Deepak Singh of AWS Talks Containers, Kubernetes and ECS/EKS

Hello and welcome to Protocol Enterprise! Today: A deep dive into AWS’ current and future plans for container technology, Okta apologizes for the late disclosure of security incidents and the latest funding rounds secured by enterprise technology companies.

turn up

Cloud computing is certainly a global phenomenon, but most of the infrastructure required to make it work still evokes the US. According to Synergy Research Group, more than 40% of all “hyperscale” data centers and nearly 50% of total capacity are located in the Lower 48.

You can only hope to grasp it

In recent years, when it comes to containers, AWS customers have moved from “we’re interested” and “we’re starting to run some applications in them” to “we could consider running significant parts of our business on them.” , according to Deepak Singh, AWS’ VP of Compute Services.

“For the most part, especially if it’s a newer application or a modernized or restructured application, it will run in containers orchestrated by [Amazon] ECS and EKS or running on Lambda,” Singh said in an interview with Protocol. “Directly on a [virtual machine]without container orchestration on top of it, is becoming less common.”

  • Containers accelerate application development by isolating everything needed to build and deploy applications — code and other operational dependencies, including configuration files and system libraries and tools — without the overhead of an operating system.
  • The technology has been around for a long time, but Docker popularized a developer-friendly format for using containers around 2013 and it has since become a big part of the cloud-native world.
  • With two major managed services for containers, AWS dominates container orchestration among cloud providers, according to market share data.

But the company has also heavily promoted Lambda, a very different computing service without server functions, as the future of cloud computing.

  • AWS remains reluctant to recognize one of the primary benefits of containers — they make it easier to run applications across multiple clouds — despite the growth and influence of containers as a product strategy, both within AWS and beyond.
  • And the key features announced in 2020 to support customers looking to manage applications on any infrastructure seem to fall short of the multicloud capabilities offered by similar products from Microsoft and Google.

“One of the unique things about AWS is that we have two containers at a high level through ECS and EKS; most other people just have that one,” Singh said. “And they appeal to a different type of customer – in many cases different people in the same company, different departments in the same organization.

  • Amazon Elastic Container Service (ECS) — the domestically developed and first managed container service launched in 2015 — was highlighted in a December report by SlashData, a developer-focused analyst firm.
  • But it retains a tenuous lead. Thirty-three percent of developers use Amazon ECS, according to the report commissioned by the Cloud Native Computing Foundation, followed by Google Kubernetes Engine (GKE) at 32%.
  • Launched nearly three years after GKE, Amazon Elastic Kubernetes Service (EKS) is used by 30% of developers surveyed and had the largest year-over-year profit at eight percentage points. A quarter of developers, meanwhile, said they were using Microsoft Azure Kubernetes Service, and 17% were using Red Hat OpenShift Online or hosting OpenShift on a third-party cloud provider.

Amazon ECS is falling out of favor to some extent due to its proprietary AWS technology, according to Eric Drobisewski, senior enterprise architect at insurer Liberty Mutual, who is trying to minimize Amazon ECS usage over time.

  • “The code for that is a bit closed off to Amazon in terms of how it’s implemented and how it’s developed,” Drobisewski said. “It has its own orchestration model that they built – it’s not based on Kubernetes. It does support open standards in terms of the artifacts you can push into it… but the operation model around it is really unique.

AWS launched semi-answers to hybrid and multicloud offerings from its rivals last year — Google Cloud’s Anthos platform and Microsoft’s Azure Arc — with Amazon EKS Anywhere and ECS Anywhere, following the announcement of the products at re:Invent 2020.

  • The current Amazon EKS Anywhere deployment option, which became available last September, allows customers to create and deploy Kubernetes clusters in their own data centers and other clouds using VMware vSphere, with optional support from AWS. Bare metal support is expected this year.
  • ECS Anywhere is a similar feature to Amazon ECS that launched last May to enable customers to run and manage container workloads on their on-premises infrastructure.
  • But the tools don’t allow for true cloud-neutral functionality, said Jason Gregson, global head of AWS Operations and Programs at DoiT International, a multicloud software and managed service provider.
  • “It’s more of an enabler than really a set of tools that let you do vendor-agnostic cloud computing…around containers,” Gregson said. “The computational element the software runs on — yes, that’s absolutely agnostic. The part that allows customers to actually use it – no.”

Both Amazon EKS Anywhere and ECS Anywhere are off to a “good start”, according to Singh.

  • “There are already customers who have widely adopted them for a variety of workloads ranging from gaming, machine learning, data prep to running enterprise IT,” he said.
  • Next year, we should know if the Anywhere versions of AWS’s container services helped the company maintain its competitive edge.

— Donna Goodison (e-mailtwitter


From the AI ​​Act to the Data Act to the DMA and the DSA, the EU is strengthening its digital policy arsenal. Knowing more? Don’t delay, join POLITICO Live’s AI & Tech Summit on April 21 to dissect these issues with key decision-makers.

Learn more

Okta: “We made a mistake”

Last week at Okta was a case study on the value of revealing bad news as early as possible in one big batch, rather than drop by drop over a longer period of time.

Late Friday, Okta published a FAQ about the January security incident involving a Sitel contractor working for its customer support teams, which could have compromised data on more than 300 of its customers, but was not disclosed to customers until after internal screenshots were taken. were posted on Twitter. “We want to acknowledge that we made a mistake,” the company said.

“In January, we didn’t know the magnitude of the Sitel problem — just that we discovered and prevented an account takeover attempt and that Sitel hired a third-party forensics company to investigate. At the time, we didn’t realize there was a risk to Okta and our customers. We should be more active and forceful in enforcing information from Sitel,” the company said.

The security impact of this incident is likely to be quite limited, as customer support contractors had limited access to customer data, but it may take time to establish reputational damage. Techcrunch also reported that Okta’s network was compromised after the Lapsus$ hackers found a spreadsheet on Sitel’s network titled “DomAdmins-LastPass.xlsx,” which contained a plain-text list of passwords stored in a password manager, negating the whole purpose of a password manager.

— Tom Krazite-mailtwitter


From the AI ​​Act to the Data Act to the DMA and the DSA, the EU is strengthening its digital policy arsenal. Knowing more? Don’t delay, join POLITICO Live’s AI & Tech Summit on April 21 to dissect these issues with key decision-makers.

Learn more

Thanks for reading – see you tomorrow!

Leave a Comment