Whether you’re considering getting your feet wet with Kubernetes first using one of the public clouds’ Kubernetes services, or looking at Kubernetes as the foundation for the way you deploy applications consistently across hybrid/multi cloud environments, you are likely looking at the big three cloud providers and their Kubernetes offerings.
This article reviews the Kubernetes offerings from the three providers: Amazon Elastic Kubernetes Service (EKS) from Amazon Web Services (AWS), Azure Kubernetes Service (AKS) from Microsoft Azure, and Google Kubernetes Engine (GKE) from Google Cloud.
When selecting which hosted Kubernetes offering is best for you, you have to look beyond just price. Additional considerations like scalability, standardization, update frequency, recovery, and whether or not a service mesh is included are all critical to making the best decision.
Elastic Kubernetes Services (EKS) is one of the managed container offerings that are available on AWS, and is the least integrated offering as far as interacting with other AWS services like CI/CD pipelines. Elastic Container Service (ECS) that preceded EKS and Fargate are more preferred offerings within the AWS ecosystem; but as EKS is based on Kubernetes, most everything you will need to connect to it will work, as the industry is moving towards supporting Kubernetes as a deployment target for applications and data source for logs and application performance metrics.
EKS is a good choice if you already have a large AWS footprint and are either experimenting with Kubernetes or want to migrate workloads from Kubernetes on other clouds.
The Google Cloud Platform (GCP) entry in the hosted Kubneretes space is Google Kubernetes Engine (GKE). GKE is the most resilient and well-rounded Kubernetes offering when compared to AKS and EKS. It has the highest SLA for uptime (see table below) and is the only one with a marketplace to deploy applications from. It has support for the Istio service mesh, and gvisor for an extra layer of security between running containers. It also has an on-premises offering in development as part of Google’s Anthos offering for hybrid/multi cloud environments on dedicated hardware.
AKS is the Microsoft developed Kubernetes offering that runs on Azure Public Cloud, Government Cloud, and even Azure Stack for on-premises. It is deeply integrated with the rest of the Microsoft cloud services and has managed worker nodes (unlike EKS). Like most things Microsoft does, it is definitely best-of-breed when it comes to seamless integration with their cross-platform development tools, including VS Code and DevOps (formerly Visual Studio Team Services).
If you have an established relationship with Microsoft, and no strong preference for another cloud, then AKS will fit your needs.
Note: Microsoft also offers Azure Red Hat OpenShift (ARO) as a managed tier-1 service on Azure. However, the ARO service abstracts Kubernetes functionality away from the cloud user, and is not a real Kubernetes offering, but merely embeds Kubernetes for its own use.
- Pricing: All services charge standard compute rates for worker nodes and they are roughly competitive. AWS EKS is the only one to charge for the control plane at a cost of $0.20/hour.
- Kubernetes Release: As of October 2019, Kubernetes has released version 1.16. GKE, EKS, and AKS have 1.14 as their regular stable release, though GKE has “rapid” stream that runs 1.15.
- Global Availability: All three providers have their offering available in most regions globally. A notable exception is that EKS is not available in the AWS government cloud; AKS, however, is in at least one Azure government cloud. (For reference, Google has no government clouds.)
- Upgrades: AKS and GKE will both handle security patches on the control plane and nodes; the nodes in EKS are not managed in the same way. You can enable automatic upgrades to the control plane on GKE, and all three offer on-demand upgrades of the control plane to newer versions.
- Node Groups: EKS and GKE both allow nodes in a cluster to be grouped so applications can be targeted at specific nodes, and the entire cluster does not need to have more expensive nodes like GPU enabled ones. AKS recommends separate clusters in these scenarios.
- Bare Metal Nodes: Only EKS allows the use of bare metal nodes. GKE and AKS can only use virtual machines. It is fair to note that EKS defaults to virtual machines, as bare metal are much more expensive.
- Management via CLI: GKE and AKS have full support to manage all aspects of their Kubernetes clusters via their CLI tool. EKS has partial support via the CLI, which makes some automation harder to enact without 3rd party tools.
- Resource Monitoring: GKE (StackDriver) and AKS (Azure Monitor) have native support for resource monitoring within their Kubernetes cluster, with StackDriver having far more capabilities. EKS requires the use of a third-party product and recommends Prometheus like any other non-hosted Kubernetes offering would use.
In addition to these comparison points, there are many more that may be of interest. Below is a table that summarizes the ones already mentioned, and includes a few more.
|Kubernetes Versions||1.12, 1.13, 1.14||1.13, 1.14, 1.15||1.12, 1.13, 1.14|
|Global Availability||Yes||Yes||Yes + Government|
|Control Plane Cost||$0.20/hr||Free||Free|
|Control Plane Upgrades||On-Demand||Automation and On-Demand||On-Demand|
|Bare Metal Nodes||Yes||No||No|
|Resource Monitoring||3rd Party||Yes (StackDriver)||Yes (Azure Monitor)|
|Nodes per Cluster||100||5000||500|
|App Secret Encryption||No||Yes||No|
|Network Policies||3rd Party||Yes||Beta|
|Global Load Balancing||Yes (Manually)||Yes||Yes (Traffic Manager)|
|Service Mesh||Yes (App Mesh)||Beta (Istio)||No (In Development)|
|DNS Support||Integrated ($)||No||Integrated (Free)|
|Compliance||HIPAA, SOC, ISO, PCI DSS||HIPAA, SOC, ISO, PCI DSS||HIPAA, SOC, ISO, PCI DSS|
|Documentation||Weak but complete, and a strong community||Not very thorough, but has an active community||Extensive official documentation and a strong community|
Kubernetes is now an integral part of the technology landscape and is expected to be around for a long time as part of any cloud infrastructure. So regardless if you are just getting started on GKE, leveraging your Microsoft Enterprise Agreement to get better pricing and support on Azure, or want to make transitioning on-premises applications to the cloud easier with EKS on Amazon, there is a certified hosted Kubernetes offering that will meet your needs.
If your interested in a managed Kubernetes offering that works across all public clouds, as well as your own existing infrastructure, check out our Managed Kubernetes offering. Platform9 Managed Kubernetes (PMK) is the only Kubernetes service that ensures fully automated Day-2 operations with 99.9% SLA on any environment: in data-centers, public clouds, or at the edge.
Our unique SaaS Management Plane remotely monitors, optimizes and heals your Kubernetes clusters and underlying infrastructure. With automatic security patches, upgrades, proactive monitoring, troubleshooting, auto-healing, and more — you can confidently run production-grade Kubernetes, anywhere.