Kubernetes on Cloud (EKS / GKE / AKS)

Managed Kubernetes services help you run Kubernetes without worrying about installing or maintaining control planes, servers, or upgrades. Cloud providers handle the heavy work, so you can focus on deploying applications.

What is Managed Kubernetes?

Managed Kubernetes means the cloud provider takes care of:

Control plane setup (API server, scheduler, controller, etcd)
Cluster upgrades and maintenance
High availability (HA)
Security patches and updates

You only manage:

Worker nodes (in some platforms, even these are auto-managed)
Applications (Pods, Deployments, Services)

? In simple words: Managed Kubernetes lets you focus on your applications while the cloud provider handles the infrastructure.

Popular Managed Kubernetes Platforms

Amazon Web Services – Amazon EKS

Fully managed Kubernetes service.
Deep integration with AWS services (like EC2, IAM, VPC).
Strong IAM-based security.
Suitable for production-grade applications.

Google Cloud – Google Kubernetes Engine (GKE)

One of the oldest and most stable Kubernetes services.
Excellent auto-scaling and auto-repair features.
Simple and fast cluster creation.
Backed by Google (creator of Kubernetes).

Microsoft Azure – Azure Kubernetes Service (AKS)

Easy integration with Azure Active Directory (AAD).
Good choice for enterprise applications.
Simplified cluster setup and management.
Works well within the Microsoft ecosystem.

Why Use Kubernetes on Cloud?

No need for manual cluster setup.
Auto-scaling and high availability (HA).
Built-in security and IAM integration.
Easy monitoring and logging support.
Production-ready infrastructure.

? Perfect for microservices and highly scalable applications.

Creating a Kubernetes Cluster (EKS / GKE / AKS)

Setting up a Kubernetes cluster on cloud platforms like AWS, Google Cloud, and Azure is simple using their CLI tools. Below are examples with clear explanations.

AWS EKS (using eksctl)

eksctl create cluster \\
  --name demo-cluster \\
  --region ap-south-1 \\
  --nodes 2

Explanation:

eksctl create cluster → This command creates a new Kubernetes cluster on AWS
-name demo-cluster → Specifies the name of your cluster
-region ap-south-1 → Selects the AWS region (Mumbai in this case)
-nodes 2 → Creates 2 worker nodes in the cluster

? This is one of the easiest ways to launch a fully managed Kubernetes cluster on AWS.

Google Kubernetes Engine (GKE) using gcloud

gcloud container clusters create demo-cluster \\
  --num-nodes 2 \\
  --zone asia-south1-a

Explanation:

gcloud container clusters create → Command to create a Kubernetes cluster on GCP
demo-cluster → Name of the cluster
-num-nodes 2 → Defines the number of nodes to create
-zone asia-south1-a → Specifies the GCP zone (India region)

? GKE provides a fast and reliable way to create clusters with built-in scaling and management.

Azure Kubernetes Service (AKS) using Azure CLI

az aks create \\
  --resource-group demo-rg \\
  --name demo-cluster \\
  --node-count 2

Explanation:

az aks create → Command to create a Kubernetes cluster on Azure
-resource-group demo-rg → Specifies the resource group where the cluster will be created
-name demo-cluster → Sets the cluster name
-node-count 2 → Creates 2 worker nodes

? AKS simplifies Kubernetes deployment with strong integration into the Azure ecosystem.

kubectl Configuration for Cloud Clusters

After creating your Kubernetes cluster, you need to configure kubectl so it can connect and interact with your cloud cluster.

AWS EKS

aws eks update-kubeconfig \\
  --region ap-south-1 \\
  --name demo-cluster

Explanation:

aws eks update-kubeconfig → Updates your local kubeconfig file to connect with EKS
-region ap-south-1 → Specifies the AWS region where the cluster is running
-name demo-cluster → Defines the cluster name

? This command allows kubectl to communicate with your EKS cluster.

Google Kubernetes Engine (GKE)

gcloud container clusters get-credentials demo-cluster \\
  --zone asia-south1-a

Explanation:

gcloud container clusters get-credentials → Fetches cluster credentials
demo-cluster → Name of the cluster
-zone asia-south1-a → Specifies the zone where the cluster is deployed

? This sets up authentication so kubectl can access your GKE cluster.

Azure Kubernetes Service (AKS)

az aks get-credentials \\
  --resource-group demo-rg \\
  --name demo-cluster

Explanation:

az aks get-credentials → Downloads cluster credentials for kubectl
-resource-group demo-rg → Specifies the resource group
-name demo-cluster → Cluster name

? This connects your local kubectl to the AKS cluster.

Verify Connection

kubectl get nodes

Explanation:

kubectl get nodes → Lists all worker nodes in the cluster

? If nodes are displayed, your cluster is successfully connected.

Deploy Application Using YAML

In Kubernetes, applications are deployed using YAML configuration files. These files define how your application should run inside the cluster.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-app
        image: nginx
        ports:
        - containerPort: 80

Explanation:

apiVersion: apps/v1 → Specifies the API version for Deployment
kind: Deployment → Defines that we are creating a Deployment
metadata.name: my-app → Name of the Deployment
replicas: 2 → Runs 2 instances (pods) of the application
selector.matchLabels → Matches pods with label app: my-app
template.metadata.labels → Labels applied to the pods
containers.name → Name of the container
image: nginx → Uses the Nginx Docker image
containerPort: 80 → Exposes port 80 inside the container

? This configuration creates a scalable application with 2 running pods.

Apply the Deployment

kubectl apply -f deployment.yaml

Explanation:

kubectl apply -f deployment.yaml → Creates or updates resources defined in the YAML file

? After running this command, your application will be deployed to the Kubernetes cluster.

