Containerization & Orchestration

Today, we’re excited to announce the public preview of Multi-Cluster Orchestrator, a new service designed to streamline and simplify the management of workloads across Kubernetes clusters. Multi-Cluster Orchestrator lets platform and application teams optimize resource utilization, enhance application resilience, and accelerate innovation in complex, multi-cluster environments. As organizations increasingly adopt Kubernetes to deploy and manage their applications, the need for efficient multi-cluster management becomes critical. Challenges such as resource scarcity, ensuring high availability, and managing deployments across diverse environments create significant operati…

At Google Cloud, we’re continuously working on Google Kubernetes Engine (GKE) scalability so it can run increasingly demanding workloads. Recently, we announced that GKE can support a massive 65,000-node cluster, up from 15,000 nodes. This signals a new era of possibilities, especially for AI workloads and their ever-increasing demand for large-scale infrastructure. In this blog post, we explore a benchmark that simulates these massive AI workloads on a 65,000-node GKE cluster. As we look to develop and deploy even larger LLMs on GKE, we regularly run this benchmark against our infrastructure as a continuous integration (CI) test. We look at its results in detail, as well…

This blog post was co-authored by Alex Kestner, Sr Product Manager – EKS; Todd Neal, Sr. Software Engineer – EKS; Neelendra Bhandari, Sr Software Dev Manager – EKS; and Sai Vennam, Principal Specialist Solutions Architect. At re:Invent 2024, we launched Amazon Elastic Kubernetes Service (Amazon EKS) Auto Mode, a new feature that provides a production-ready, Kubernetes conformant cluster that is ready to host your workloads out of the box. In this post, we dive into what this means for your Kubernetes workloads and look under the hood of EKS Auto Mode clusters. Introduction to EKS Auto Mode EKS Auto Mode is a streamlined way to run applications on Kubernetes. It autom…

This post was jointly authored by Elizabeth Fuentes (Developer Advocate), Ikenna Izugbokwe (Principal SA), and Steven David (Principal SA). Amazon Elastic Kubernetes Service (Amazon EKS) provides add-ons that streamline supporting operational capabilities for Kubernetes applications. Still, customers rely on a wide range of Kubernetes add-ons to run their containerized applications. These add-ons come from different sources such as Amazon Web Services (AWS), AWS Partners, and the open-source community, each bringing specialized expertise to solve specific user problems. However, to consume these, customers discover various sources, navigate multiple deployment tools, m…

Today, Amazon Elastic Kubernetes Service (EKS) announced a new catalog of community add-ons that includes metrics-server, kube-state-metrics, cert-manager, prometheus-node-exporter, and external-dns. This enables you to easily find, select, configure, and manage popular open-source Kubernetes add-ons directly through EKS. Each add-on has been packaged, scanned, and validated for compatibility by EKS, with container images securely hosted in an EKS-owned private Amazon Elastic Container Registry (ECR) repository. To make Kubernetes clusters production-ready, you need to integrate various operational tools and add-ons. These add-ons can come from various sources includin…

Today, Amazon Elastic Kubernetes Service (EKS) announced a new control to prevent accidental cluster upgrades when issues are already detected that may impact application compatibility with the next Kubernetes version. This feature leverages EKS upgrade insights and is significant step towards giving cluster administrators confidence with Kubernetes version upgrades. EKS upgrade insights automatically scan clusters against a list of potential Kubernetes version upgrade impacting issues such as deprecated Kubernetes API usage. EKS periodically updates the list of insight checks to perform, based on evaluations of changes in the Kubernetes project, as well as changes int…

