Posted On: Dec 20, 2022

Today, Amazon Elastic Container Service (Amazon ECS) announced a new feature that enables customers to add automated safeguards for Amazon ECS service rolling updates. You can now monitor and automatically react to changes during an Amazon ECS rolling update by using Amazon CloudWatch alarms. This enables you to more easily automate discovery and remediation for failed deployments and minimize the impact of a bad change.

Amazon ECS customers use deployment circuit breaker to monitor task launch and health check failures which indicate that the deployment will not reach steady state. In some cases, even if containers start running successfully, the deployment can introduce regressions which get surfaced in the form of degradation in infrastructure (e.g. cpu utilization) or service metrics (e.g. response latency). To monitor and remediate such deployments, you can now create Amazon CloudWatch alarms which track the metrics most relevant to your application and configure Amazon ECS to monitor these for your deployment. If a metric breach occurs during the deployment, Amazon ECS is designed to stop the deployment and roll it back to the previous stable version. When you use CloudWatch alarms to monitor your deployment, Amazon ECS is designed to add a ‘bake time’ to the deployment. The bake time is a period of time after the new service version has reached steady state, during which Amazon ECS continues to monitor the alarm associated with the deployment.

You can configure Amazon CloudWatch alarms to monitor rolling updates for all new and existing Amazon ECS services that use the ‘ECS’ deployment controller. You can use this new feature with the Amazon ECS management console, SDK, CLI, CloudFormation, and CDK in all commercial AWS regions. You can get started with using this feature by following steps in this blog, or read our documentation here.