Amazon EKS now offers Container Network Observability, enabling teams to track inter-AZ and NAT gateway traffic at the pod level. This enhancement helps identify costly data flows, control traffic distribution, and implement cost-saving network architecture changes with greater precision.
- Track and reduce inter-AZ traffic with pod-level visibility
- Lower NAT gateway costs by using VPC endpoints strategically
- Automate network cost monitoring and reporting with AI agents
Infrastructure signal
Container Network Observability in Amazon EKS utilizes the Network Flow Monitor, an Amazon CloudWatch feature, combined with an eBPF-based agent to provide near-real-time insights into inter-node and cross-AZ network flows at the pod level. This granular visibility allows teams to pinpoint which workloads are driving costly data transfers within their clusters, particularly inter-AZ traffic and NAT gateway usage.
With AWS charging $0.01 per GB per direction for inter-AZ traffic, and additional NAT gateway processing fees, understanding and controlling these flows is critical to cost optimization. The observability tool exposes traffic patterns and quantities directly, enabling identification of high-usage service pairs and informing architectural choices such as pod distribution and network routing policies.
Developer impact
Developers and DevOps teams gain actionable insights into traffic behavior between microservices running in EKS clusters, helping reduce surprise cloud costs caused by hidden inter-AZ communication. By filtering and sorting traffic data by Availability Zone and data transferred, teams can prioritize workload adjustments and validate improvements after deploying changes.
The introduction of Traffic Distribution Control in Kubernetes 1.30+, integral to this observability workflow, allows developers to control how traffic is routed across service endpoints. This capability promotes traffic locality within AZs, minimizing cross-zone communications without altering application logic. Additionally, adopting VPC endpoints reduces reliance on NAT gateways, cutting associated fees and improving network efficiency.
What teams should watch
Teams operating multi-AZ EKS clusters should monitor pod distribution and network flows to prevent unnecessary cross-AZ traffic. Paying attention to service communication patterns helps uncover costly workflows that can be optimized through traffic distribution policies or pod rescheduling within zones.
Operational teams must also evaluate NAT gateway utilization, which can often be mitigated by implementing VPC endpoints for direct AWS service connectivity, reducing expensive gateway egress charges. Leveraging AI-based automation for monitoring and reporting ensures continuous observability and early detection of new network cost drivers as the cluster evolves.
Finally, teams should stay current with Kubernetes versions and AWS EKS enhancements, as features like Traffic Distribution Control matured recently and directly impact these optimization efforts. Integrating these capabilities into deployment and observability pipelines will help maintain a cost-efficient and reliable cloud infrastructure.