Do you work with Kubernetes every day? Want to learn about the latest advancement in Kubernetes and the Cloud Native Space? Come join us for KubeCon + CloudNativeCon Europe 2025 in London (April 1-4), the premier event for folks running Kubernetes in the cloud! As the creator of the Kubernetes project and a key leader in this space, Google Cloud is excited to showcase the latest contributions and our commitment to the Kubernetes community. Join us at booth S100 to discover our sessions, lightning talks, hands on labs, and demos — plus, some friendly competition in a game of Kubernetes Family Feud! We will begin the week with our pre-conference Google Container Day on Apri…

dacadoo is a global Swiss-based technology company that develops solutions for digital health engagement and health risk quantification. Their products include a software-as-a-service (SaaS)-based digital health engagement platform that uses behavioral science, AI, and gamification to help end users improve their health outcomes. The company embarked on a journey to modernize an API to quantify health and lifestyle data plus a risk engine to calculate mortality and morbidity probabilities based on years of scientific research data. To transform a virtual machine–based API service into a globally redundant, scalable health score and risk calculation solution dacadoo ch…

This post was co-authored by Henrique Santana, Container Specialist, AWS and Luis Felipe, Principal Solutions Architect, AWS. Introduction Many organizations have built their infrastructure using Amazon Elastic Compute Cloud (Amazon EC2) and Network Load Balancer (NLB), often with security policies built around the NLB’s static IP addresses. As these organizations adopt containerization and move to Amazon Elastic Kubernetes Service (Amazon EKS) for their modern applications, they face a significant challenge with preserving their existing endpoint configurations. This can make the modernization complex and risky, because changing the load balancer setup may disrupt cli…

Amazon Elastic Container Registry (Amazon ECR) provides a fully managed container registry service, offering high-performance hosting for reliably deploying application images anywhere. Amazon ECR service requires repositories to pre-exist before pushing container images. In this post, we explore a dynamic solution that leverages AWS CloudTrail, Amazon EventBridge, and AWS Lambda functions to automatically create Amazon ECR repositories on demand. This solution gives you the ability to implement UPSERT in Amazon ECR. By default, detailed events for actions taken in an AWS environment are integrated from CloudTrail into EventBridge. EventBridge is a service that provides…

Introduction Amazon Elastic Container Service (Amazon ECS) has now enhanced its functionalities by integrating support for Amazon Elastic Block Store (Amazon EBS) volume attachment to Amazon ECS tasks. This feature simplifies using Amazon ECS and AWS Fargate with Amazon EBS. Amazon ECS facilitates seamless provisioning and attachment of EBS volumes to ECS tasks on both Fargate and Amazon Elastic Cloud Compute (Amazon EC2) platforms. In Amazon ECS tasks, you have the flexibility to select EBS volume attributes, such as size, type, IOPS, and throughput, tailoring the storage to meet the specific needs of your application. Additionally, the capability to create volumes from…

Today, Amazon CodeCatalyst announces a new runtime docker image for customers to use with their build and test actions within workflows, along with the ability to choose between curated images. The new image contains updated tooling, including Node18. View the full article

We are excited to announce that AWS Fargate for Windows containers on Amazon ECS has reduced infrastructure pricing by up to 49%. Fargate simplifies the adoption of modern container technology for ECS customers by making it even easier to run their Windows containers on AWS. With Fargate, customers no longer need to set up automatic scaling groups or manage host instances for their application. View the full article

Amazon Elastic Container Services (Amazon ECS) launches support for configuring timeout for service-to-service communication with its networking capability called ECS Service Connect. This feature enables you to set custom timeouts for Amazon ECS services running with Service Connect, supporting applications serving long-running requests. Amazon ECS is a fully managed container orchestration service that makes it easier for you to deploy, manage, and scale containerized applications. Customers can use ECS Service Connect capability to easily configure service discovery, connectivity and traffic observability for services running in Amazon ECS. This helps build application…

Amazon Elastic Container Service (Amazon ECS) launches support for automatic traffic encryption with Transport Layer Security (TLS) certificates for its networking capability called ECS Service Connect. With this support, ECS Service Connect allows your applications to establish a secure connection by encrypting your network traffic. Automatic traffic encryption with ECS Service Connect uses industry-leading encryption capabilities to secure your inter-service communication that helps you meet your security requirements. View the full article

Today, Amazon Elastic Container Services (Amazon ECS) announced managed instance draining, a new capability that facilitates graceful shutdown of workloads deployed on Amazon Elastic Compute Cloud (Amazon EC2) instances by safely stopping and rescheduling workloads to other, non-terminating instances. This capability enables customers to simplify infrastructure maintenance workflows, such as rolling out a new Amazon Machine Image (AMI) version, without needing to build custom solutions to gracefully shutdown instances without disrupting their workloads. View the full article

