Containers

This post is contributed by Mark Sweat, Senior Software Architect with Koch Industries. Developers looking to run their code with AWS in a serverless fashion have had to make a decision between two separate runtime models – each with a distinct packaging and deployment pattern. The two choices we have had are running functions as […]

In an earlier blog post, we showed you how to mount a secret from AWS Secrets Manager using mutating webhooks. If this secret changes when the pod is in running state, the pod can’t capture the change and continues to use the old secret value. One solution is to terminate the pod and then re-create it. […]

Since 2015, customers have been using Amazon API Gateway to provide scalable and secure entry points for their API services. As customers adopt Amazon Elastic Kubernetes Service (Amazon EKS) to orchestrate their services, they have asked us how they can use API Gateway to expose their microservices running in Kubernetes. This post shows you how […]

Introduction AWS App Mesh is a service mesh that provides application-level networking to standardize how your services communicate, giving you end-to-end visibility and enabling controls to tune for high-availability of your applications. Customers building mesh architectures and enforcing the use of TLS to validate the certificate from the upstream service, is an important aspect of […]

Apache Airflow is an open-source distributed workflow management platform for authoring, scheduling, and monitoring multi-stage workflows. It is designed to be extensible, and it’s compatible with several services like Amazon Elastic Kubernetes Service (Amazon EKS), Amazon Elastic Container Service (Amazon ECS), and Amazon EC2. Many AWS customers choose to run Airflow on containerized environments with […]

Note: Docker Compose’s integration with Amazon ECS has been deprecated and is retiring in November 2023   In November 2020, Docker Compose for Amazon ECS became generally available. It is now even easier for a developer to take a containerized microservices-based application from their workstation and deploy it straight to the AWS Cloud. Developers can now run […]

This post was contributed by Márk Sági-Kazár, Jeremy Cowan, and Jimmy Ray. Introduction In an earlier post, Paavan Mistry introduced us to the OIDC identity provider (IdP) authentication for Amazon Elastic Kubernetes Service (Amazon EKS), a feature that allows you to use an OIDC identity provider with new or existing clusters. Before launching this feature, […]

Building container images is the process of packaging an application’s code, libraries, and dependencies into reusable file systems. Developers create a Dockerfile alongside their code that contains all the commands to assemble a container image. This Dockerfile is then used to produce a container image using a container image builder tool, such as the one […]

Customers running containers are often challenged with having to manage and understand how to run and scale the compute for their clusters. For customers taking advantage of Amazon Elastic Container Service (Amazon ECS) on AWS Fargate, the burden is lifted as the underlying compute layer is fully managed by AWS, enabling the customer to focus […]

Choosing the Right Policy-As-Code Solution In Part 1 of this series, we introduced the concept of policy-as-code (PaC), and discussed the following solutions: OPA, OPA/Gatekeeper and MagTape. In this post (Part 2) we will review the Kyverno and k-rail PaC solutions. For Kubernetes, there are several PaC solutions available in the open-source software (OSS) community. […]