Containers

Category: Best Practices

Rolling EC2 AMI updates with capacity providers in Amazon ECS

When deploying containers to Amazon Elastic Container Service (Amazon ECS), customers have choices as to what level of management they want or need to have over the cluster compute. First there is AWS Fargate, which is a serverless compute engine that removes the need for customers to provision and manage servers. This approach simplifies the […]

Read More

Building a fault tolerant architecture with a Bulkhead Pattern on AWS App Mesh

When packaging and deploying APIs into containers services, it is common for each service to serve more than one responsibility or many downstream dependencies. In such scenarios, the failure during the execution of one responsibility can often spread to the entire application and causing a systemic failure. Let’s look at an example: imagine an e-commerce […]

Read More

Improving daemon services in Amazon ECS

When using Amazon EC2 for compute capacity in Amazon Elastic Container Service (Amazon ECS) clusters, a common pattern customers follow is to schedule a single instance of a task across all or select nodes in the cluster. This includes running tasks that handle log and/or metrics collection such as Fluentd or the DataDog agent, node […]

Read More

Managing compute for Amazon ECS clusters with capacity providers.

Customers running containers are often challenged with having to manage and understand how to run and scale the compute for their clusters. For customers taking advantage of Amazon Elastic Container Service (Amazon ECS) on AWS Fargate, the burden is lifted as the underlying compute layer is fully managed by AWS, enabling the customer to focus […]

Read More

Latest updates to AWS Fargate for Amazon ECS

Recently, we announced features to improve the configuration and metric gathering experience of your tasks deployed via AWS Fargate for Amazon ECS. Based off of customer feedback, we added the following features: Environment file support Deeper integration with AWS Secrets Manager using secret versions and JSON keys More granular network metrics, as well as additional […]

Read More

Using Gatekeeper as a drop-in Pod Security Policy replacement in Amazon EKS

Jason Umiker If you are managing a Kubernetes cluster or you are a security professional responsible for one then you likely have heard that you should be implementing Kubernetes Pod Security Policies (PSPs) on the cluster in order to improve your security posture. Using PSPs can help to block pods from being disruptive to their […]

Read More

De-mystifying cluster networking for Amazon EKS worker nodes

Running Kubernetes on AWS requires an understanding of both AWS networking configuration and Kubernetes networking requirements. When you use the default Amazon Elastic Kubernetes Service (Amazon EKS) AWS CloudFormation templates to deploy your Amazon Virtual Private Cloud (Amazon VPC) and Amazon EC2 worker nodes, everything typically just works. But small issues in your configuration can result […]

Read More