon EC2. AWS Fluent Bit is an AWS distribution of the open-source project Fluent Bit, a fast and a lightweight log forwarder. Amazon ECS users can use this feature to re-combine partial log messages produced by your containerized applications running on AWS Fargate or Amazon EC2 into a single message for easier troubleshooting and analytics. View the full article

Amazon Elastic Container Services (Amazon ECS) provides a Cluster Auto Scaling (CAS) capability to dynamically manage the scaling of your Amazon Elastic Compute Cloud (EC2) Auto Scaling groups (ASG) on your behalf, so that you can focus on running your containers. Capacity Providers is the compute interface that links your Amazon ECS cluster with your ASG. With Capacity Providers, you can define flexible rules for how containerized workloads run on different types of compute capacity, and manage the scaling of the capacity. Capacity Providers improve the availability, scalability, and cost of running tasks and services on ECS. Starting today, we are simplifying the integr…

The Amazon Elastic Container Service (Amazon ECS) extensions module that extends the service construct in AWS Cloud Development Kit (AWS CDK), is now generally available. The new Amazon ECS service construct for AWS CDK supports extensions that automatically add additional capabilities such as AWS App Mesh or FireLens to your containerized services using familiar programming languages. View the full article

Amazon Lightsail now provides you with the ability to run containerized workloads on the cloud with little-to-no prior cloud experience. With this native service, called Lightsail Containers, you can now deploy containerized applications to the cloud using the Docker images directly from your desktop or from the ones in public registries like DockerHub – with just a few clicks, through an easy to use interface. Lightsail takes care of all the infrastructure management complexities and allows you to focus on your application code. Lightsail Containers come with the same predictable pricing as its other offerings with prices starting at $7/month for a Container Service. Vi…

Amazon Elastic Container Service (Amazon ECS) Cluster Auto Scaling (CAS) now offers more responsive scaling when using EC2 Auto Scaling groups (ASGs) that span across Availability Zones (AZs) and instance types. View the full article

You can now use a custom AMI with EKS managed node groups; Details: introducing-launch-template-and-custom-ami-support-in-amazon-eks-managed-node-groups Just create a new launch template and set this on the EKS NodeGroup; The alternative is to use self-managed nodes, but then you have to manage the ASG yourself.

Amazon Elastic Container Service (ECS) now supports the ability to add the recently launched P4d instances on Amazon ECS clusters in all regions where P4d instances are available. P4d instances offer up to 60% lower cost to train compared to previous generation instances with 2.5X more deep learning performance using the latest NVIDIA A100 Tensor Core GPUs. These instances also offer 8 TB of local NVMe storage. P4d instances are currently available in the US East (N. Virginia) and US West (Oregon) regions. To learn more about P4d instances, please visit the P4d product page and news blog. View the full article