A Comparison of Public Cloud Managed Kubernetes Services

Assuming that you’ve already decided that Kubernetes is the way to go, this article aims to provide a comparison of public cloud vendors to assist you when deciding where to run Kubernetes. It’s important to understand the main features and capabilities of the main cloud providers before choosing your target platform.

Before getting into public cloud vendors, it’s important to highlight that Kubernetes is so modular, flexible, and extensible that it can be deployed on-prem, or in a third-party data centre, in any of the popular cloud providers and even across multiple cloud providers. With a varying array of choices, what should you do for your business and peace of mind?

Should you run your Kubernetes systems on-prem or in third-party data centres? You may have already invested a lot of time, money, and training on your bespoke infrastructure. The challenges of DIY Kubernetes infrastructure become more and more burdensome as you need to invest time and operational cycles and ongoing daily management of the environment.

Or, should you run your Kubernetes system on one of the cloud providers? You may want to benefit from the goodness of Kubernetes without the headache of having to manage it and keep it in tip-top form with upgrades and security patching.

What’s also important to note is that you’ll need to be already containerised — if you’re already there then great, taking that monolithic application to a brave new world is going to be a challenge but it does bring its benefits as you drive your business forward.

Choosing to run Kubernetes managed by your cloud provider is probably a no-brainer. You already run workloads in the cloud, right? Kubernetes gives you the opportunity to replace many layers of management, monitoring and security you may have to build and more importantly, have the skillset to integrate with your processes.

There are a few cloud providers that support Kubernetes, here, we’ll focus on the Big Three: Google’s GKE, Microsoft AKS and Amazon’s EKS, and provide a view on what IONOS Enterprise Cloud has to offer.

You may not know that Kubernetes came from Google. GKE is Google’s Managed Kubernetes. Google SREs will manage the control plane of Kubernetes for you and carry out auto-upgrades. Since Google has so much influence on Kubernetes and has been used as the container orchestration solution of the Google cloud platform from day one, it would be questionable if it didn’t have the best integration.

GKE is one of the most up to date providers in terms of releases and doesn’t comprise any costs for the Kubernetes control plane, which is important to bear in mind if controlling costs is an important factor. You just pay for the worker nodes and Google will also provide GCR (Google Container Registry), integrated central logging and monitoring via Stackdriver Logging and Stackdriver Monitoring. This however, can get very pricey. If you’re interested in even tighter integration with your CI/CD pipeline, you can use Google Code Build, but bear in mind that this will increase the costs even further. As with most PaaS products, once you are locked in, there is no turning back. The main thing to keep in mind is that flexibility is key with Kubernetes, most ancillary services can be bolted on to your hosted servers so you’re not forced into using the vendors’ tools if you don’t want to.

GKE takes advantage of general-purpose Kubernetes concepts like Service and Ingress for fine-grained control over load balancing. If your Kubernetes service is of type LoadBalancer, GKE will expose it to the world via a plain L4 (TCP) load balancer. However, if you create an Ingres object in front of your service, then GKE will create an L7 load balancer capable of doing SSL termination for you and even allow gRPC traffic if you annotate it correctly. Of course, setting up your own Ingress Controller is also possible should the need arise.

Microsoft Azure originally had a solution called ACS that supported Apache Mesos, Kubernetes and Docker Swarm. But, in 2017, it introduced AKS as a dedicated Kubernetes hosting service.

AKS is very similar to GKE and manages a Kubernetes cluster for you, free of charge. Microsoft invested a lot in Kubernetes in general and AKS in particular. There is strong integration with Active Directory for authentication and authorisation, integrated monitoring and logging, and Azure storage. You also get built-in container registry, networking, and GPU-enabled nodes.
 

One of the most interesting features of AKS is its usage of the virtual-kublet project to integrate with ACI (Azure Container Instances). The ACI takes away the need to provision nodes for your cluster.

Setting up a cluster on AKS takes a long time (20 minutes on average) and the start-up time is very volatile (more than an hour on some occasions). The developer experience is relatively poor as you need a combination of a web UI (Azure Portal Manager), PowerShell, and plain CLI to provision to set everything up.

Amazon made a late appearance on the Kubernetes scene. It always had its own ECS (Elastic Container Service) container orchestration platform but, customer demand for Kubernetes was overwhelming. Many organisations ran their Kubernetes clusters on EC2 using Kops or similar and eventually, AWS decided to provide proper support with official integrations. EKS today integrates with IAM for identity management, AWS load balancers, networking, and various storage options.

AWS has promised integration with Fargate (similar to AKS + ACI). This will eliminate the need to provision worker nodes and potentially let Kubernetes automatically scale up and down for a truly elastic experience. Note that on EKS, you have to pay for the managed control plane. This might be a limiting factor if you just want to play around and experiment with Kubernetes, or if you have many small clusters.

As far as performance goes, EKS takes 10–15 minutes to start a cluster. It is not the simplest to set up as AKS mean that you’re moving between the management consoles, IAM and CLI to get the cluster up and running.  It’s probably the most complex setup out of the three cloud vendors so in reality, it could take a little under an hour from the initial deployment to getting the cluster up and running.

Although IONOS may have some catching up to do with ancillary PaaS services, it’s a clear leader when it comes to creating a cluster and providing worker nodes. IONOS does this with ease and simplicity and much better than the competition. It has a UI integration with the data centre designer, something which is missing from the top three providers. The process with IONOS is so simple that the clusters can be ready to use in under 15 minutes.

Having the ability to choose the amount of CPU and RAM is a huge plus, it means that you’re not restricted to specific sizes for your worker nodes and adding and removing worker nodes is simple, too. However, remember to drain your nodes before you remove them.

IONOS also has full API ingratiation, in fact, a cluster and worker nodes can be up and running with only four API calls. With IONOS, you get dedicated CPU and RAM resources so performance is a given. This product also comes with a GDPR compliant cloud infrastructure, leaving the worry about the US Cloud Act aside, which should be top of your list for cloud service requirements.

There are also services such as persistence volumes in the shape of HDD and SSD storage and load balancer services just like the other vendors. With new services on their roadmap such as its vanilla Kubernetes, IONOS makes it easy to add things like Istio, Prometheus, Grafana and Ingress load balancers. In terms of cost, IONOS is well bellow the benchmark, making it very attractive.

This monthly cost comparison is based on a user having 3 master nodes and 15 worker nodes, with each node consisting of 4 vCPU and 16GB of RAM.

Kubernetes itself is platform agnostic. In theory, you can easily switch from any cloud platform to another, as well as run on your own infrastructure. In practice, when you choose a platform provider, you’ll expect some great services, making the migration worthwhile.

There are a number of container orchestration tools out there, with the likes of Rancher, Swarm and many others, but it looks like Kubernetes is a set leader in this field. The big question from a user’s perspective is where to run it. It’s simple, if you’re already running on a cloud provider, check to ensure that your vendor is the right choice. Multi-cloud gives you the benefit of leveraging the best that cloud has to offer, so you can run your Kubernetes cluster with confidence!