AWS Compute Blog

Tag: Containers

Securing credentials using AWS Secrets Manager with AWS Fargate

This post is contributed by Massimo Re Ferre – Principal Developer Advocate, AWS Container Services. Cloud security at AWS is the highest priority and the work that the Containers team is doing is a testament to that. A month ago, the team introduced an integration between AWS Secrets Manager and AWS Systems Manager Parameter Store with AWS Fargate […]

Read More

Improving and securing your game-binaries distribution at scale

This post is contributed by Yahav Biran | Sr. Solutions Architect, AWS and Scott Selinger | Associate Solutions Architect, AWS  One of the challenges that game publishers face when employing CI/CD processes is the distribution of updated game binaries in a scalable, secure, and cost-effective way. Continuous integration and continuous deployment (CI/CD) processes enable game publishers […]

Read More

Enabling DNS resolution for Amazon EKS cluster endpoints

Update – December 2019 Amazon EKS now supports automatic DNS resolution for private cluster endpoints. This feature works automatically for all EKS clusters. You can still implement the solution described below, but this is not required for the majority of use cases. Learn more in the What’s New post or Amazon EKS documentation. This post […]

Read More

Anatomy of CVE-2019-5736: A runc container escape!

This post is courtesy of Samuel Karp, Senior Software Development Engineer — Amazon Container Services. On Monday, February 11, CVE-2019-5736 was disclosed.  This vulnerability is a flaw in runc, which can be exploited to escape Linux containers launched with Docker, containerd, CRI-O, or any other user of runc.  But how does it work?  Dive in! […]

Read More

Scheduling GPUs for deep learning tasks on Amazon ECS

This post is contributed by Brent Langston – Sr. Developer Advocate, Amazon Container Services Last week, AWS announced enhanced Amazon Elastic Container Service (Amazon ECS) support for GPU-enabled EC2 instances. This means that now GPUs are first class resources that can be requested in your task definition, and scheduled on your cluster by ECS. Previously, […]

Read More

Amazon ECS Task Placement

Topics Intro Attributes, task groups, and expressions Task placement constraints Task placement strategies Use cases Intro Amazon Elastic Container Service (ECS) is a highly scalable, high-performance container orchestration service that allows you to easily run and scale containerized applications on AWS. This post covers how Amazon Elastic Container Service (Amazon ECS) runs containers in a […]

Read More

Tagging container image repositories on Amazon ECR

Starting today, you can add tags to your Amazon Elastic Container Registry (Amazon ECR) resources. This new feature enables better grouping of ECR repositories, better searching and filtering in the console, and better cost allocation. In this post, I show you how to create a tagging strategy. You might have many ECR repositories and want […]

Read More

Introducing AWS App Mesh – service mesh for microservices on AWS

AWS App Mesh is a service mesh that allows you to easily monitor and control communications across microservices applications on AWS. You can use App Mesh with microservices running on Amazon Elastic Container Service (Amazon ECS), Amazon Elastic Container Service for Kubernetes (Amazon EKS), and Kubernetes running on Amazon EC2. Today, App Mesh is available […]

Read More

Migrating your Amazon ECS deployment to the new ARN and resource ID format

Update – August 21, 2020 – Added a section with the latest timeline. Starting today you can opt in to a new Amazon Resource Name (ARN) and resource ID format for Amazon ECS tasks, container instances, and services. The new format enables the enhanced ability to tag resources in your cluster, as well as tracking […]

Read More

Scanning Docker Images for Vulnerabilities using Clair, Amazon ECS, ECR, and AWS CodePipeline

Post by Vikrama Adethyaa, Solution Architect and Tiffany Jernigan, Developer Advocate   Containers are an increasingly important way for you to package and deploy your applications. They are lightweight and provide a consistent, portable software environment for applications to easily run and scale anywhere. A container is launched from a container image, an executable package that […]

Read More