Customers running applications with more than one containers on Amazon Elastic Container Service (ECS) with AWS Fargate can now leverage Seekable OCI (SOCI) to lazily load specific container images within the Amazon ECS task definition. This eliminates the need to generate SOCI indexes for smaller container images within the task definition, while still getting the benefits of SOCI with larger container images, improving the overall application deployment and scale-out time. View the full article

PBS is a private, nonprofit corporation, founded in 1969, whose members are America’s public TV stations. They have been an AWS customer for over 10 years using around 100 services. This post about PBS’s success using Amazon Elastic Container Service (Amazon ECS) and AWS Fargate. This post covers their 10-year journey in the cloud. Also, we’ll cover how PBS evolved to use Amazon ECS and AWS Fargate to optimize their resilience, scalability, cost, and application development... View the full article

About a year ago, we published a post on how to Optimize your Spring Boot application for AWS Fargate, where we went into different optimization techniques to speed up the startup time of Spring Boot applications for AWS Fargate. We started the post with “Fast startup times are key to quickly react to disruptions and demand peaks, and they can increase the resource efficiency”. Seekable OCI (SOCI) is a new and simple way to reduce startup times for Java workloads running on AWS Fargate. It can be combined with the earlier optimizations, or you could just use SOCI for a simple win. Customers running applications on Amazon Elastic Container Service (Amazon ECS) with AWS Far…

Amazon Elastic Container Registry (ECR) Public has added new features that make it easier for customers to navigate the ECR Public Gallery and find the images they are looking for. New filters allow customers to search for images from well-known publishers such as Docker and Amazon, and a new landing page highlights those filters as well as other frequently used repositories. View the full article

Today, AWS announces the availability of AWS Fargate for Amazon ECS Windows containers in the AWS GovCloud (US) Regions. This feature simplifies the adoption of modern container technology for Amazon ECS customers by making it even easier to run their Windows containers on AWS. View the full article

In traditional business models, retailers handle order-fulfillment processes from start to finish—including inventory management, owning or leasing warehouses, and managing supply chains. But many retailers aren’t set up to carry additional inventory. The “endless aisle” business model is an alternative solution for lean retailers that are carrying enough in-store inventory while wanting to avoid revenue loss. Endless aisle is also known as drop-shipping, or fulfilling orders through automated integration with product partners. Such automation results in a customer’s ability to place an order on a tablet or kiosk when they cannot find a specific product of their choice …

Introduction Many applications built today or modernized from monoliths are done so using microservice architectures. The microservice architecture makes applications easier to scale and faster to develop, which enables innovation and accelerating time-to-market for new features. In addition, microservices also provide lifecycle autonomy enabling applications to have independent build and deploy processes, which provides technological freedom such that they can be implemented in different programming languages and provide scaling flexibility to scale up or scale down independently based on workload utilization. While microservices provide a lot of flexibility, the proc…

In 2022, we published Let’s Architect! Architecting microservices with containers. We covered integrations patterns and some approaches for implementing microservices using containers. In this Let’s Architect! post, we want to drill down into microservices only, by focusing on the main challenges that software architects and engineers face while working on large distributed systems structured as a set of independent services. There are many considerations to cover in detail within a broad topic like microservices. We should reflect on the organizational structure, automation pipelines, multi-account strategy, testing, communication, and many other areas. With this po…

This blog focuses primarily on helping customers understand software supply chain security in the context of integrity and provenance—specifically, how cryptographic signatures can be used to simplify the process of ensuring the integrity of container images as they move through your software supply chain. We will also discuss how signing can help organizations validate their container images are coming from a trusted publisher, and how signing can be integrated with code scanning and approval workflows to facilitate a secure software supply chain. To be successful, signing and verification should be easily implemented and integrated with DevOps processes, ideally no…

