Cloud Service Mapper

Managed Kubernetes

Amazon EKS

Managed Kubernetes control plane for containerized applications.

AWS

Service information

Amazon EKS

Shortname: EKS

Huawei equivalent shortnames: CCE, CCI

Keywords: kubernetes, container, k8s

Differences vs Huawei

AWS EKS and Huawei Cloud CCE take fundamentally different approaches to how they structure their Kubernetes offerings, particularly in how they manage the boundary between user responsibility and platform management. AWS EKS operates on a spectrum of compute models where standard EKS has AWS managing only the control plane while users manage EC2 worker nodes, EKS Auto Mode extends management to the entire data plane using Karpenter-based autoscaling, and AWS Fargate provides unique per-pod VM isolation where each pod runs in its own virtual machine boundary with dedicated kernel, CPU, and memory resources.

Huawei Cloud CCE structures its offerings into three distinct tiers that align more closely with traditional cluster management paradigms. CCE Standard provides conventional managed Kubernetes where users manage ECS or BMS instances as nodes. CCE Turbo enhances this with hardware-software co-optimization supporting hybrid scheduling and Cloud Native Network 2.0 architecture. CCE Autopilot provides a fully serverless experience comparable to EKS Auto Mode. A notable architectural distinction is CCE's native support for heterogeneous compute environments within a single cluster, allowing x86 virtual machines, Kunpeng Arm-based instances, GPU-accelerated nodes, and Bare Metal Servers to coexist and share the same control plane.

The node pool implementations differ in their approach to capacity optimization. AWS EKS offers sophisticated Spot instance integration with price-capacity-optimized allocation strategies, enabling significant cost reductions for interruption-tolerant workloads. Huawei Cloud lacks an equivalent spot market, though its CCI service provides pay-per-use serverless containers that can serve a similar purpose for burst workloads. Where AWS uses managed node groups backed by Auto Scaling groups with automated repair capabilities, CCE provides native node pools with integrated auto scaling that does not require third-party tools like Cluster Autoscaler.

The networking models reveal significant architectural divergence between the two platforms. AWS EKS centers around the Amazon VPC CNI plugin, which allocates Elastic Network Interfaces to nodes and assigns pods IP addresses directly from VPC CIDR blocks. This creates tight integration with VPC security groups, flow logs, and network ACLs, though it imposes instance-type-specific limits on the number of pods per node based on ENI attachment capabilities.

Huawei Cloud CCE offers three distinct networking models that users must select at cluster creation time. The Container Tunnel Network uses VXLAN encapsulation via Open vSwitch to create an overlay network plane, introducing 5 to 15 percent performance overhead but providing broad compatibility and support for Kubernetes NetworkPolicies. The VPC Network model eliminates tunneling overhead by using direct VPC routing, though it constrains cluster scale to approximately 1,000 nodes due to VPC route table entry limits. The Cloud Native Network 2.0 model available exclusively in CCE Turbo and Autopilot clusters represents Huawei's most advanced networking architecture by completely flattening the VPC and container networks into a single layer.

In Cloud Native Network 2.0, pods receive IP addresses directly from VPC subnets via network interfaces attached to the node, eliminating encapsulation overhead entirely and enabling features like direct security group attachment to individual pods and ELB passthrough without NodePort intermediation. While both platforms support IPv4/IPv6 dual-stack networking, Huawei's Cloud Native 2.0 enables true network flattening that AWS VPC CNI does not fully replicate, particularly in how security groups can be applied at the pod level with the same granularity as EC2 instances. AWS compensates with broader support for alternative CNI plugins including Calico and Cilium, which CCE supports only in its Standard cluster type.

The service mesh landscape differs substantially between the two platforms. AWS App Mesh, which uses Envoy sidecars to provide traffic management capabilities, has announced end-of-life with support terminating in September 2026. AWS recommends migration to Amazon ECS Service Connect or self-managed Istio installations. EKS users seeking Istio must either manage it themselves or procure it through AWS Marketplace partners, as AWS does not offer a native managed Istio service.

Huawei Cloud provides Application Service Mesh as a fully managed, Istio-compatible service mesh natively integrated with CCE. ASM can be enabled with a single click from the CCE console and provides comprehensive traffic management including canary releases, blue-green deployments, outlier detection, fault injection, and circuit breaking without requiring manual sidecar injection configuration. ASM extends beyond standard Istio capabilities to include built-in support for Spring Cloud and Dubbo service frameworks, enabling unified governance across heterogeneous microservice architectures.