Load Balancers & Ingress Controllers

Kubernetes uses Services and Ingress Controllers to expose applications to external users. A LoadBalancer Service is the easiest way to make your app accessible on the internet.

Service with LoadBalancer

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: LoadBalancer
  selector:
    app: my-app
  ports:
  - port: 80
    targetPort: 80

Explanation:

apiVersion: v1 → Specifies the API version
kind: Service → Defines a Kubernetes Service
metadata.name: my-service → Name of the Service
type: LoadBalancer → Exposes the app externally using a cloud load balancer
selector.app: my-app → Connects the service to pods with label app: my-app
port: 80 → Port exposed to users
targetPort: 80 → Port on which the container is running

? This service routes external traffic to your application pods

Apply the Service

kubectl apply -f service.yaml

Explanation:

kubectl apply -f service.yaml → Creates the service in the cluster

? Cloud automatically creates an external IP.

Auto Scaling in Kubernetes

Kubernetes supports automatic scaling using the Horizontal Pod Autoscaler (HPA). It adjusts the number of pods based on resource usage like CPU, ensuring your application handles traffic efficiently without manual intervention.

HPA (Horizontal Pod Autoscaler) – CLI

kubectl autoscale deployment my-app \\
  --cpu-percent=50 \\
  --min=2 \\
  --max=10

This command enables auto-scaling for the my-app deployment. Kubernetes will maintain CPU usage around 50% and automatically scale the number of pods between 2 and 10 based on load.

YAML Version (HPA Configuration)

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: my-app-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: my-app
  minReplicas: 2
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 50

This configuration defines an HPA resource that automatically scales the my-app deployment between 2 and 10 pods, keeping CPU utilization around 50% for optimal performance.

Persistent Storage in Cloud Kubernetes

In cloud-based Kubernetes environments, storage is managed using cloud provider services, making data persistence reliable and scalable. Instead of storing data inside containers (which is temporary), Kubernetes uses external storage solutions.

AWS EBS (used in EKS)
Google Persistent Disk (used in GKE)
Azure Disk (used in AKS)

These services ensure your application data remains safe even if pods restart or fail.

Example: PersistentVolumeClaim (PVC)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi

This configuration requests 5GB of persistent storage from the cloud provider. Kubernetes automatically binds this claim to an available Persistent Volume.

Networking in Cloud Kubernetes

Kubernetes networking allows communication between pods and external users. It provides different service types to expose applications based on use case.

ClusterIP → Used for internal communication within the cluster.
NodePort → Exposes the application on a node’s IP and port.
LoadBalancer → Provides external access using a cloud load balancer.
Ingress → Enables advanced routing (domain-based and path-based routing).

? These networking options help manage traffic efficiently in cloud environments.

Example: Ingress Configuration

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: myapp.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80

This Ingress configuration routes traffic from myapp.com to the my-service service inside the cluster, enabling clean and user-friendly URLs.

Kubernetes Security (Important for Cloud)

Security is a critical part of running Kubernetes in the cloud. Kubernetes provides built-in mechanisms like RBAC (Role-Based Access Control) and integrates with cloud IAM systems to control access and permissions effectively.

RBAC (Role-Based Access Control)

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "watch", "list"]

This configuration defines a role that allows read-only access to pods. It ensures users or services can only perform limited actions like viewing and listing resources, improving cluster security.

IAM Integration

Cloud platforms provide seamless integration with their Identity and Access Management (IAM) systems for secure authentication and authorization:

EKS → Uses IAM roles for service accounts (fine-grained access control).
GKE → Integrates with Google IAM for identity management.
AKS → Uses Azure Active Directory (Azure AD) for authentication.

? Combining RBAC with cloud IAM ensures secure and controlled access to your Kubernetes cluster.

Difference Between EKS, GKE, and AKS

Feature	EKS (AWS)	GKE (Google Cloud)	AKS (Azure)
Ease of Setup	Moderate (requires more configuration)	Very easy (quick setup)	Easy (simplified process)
Control Plane Management	Fully managed (paid)	Fully managed (free/basic)	Fully managed (free)
Auto Scaling	Good (needs configuration)	Excellent (advanced auto-scaling)	Good (simple setup)
Performance	High	Very high (Google optimized)	High
Integration	Deep AWS services (EC2, IAM, VPC, S3)	Strong GCP services (BigQuery, Cloud Storage)	Strong Azure services (.NET, AD, DevOps)
Security	AWS IAM-based	Google IAM + Workload Identity	Azure AD integration
Networking	More flexible but complex	Simple and efficient	Easy to configure
Pricing	Control plane is paid	Free control plane (standard tier may cost)	Free control plane
Best Use Case	Large-scale AWS-based apps	Performance & ease of use	Enterprise & Microsoft ecosystem

Cost Optimization Strategies

Managing costs in cloud-based Kubernetes environments is essential for efficient resource utilization. By using the right strategies, you can reduce unnecessary expenses while maintaining performance and scalability.

Use auto-scaling (HPA + Cluster Autoscaler) to adjust resources based on demand.
Turn off or remove unused nodes to avoid extra charges.
Use spot/preemptible instances for cost-effective workloads.
Right-size pods by setting proper CPU and memory limits.
Use storage only when required to avoid unnecessary costs.
Monitor usage with tools like CloudWatch, Stackdriver, or Azure Monitor.

Conclusion

Running Kubernetes on cloud platforms like EKS, GKE, and AKS makes production deployments more efficient and reliable. It simplifies infrastructure management while providing built-in scalability, security, and high availability.

Easier to manage and deploy.
Faster setup and execution.
Highly scalable for growing applications.
Secure with cloud-integrated features.