Containers

Category: Expert (400)

Migrate existing Amazon ECS services from service discovery to Amazon ECS Service Connect

At re:Invent in November 2022 we announced a new Amazon Elastic Container Service (Amazon ECS) solution for service-to-service communication called Amazon ECS Service Connect. Amazon ECS Service Connect enables easy communication between microservices and across Amazon Virtual Private Clouds (Amazon VPCs) by leveraging AWS Cloud Map namespaces and logical service names. This allows you to […]

EKS Persistent Volumes for Instance Store

The Kubernetes project is made up of a number of special interest groups (SIGs) that focus on a particular part of the Kubernetes ecosystem. The Storage SIG is focused on different types of storage (block and file) and ensuring that storage is available to containers when they are scheduled. One of the subprojects of the Storage […]

Continuous Delivery of Amazon EKS Clusters Using AWS CDK and CDK Pipelines

Customers are looking for ways to automate the deployment of their Amazon EKS clusters across different versions, environments, accounts, and Regions. The deployment of these clusters involves tasks like creating your clusters with desired networking and logging configuration, selecting Amazon EKS add-ons versions, and, once it is ready, deploying other infrastructure components. This post shows […]

Amazon ECS on AWS Outposts

AWS Outposts is a fully managed service that offers the same AWS infrastructure, AWS services, APIs, and tools to virtually any data center, co-location space, or on-premises facility, in the form of a physical rack connected to the AWS global network. AWS compute, storage, database, and other services run locally on Outposts, and you can […]

GitOps model for provisioning and bootstrapping Amazon EKS clusters using Crossplane and Flux

In an earlier blog (Part 1 of the series), I discussed the adoption of the GitOps model as an efficient strategy for provisioning cloud provider-specific managed resources, such as, for example, Amazon S3 bucket and Amazon RDS instance, that application workloads depend on. The blog presented the details of implementing a use case where an Amazon […]

Introducing OIDC identity provider authentication for Amazon EKS

Today, we introduced user authentication for Amazon EKS clusters from an OpenID Connect (OIDC) Identity Provider (IDP). This feature allows customers to integrate an OIDC identity provider with a new or existing Amazon EKS cluster running Kubernetes version 1.16 or later. The OIDC IDP can be used as an alternative to, or along with AWS […]

Service connectivity inside and outside the mesh using AWS App Mesh (ECS/Fargate)

AWS Customer: We want to pursue service mesh and establish a separate application-networking layer for efficiently handling our microservices applications. However, we want to meshify only a subset of our microservices and gradually add other services to the mesh as we get comfortable with the configurations. What are the recommended approaches to handle service to […]

Enable traffic encryption between services in AWS App Mesh using AWS Certificate Manager or customer-provided certificates

Today, we announce the general availability of an AWS App Mesh feature that enables traffic encryption between services using AWS Certificate Manager (ACM) or customer-provided certificates. We sought feedback from our customers last year through the AWS App Mesh roadmap issues #38 and #39 and the features were made available on the AWS App Mesh […]

AWS CodeDeploy now supports linear and canary deployments for Amazon ECS

AWS CodeDeploy has extended blue/green deployment support for Elastic Container Service (Amazon ECS) to include canary and linear deployments for applications hosted on AWS Fargate or Amazon Compute Cloud (Amazon EC2). Blue/green deployments are a safe deployment strategy provided by AWS CodeDeploy for minimizing interruptions caused by changing application versions. This is accomplished by creating […]

Scanning images with Trivy in an AWS CodePipeline

This post was contributed by AWS Container Hero, Liz Rice, VP Open Source Engineering at Aqua Security. If you’re working with containers, it’s important to scan your images for known vulnerabilities, so that you don’t deploy code that an attacker can easily exploit. A good way of ensuring that all your deployed images get this […]