Migration to Huawei

When translating AWS EKS compute patterns to Huawei Cloud, organizations using EKS Auto Mode can transition to CCE Autopilot for similar fully-managed node experiences, though they should note that CCE Autopilot uses shared node architectures rather than Fargate's per-pod VM isolation. For Fargate-style workload isolation requirements, CCE Turbo clusters support Kata Containers, which run containers inside lightweight virtual machines providing security boundaries comparable to Fargate's pod-level isolation.

The absence of a Spot instance market in Huawei Cloud represents a meaningful gap for cost-optimization strategies. Organizations can partially address this through CCI, Huawei's serverless container service, which provides pay-per-use billing and rapid scaling for variable workloads. However, CCI operates as a separate service rather than an integrated pod scheduling option within CCE clusters, requiring architectural adjustments for applications that dynamically mix Spot and On-Demand capacity within a single cluster.

GPU workload portability requires attention to hardware differences. While both platforms support NVIDIA GPUs, Huawei Cloud additionally provides Ascend NPU accelerators for AI workloads. Applications using AWS Inferentia chips will require migration to GPU or Ascend-based instances on Huawei Cloud.

The networking translation between platforms involves understanding when to use each of CCE's three network models. Organizations using AWS VPC CNI with custom networking or security groups for pods should adopt CCE Turbo with Cloud Native Network 2.0, as this provides the closest functional equivalent with pod-level security group attachment and direct VPC IP allocation. The Container Tunnel Network serves applications that prioritize broad compatibility and NetworkPolicy support over raw performance, while the VPC Network suits medium-scale clusters requiring better performance than tunneling allows but not requiring the full capabilities of Cloud Native 2.0.

Load balancer migration requires reconceptualizing how services expose themselves. AWS ALBs provide sophisticated Layer 7 routing capabilities that Huawei's shared ELB handles through NodePort intermediation, while the dedicated ELB in Cloud Native 2.0 provides direct pod attachment more comparable to AWS NLB with IP targets. Applications using ALB path-based routing will need to implement equivalent logic through Ingress controllers or service mesh routing rules.

The end-of-life for AWS App Mesh creates an opportunity when migrating to Huawei Cloud, as ASM provides a more feature-complete Istio implementation than App Mesh offered. Organizations using App Mesh should plan direct migration to ASM rather than attempting to maintain App Mesh compatibility. For EKS users running self-managed Istio, ASM eliminates operational overhead while maintaining API compatibility for traffic management resources.

The identity models map reasonably well between platforms, with Huawei IAM 2.0 providing equivalent capabilities to AWS IAM for Kubernetes RBAC integration, including support for federated identity through SAML and OIDC providers. The concept of IAM Roles for Service Accounts translates to Huawei's approach of binding IAM permissions to Kubernetes service accounts.

Storage translation follows straightforward equivalences where EBS maps to EVS for block storage, EFS to SFS for shared file systems, and S3 to OBS for object storage. Both platforms provide CSI drivers enabling dynamic provisioning, with Huawei additionally offering snapshot and backup integration through its storage services.

Several AWS-specific capabilities lack direct equivalents in Huawei Cloud. EKS Capabilities, which provide managed Argo CD, AWS Controllers for Kubernetes, and kro resource orchestration, require manual deployment via Helm charts on CCE. AWS Nitro Enclaves for confidential computing have no Huawei Cloud equivalent, requiring workload restructuring if applications depend on isolated compute environments. The distinction between AWS's Graviton processors and Huawei's Kunpeng Arm processors means binary compatibility cannot be assumed when migrating Arm-based workloads, requiring recompilation or container image rebuilding.

Amazon EKS Standard and CCE Standard provide comparable managed Kubernetes foundations with user-managed nodes, though CCE extends this with Bare Metal support and heterogeneous processor architectures. EKS Auto Mode and CCE Autopilot both offer fully-managed node experiences with automatic scaling and lifecycle management. AWS Fargate stands alone as a unique serverless pod-per-VM offering without direct equivalent in Huawei Cloud, with CCI serving related but architecturally distinct use cases. ASM provides more comprehensive service mesh capabilities than AWS's discontinued App Mesh or self-managed Istio on EKS, while networking features align closely when comparing AWS VPC CNI to CCE's Cloud Native Network 2.0.