Amazon EKS networking add-ons
Several networking add-ons are available for your Amazon EKS cluster.
Built-in add-ons
Note
If you create clusters in any way except by using the console, each cluster comes with the self-managed versions of the built-in add-ons. The self-managed versions can't be managed from the Amazon Web Services Management Console, Amazon Command Line Interface, or SDKs. You manage the configuration and upgrades of self-managed add-ons.
We recommend adding the Amazon EKS type of the add-on to your cluster instead of using the self-managed type of the add-on. If you create clusters in the console, the Amazon EKS type of these add-ons is installed.
- Amazon VPC CNI plugin for Kubernetes
This CNI add-on creates elastic network interfaces and attaches them to your Amazon EC2 nodes. The add-on also assigns a private
IPv4
orIPv6
address from your VPC to each Pod and service. This add-on is installed, by default, on your cluster. For more information, see Working with the Amazon VPC CNI plugin for Kubernetes Amazon EKS add-on.- CoreDNS
CoreDNS is a flexible, extensible DNS server that can serve as the Kubernetes cluster DNS. CoreDNS provides name resolution for all Pods in the cluster. This add-on is installed, by default, on your cluster. For more information, see Working with the CoreDNS Amazon EKS add-on.
kube-proxy
This add-on maintains network rules on your Amazon EC2 nodes and enables network communication to your Pods. This add-on is installed, by default, on your cluster. For more information, see Updating the Kubernetes kube-proxy self-managed add-on.
Optional Amazon networking add-ons
- Amazon Load Balancer Controller
-
When you deploy Kubernetes service objects of type
loadbalancer
, the controller creates Amazon Network Load Balancers . When you create Kubernetes ingress objects, the controller creates Amazon Application Load Balancers. We recommend using this controller to provision Network Load Balancers, rather than using the legacy Cloud Providercontroller built-in to Kubernetes. For more information, see the Amazon Load Balancer Controller documentation. - Amazon Gateway API Controller
This controller lets you connect services across multiple Kubernetes clusters using the Kubernetes gateway API
. The controller connects Kubernetes services running on Amazon EC2 instances, containers, and serverless functions by using the Amazon VPC Lattice service. For more information, see the Amazon Gateway API Controller documentation.
Additional networking add-ons
- Calico network policy engine
This add-on is a network policy engine for Kubernetes. With Calico network policy enforcement, you can implement network segmentation and tenant isolation. This is useful in multi-tenant environments where you must isolate tenants from each other or when you want to create separate environments for development, staging, and production. For more information, see Installing the Calico network policy engine add-on.
For more information about add-ons, see Amazon EKS add-ons.