Category: Compute

We spend a lot of time thinking about availability at AWS. It is critically important that our service remains available even during inevitable partial failures in order to allow our customers to gain insight and take remedial action. To achieve this, we rely on the availability afforded us by Regional independence and Availability Zones isolation. […]

In January 2019, AWS announced support for AWS PrivateLink on Amazon ECR. AWS PrivateLink is a networking technology designed to keep all network traffic within the AWS network. When you enable AWS PrivateLink for Amazon ECR, VPC endpoints appear as elastic network interfaces with a private IP address inside your VPC. For more details on […]

By Richard Nguyen and Michael Hausenblas Container security comprises a range of activities and tools, involving developers, security operations engineers, and infrastructure admins. One crucial part in the cloud native supply chain is to scan container images for vulnerabilities and being able to get actionable insights from it. We learned in Issue 17 of the […]

AWS PrivateLink is a networking technology designed to enable access to AWS services in a highly available and scalable manner. It keeps all the network traffic within the AWS network. When you create AWS PrivateLink endpoints for Amazon Elastic Container Registry (ECR) and Amazon Elastic Container Service (ECS), these service endpoints appear as elastic network […]

AWS App Mesh works on the sidecar pattern where you must add containers to extend the behavior of existing containers. Kubernetes offers mutating admission controllers that allow operations teams to automate sidecar injection. In this post, I discuss the basics of the sidecar pattern and Kubernetes admission controllers and demonstrate how the App Mesh Sidecar […]

On August 19, 2019, we launched a new Amazon Elastic Container Service (Amazon ECS) feature that allows containers to configure available swap space on Linux. We want to take this opportunity to step back and talk more holistically how ECS resource management works (including the behavior this new feature has introduced). Specifically, we want to clarify how CPU and memory […]

Infrastructure as code tools like AWS CloudFormation and HashiCorp Terraform enable teams to describe and automate provisioning of cloud infrastructure resources, including container-related resources like Amazon ECS services and Amazon EKS clusters. In this post, I cover why I believe infrastructure as code is especially important for containerized applications, how we use infrastructure as code with […]

Welcome to the AWS Containers Blog! We’re excited to start this channel to give builders a closer look under the hood of all things container-related at AWS. In the past, we’ve published on other popular blog channels at AWS such as the compute blog, the architecture blog, and open source blog. Now with the containers […]