What is AWS EKS?
AWS EKS is an acronym given by Amazon for “Amazon Elastic Container Service for Kubernetes”. It allows you to have a Kubernetes environment on the AWS platform. It is highly available, scalable and secure Kubernetes Service. EKS fully manages the Kubernetes control plane but the disadvantage is that you are unable to make changes to this control plane and it doesn’t allow you to have access to master nodes.
What is KOPS?
Kops is an acronym for “Kubernetes Operation”, it offers CLI tools that make creating and managing Kubernetes easy. It came before AWS EKS in 2016. It gives you complete control over the Kubernetes Environment. Using Kops, you can simplify the Kubernetes cluster set up since it gives you access to set up both master and worker nodes.
1. Kubernetes Cluster Setup
This is the foremost point to consider when evaluating Kubernetes solutions on AWS is how difficult it is to set up a working Kubernetes cluster.
Setting up a Kubernetes Cluster with EKS
Setting up a cluster with EKS is fairly complicated and has some prerequisites. Since EKS does not actually create worker nodes automatically so you must manage that process.
Kubernetes on AWS
- You must have set up AWS CLI and AWS-IAM-authenticator as a prerequisite.
- To manage the process of setting up worker nodes since EKS won’t do it for you, this can be done using Cloud Formation templates or EKSCTL, Check Creating Production clusters using EKSCTL.
- To manage the process of setting up worker nodes, you can also use Terraform which allows you to set up a VPC and subnets set up to use the EKS module.
Setting up a Kubernetes Cluster with KOPS
Setting up a Kubernetes Cluster with KOPS is simpler than EKS. Since Kops manage most of the AWS resources required to run a Kubernetes cluster.
- It can create and run your Kubernetes cluster with kops create cluster command.
- It can manage most of the AWS Resources that you need to set up a Kubernetes cluster.
- It will work with either a new or existing VPC.
- Kops also allows you to generate terraform configuration for the AWS resources instead of directly creating them.
2. Kubernetes Cluster Management
After setting up a Kubernetes cluster, you must also consider what it is like to scale nodes, perform cluster upgrades, and integrate with other services.
Managing a Kubernetes Cluster with EKS
Managing a cluster using EKS is easier compared to Kops, the extra effort that you required to set up EKS using either CloudFormation or Terraform just pays off when it comes to cluster maintenance.
- With EKS, you don’t have to bring your entire cluster down for upgrades and updates.
- EKS is much more scalable, because of it’s highly available and fully managed control plane, you don’t have to worry if the cluster gets larger.
- EKS also gives you a detailed version for the internal pods management. You can easily know about how pods communicate with each other, with the VPC and other AWS Services.
- EKS allows you to add worker nodes by increasing the size of your AutoScaling Group.
- EKS also allows you to replace worker nodes using kubectl drain and then terminating EC2 instance and do most upgrades without disturbing the cluster.
Managing a Kubernetes Cluster with KOPS
Though it is really easy to create a Kubernetes cluster on kops but it’s a real pain when it comes to manage the cluster. This can be observed by the following points:
- You have to do a lot of work to upgrade and replace master nodes for the newer version of Kubernetes.
- It uses private networking for pods by default.
- Kops is a little further behind on Kubernetes versions than the EKS team, which is kind of an added liability.
3. Configuration and Access
One biggest difference between EKS and kops is in how control and access are handled in your Kubernetes Cluster.
Configuration and Access using EKS
With EKS, managing the master node, configuring cloud environments and tasks as such are handled by Amazon thus leaving you with absolutely no control over it. It might suit the developers but not for the server administrators who appreciate more control over the entire environment.
Configuration and Access using KOPS
Kops let you configure cloud environments, include configurations the way you like them. It thus increases efficiency and making you responsible for making sure the cluster is configured correctly by giving you complete control over the cloud environment. When you choose kops, you also have to make sure that you keep the master nodes working properly and always up to date. It is a server administrator’s favorite since they appreciate having complete control over the entire cloud environment.
It is another one of the biggest difference while you choose between EKS and Kops. After all, reducing the existing infrastructure cost can be an achievement for any organization.
Cost of running AWS EKS Kubernetes Cluster
- Kubernetes control plane can be used for a flat usage fee of $0.20 per hour or ~$145 per month for each EKS cluster that you create, depending upon the cluster size.
- You cannot use spot instances for the cluster thus cost is more.
- You at least need to keep 3 master nodes up for higher availability of AWS EKS Kubernetes Cluster.
- If you wish to use the Cluster for Production, EKS will be cheaper but for test and Dev Environments EKS will be costlier than kops.
- When you have large production clusters with high load, it is profitable to use EKS.
Cost of running KOPS Kubernetes Cluster
- It is an open-source tool and is completely free to use but you are responsible for maintaining the infrastructure created by kops to manage your Kubernetes cluster.
- You also have to manage the master nodes in KOPS, which adds additional cost.
- It is cheaper to use KOPS when you are using a small or temporary cluster because then you don’t have a huge load on the master.
- If you use 3 x t2.medium (or t3, they are cheaper) instances as master nodes (~$100/month).
- For Dev and Staging environments, you can reduce the running cost of the cluster by keeping single master nodes per cluster, which can further be reduced if you use spot instances for master nodes.
You can significantly reduce your Dev/Staging cluster costs with KOPS by keeping single master node or by running master nodes as spot instances or both. However, for Production grade clusters, that require high availability configuration, EKS is always a cheaper option instead of running 3 Master nodes (atleast t3/m4/c4/r4.large instances) ondemand.
5. Kubernetes Security
Security should be a top concern for every Kubernetes administrator. As the Kubernetes ecosystem matures, more vulnerabilities will be found and this should not be ignored.
Security of EKS Cluster
Security Kubernetes Cluster
- You will get the benefit of securing your Kubernetes cluster from AWS on a platform and if you have some issues with the control plane that are also resolved by AWS support for EKS.
- Your cluster has an additional layer of protection, since your AWS Account doesn’t have root access to your master nodes.
- You can also set up EKS with encrypted root volumes and private networking.
- Also, EKS clusters are set up with limited administrator access via IAM.
Security of KOPS Cluster
- The security of cluster while using kops is entirely up to you, you can further increase the security since you have complete control over the master nodes.
- Kops clusters does benefit from Amazon Shared Responsibility Model but without extra benefits of security expertise or support.
- Private networking, encrypted root volumes, and security group controls are already included in most of the kops cluster.
AWS EKS gives you easy and hassle-free management of Kubernetes control plane, allows you to easily upgrade or update your Kubernetes cluster. It makes cluster maintenance easier and comes bundled with AWS Security and AWS support for your cluster.
Whereas, KOPS gives you a better command of your Kubernetes control plane to you but on the other hand is a little complex to manage and upgrade when compared with Amazon EKS. Though the KOPS community offers tutorials and support for using the tool.