Amazon ECS now fully supports multiline logging powered by AWS for Fluent Bit for both AWS Fargate and Amazon EC2. AWS Fluent Bit is an AWS distribution of the open-source project Fluent Bit, a fast and a lightweight log forwarder. Amazon ECS users can use this feature to re-combine partial log messages produced by your containerized applications running on AWS Fargate or Amazon EC2 into a single message for easier troubleshooting and analytics. View the full article

Amazon Elastic Container Services (Amazon ECS) provides a Cluster Auto Scaling (CAS) capability to dynamically manage the scaling of your Amazon Elastic Compute Cloud (EC2) Auto Scaling groups (ASG) on your behalf, so that you can focus on running your containers. Capacity Providers is the compute interface that links your Amazon ECS cluster with your ASG. With Capacity Providers, you can define flexible rules for how containerized workloads run on different types of compute capacity, and manage the scaling of the capacity. Capacity Providers improve the availability, scalability, and cost of running tasks and services on ECS. Starting today, we are simplifying the integr…

The Amazon Elastic Container Service (Amazon ECS) extensions module that extends the service construct in AWS Cloud Development Kit (AWS CDK), is now generally available. The new Amazon ECS service construct for AWS CDK supports extensions that automatically add additional capabilities such as AWS App Mesh or FireLens to your containerized services using familiar programming languages. View the full article

Amazon Lightsail now provides you with the ability to run containerized workloads on the cloud with little-to-no prior cloud experience. With this native service, called Lightsail Containers, you can now deploy containerized applications to the cloud using the Docker images directly from your desktop or from the ones in public registries like DockerHub – with just a few clicks, through an easy to use interface. Lightsail takes care of all the infrastructure management complexities and allows you to focus on your application code. Lightsail Containers come with the same predictable pricing as its other offerings with prices starting at $7/month for a Container Service. Vi…

Amazon Elastic Container Service (Amazon ECS) Cluster Auto Scaling (CAS) now offers more responsive scaling when using EC2 Auto Scaling groups (ASGs) that span across Availability Zones (AZs) and instance types. View the full article

Amazon Elastic Container Service (ECS) now supports the ability to add the recently launched P4d instances on Amazon ECS clusters in all regions where P4d instances are available. P4d instances offer up to 60% lower cost to train compared to previous generation instances with 2.5X more deep learning performance using the latest NVIDIA A100 Tensor Core GPUs. These instances also offer 8 TB of local NVMe storage. P4d instances are currently available in the US East (N. Virginia) and US West (Oregon) regions. To learn more about P4d instances, please visit the P4d product page and news blog. View the full article

Amazon Elastic Container Service (Amazon ECS) on AWS Fargate now lets you configure the size of ephemeral storage for your Tasks up to a maximum of 200GiB. All ephemeral storage on AWS Fargate continues to be encrypted by default with service-managed keys. View the full article

Amazon Elastic Container Service (ECS) now supports native Internet Protocol version 6 (IPv6) for Amazon ECS tasks using task networking (awsvpc networking mode). Previously, IPv6 was only supported in host networking mode. With this capability, tasks using awsvpc networking mode can communicate with other endpoints in Amazon Virtual Private Cloud (Amazon VPC) and internet in dual-stack mode via either IPv4 or IPv6. This will allow customers to communicate with on-premises resources that support only IPv6 addresses and meet IPv6 compliance requirements. View the full article

Today, we are excited to announce the general availability of Amazon Elastic Container Service (ECS) Anywhere, a new capability of Amazon ECS. Amazon ECS Anywhere provides a fully managed container orchestration service that enables customers to run and manage containerized applications on-premises using the same APIs, cluster management, workload scheduling, monitoring, and deployment pipelines they use with Amazon ECS today. Customers can use Amazon ECS Anywhere on their own infrastructure by connecting their servers or instances to the managed Amazon ECS control plane. Enterprises who need to keep their data on-premises for latency or regulatory reasons can now use a s…

Amazon Elastic Container Service (Amazon ECS) capacity providers now support update functionality. You can update the parameters of a capacity provider using either the AWS Management Console or the new UpdateCapacityProvider API. View the full article