Containers

Category: Networking & Content Delivery

Introducing AWS App Mesh Metrics Extension

Today, we are excited to announce that the AWS App Mesh metrics extension is now generally available. With App Mesh metrics extension, customers can collect, aggregate, and filter App Mesh specific metrics that are meaningful and aid in debugging while benefiting from reduced usage costs. App Mesh metrics extension is available to all customers running […]

Enabling mTLS in AWS App Mesh using SPIFFE/SPIRE in a multi-account Amazon EKS environment

Over the past few years, companies and organizations have been adopting microservice-based architectures to drive their businesses forward with a rapid pace of innovation. Moving to microservices brings several benefits in terms of modularity and deployment speed, but it also adds additional complexity that requires establishing higher security postures. For distributed applications spanning multiple, potentially […]

ROSA VPC architecture

Red Hat OpenShift Service on AWS: private clusters with AWS PrivateLink

Red Hat OpenShift Service on AWS (ROSA) clusters can be deployed in a few ways, public, private, and private with PrivateLink. Public and private clusters both have the OpenShift cluster accessible to the internet and define whether the application workloads running on OpenShift are private or not. However, there are customers with a requirement for […]

Create a pipeline with canary deployments for Amazon ECS using AWS App Mesh

In this post, we demonstrate how customers can implement a canary deployment strategy for applications running on Amazon Elastic Container Service (Amazon ECS) in conjunction with AWS App Mesh. If you are looking to do canary deployments with AWS CodeDeploy using ALB’s weighted target groups, please refer to this post. By making use of container […]

AWS App Mesh ingress and route enhancements

Before today, the AWS App Mesh gateway only allowed for matches on the path of an incoming request with no configurable rewrites of the hostname and/or path. In the AWS App Mesh roadmap issues 73 and 247, you asked us about allowing host and path rewrites for incoming traffic to resources within your mesh. App […]

Monitoring your service mesh container environment using Amazon Managed Service for Prometheus

Observability is critical for any application and to understand system behavior and performance. It takes a lot of time and effort to detect and remediate performance slowdowns or disruptions. It’s even more challenging in a multi-tenant environment where numerous microservices are running and the processing of a request spans a handful of services. Service meshes […]

Traffic Encryption in AWS App Mesh across accounts using certificates from AWS Certificate Manager Private CA and AWS Resource Manager

Introduction AWS App Mesh is a service mesh that provides application-level networking to standardize how your services communicate, giving you end-to-end visibility and enabling controls to tune for high-availability of your applications. Customers building mesh architectures and enforcing the use of TLS to validate the certificate from the upstream service, is an important aspect of […]

mTLS in App Mesh

Using mTLS with SPIFFE/SPIRE in AWS App Mesh on Amazon EKS

By Efe Selcuk and Apurup Chevuru and Michael Hausenblas You know that here at AWS we consider security as “job zero”, and in the context of the shared responsibility model we provide you with controls to take care of your part. One popular use case of service meshes is to strengthen the security posture of […]

Authenticating with Docker Hub for AWS Container Services

Docker Hub has recently updated its terms of service to introduce rate limits for container image pulls. While these limits don’t apply to accounts under a Pro or Team plan, anonymous users are limited to 100 pulls per 6 hours per IP address, and authenticated free accounts are limited to 200 pulls per 6 hours. […]

Sending Envoy metrics from AWS App Mesh to Amazon CloudWatch

With AWS customers adopting AWS App Mesh with Amazon ECS and Amazon EKS, we have seen them with the following request on multiple occasions. This post will demonstrate the mechanism of getting metrics from Envoy to CloudWatch. “We have adopted AWS App Mesh as a service mesh solution for application-level networking for our micro services […]