AWS Compute Blog

Category: Amazon Elastic Container Service

Sharing automated blueprints for Amazon ECS continuous delivery using AWS Service Catalog

This post is contributed by Mahmoud ElZayet | Specialist SA – Dev Tech, AWS   Modern application development processes enable organizations to improve speed and quality continually. In this innovative culture, small, autonomous teams own the entire application life cycle. While such nimble, autonomous teams speed product delivery, they can also impose costs on compliance, […]

Optimizing Amazon ECS task density using awsvpc network mode

This post is contributed by Tony Pujals | Senior Developer Advocate, AWS   AWS recently increased the number of elastic network interfaces available when you run tasks on Amazon ECS. Use the account setting called awsvpcTrunking. If you use the Amazon EC2 launch type and task networking (awsvpc network mode), you can now run more […]

Using AWS App Mesh with Fargate

This post is contributed by Tony Pujals | Senior Developer Advocate, AWS   AWS App Mesh is a service mesh, which provides a framework to control and monitor services spanning multiple AWS compute environments. My previous post provided a walkthrough to get you started. In it, I showed deploying a simple microservice application to Amazon ECS […]

Learning AWS App Mesh

UPDATE – Oct 26 2020 – We have updated the instructions and recommended configurations for AWS App Mesh, which can be found in this GitHub repository: https://github.com/aws/aws-app-mesh-examples/tree/master/examples/apps/djapp. Please consider the below steps deprecated, but we are leaving the post live for its deeper explanation of some of the steps involved. This post is contributed by […]

Securing credentials using AWS Secrets Manager with AWS Fargate

This post is contributed by Massimo Re Ferre – Principal Developer Advocate, AWS Container Services. Cloud security at AWS is the highest priority and the work that the Containers team is doing is a testament to that. A month ago, the team introduced an integration between AWS Secrets Manager and AWS Systems Manager Parameter Store with AWS Fargate […]

Enabling DNS resolution for Amazon EKS cluster endpoints

Update – December 2019 Amazon EKS now supports automatic DNS resolution for private cluster endpoints. This feature works automatically for all EKS clusters. You can still implement the solution described below, but this is not required for the majority of use cases. Learn more in the What’s New post or Amazon EKS documentation. This post […]

Anatomy of CVE-2019-5736: A runc container escape!

This post is courtesy of Samuel Karp, Senior Software Development Engineer — Amazon Container Services. On Monday, February 11, CVE-2019-5736 was disclosed.  This vulnerability is a flaw in runc, which can be exploited to escape Linux containers launched with Docker, containerd, CRI-O, or any other user of runc.  But how does it work?  Dive in! […]

A Guide to Locally Testing Containers with Amazon ECS Local Endpoints and Docker Compose

This post is contributed by Wesley Pettit, Software Engineer at AWS. As more companies adopt containers, developers need easy, powerful ways to test their containerized applications locally, before they deploy to AWS. Today, the containers team is releasing the first tool dedicated to this: Amazon ECS Local Container Endpoints. This is part of an ongoing open […]

Automatically update instances in an Amazon ECS cluster using the AMI ID parameter

UPDATE – Mar 15, 2021 – We’ve updated this post to reflect the guidance that customers should be updating their Amazon ECS clusters with Amazon Linux 2 AMIs. Customers should fully confirm application functionality before moving to Amazon Linux 2. This post is contributed by Adam McLean – Solutions Developer at AWS and Chirill Cucereavii […]

Scheduling GPUs for deep learning tasks on Amazon ECS

This post is contributed by Brent Langston – Sr. Developer Advocate, Amazon Container Services Last week, AWS announced enhanced Amazon Elastic Container Service (Amazon ECS) support for GPU-enabled EC2 instances. This means that now GPUs are first class resources that can be requested in your task definition, and scheduled on your cluster by ECS. Previously, […]