AWS Architecture Blog·April 27, 2026Optimizing EKS Environments with vCluster for Faster QA and Cost Savings
This article details how Deloitte significantly improved their Amazon EKS environment provisioning for QA testing by adopting vCluster. By consolidating multiple dedicated EKS clusters into virtual clusters running on a shared host EKS cluster, they reduced provisioning times from 45 minutes to under 5 minutes and achieved substantial cost and operational efficiencies. The solution highlights architectural patterns for multi-tenancy and resource sharing in Kubernetes.
Read original on AWS Architecture BlogChallenges of Traditional EKS Environment Provisioning
Before implementing vCluster, Deloitte faced significant challenges in provisioning dedicated Amazon EKS clusters for each QA testing environment. This approach led to slow provisioning times (30-45 minutes), high AWS infrastructure costs due to duplicated resources like load balancers and DNS, and substantial overhead for the platform team. Complex access management and resource duplication across clusters further exacerbated these issues, creating bottlenecks and hindering independent team operations.
Solution: Amazon EKS with vCluster Architecture
Deloitte's solution combined an Amazon EKS host cluster with vCluster to create lightweight, isolated virtual Kubernetes environments. The Amazon EKS host cluster provides the foundational compute and networking. vCluster then creates virtual clusters on top, which behave like independent Kubernetes instances without the overhead of full EKS control planes. This multi-tenant architecture allows QA teams to have dedicated testing spaces while sharing underlying infrastructure.
- Host Cluster: A single Amazon EKS cluster with Auto Mode enabled serves as the foundation, managing shared resources.
- Virtual Clusters (vCluster): Multiple isolated Kubernetes clusters run within the host, providing dedicated testing environments.
- Shared Controllers: Essential services like the Load Balancer Controller and Storage Controller run once on the host cluster and serve all virtual clusters, reducing duplication.
- Application Load Balancer (ALB): A single ALB fronts the host cluster, directing traffic to applications across different virtual clusters via path-based routing.
- AWS Certificate Manager (ACM): Manages SSL certificates for secure HTTPS communication terminated at the ALB.
Key Architectural Benefit
The core architectural benefit is achieving strong isolation for development/testing workloads while significantly reducing operational overhead and infrastructure costs through resource sharing and consolidation. This pattern is particularly useful in multi-tenant environments or for organizations requiring many ephemeral environments.
Achieved Outcomes and Efficiency Gains
The implementation yielded substantial improvements: environment provisioning time dropped by 89% (from 45 to under 5 minutes), freeing up approximately 500 QA hours annually. Infrastructure efficiency improved with savings of over 50 vCPUs and 200 GB of memory at peak usage. Cost optimization included up to 70% savings using Amazon EC2 Spot Instances with EKS Auto Mode. Consolidating to fewer EKS control planes and a single shared ALB further streamlined operations and reduced management complexity for Deloitte, allowing them to run over 50 virtual clusters on one host.