Kubernetes Networking for EKS
3 min readApr 2, 2020
Design your EKS with Routable and Non-Routeable Network
Overview
Amazon Elastic Container Service for Kubernetes (Amazon EKS) is a fully managed service that makes it easy to use Kubernetes on AWS without having to be an expert in managing Kubernetes clusters.
AWS manages the Control Plane, while customers manage the worker nodes
EKS Networking Requirement
- Amazon EKS requires subnets in at least two Availability Zones.
- The recommend approach is to have a network architecture that uses private subnets for the worker nodes and public subnets for Kubernetes to create internet-facing load balancers within.
- Internet-facing load balancers require a public subnet in your cluster
- Worker nodes require outbound internet access to the Amazon EKS APIs for cluster introspection and node registration at launch time
- To pull container images, they require access to the Amazon S3 and Amazon ECR APIs, as well as other docker registries such as DockerHub
- The subnets that you pass when you create the cluster influence where Amazon EKS places elastic network interfaces that are used for the control plane to worker node communication.
- Your VPC must have DNS…