Amazon Elastic Container Service (ECS) allows you to run Docker-based containers on the cloud. Amazon ECS has two launch types for operation: EC2 and Fargate. The EC2 launch type provides EC2 instances as hosts for your Docker containers. For the Fargate launch type, AWS manages the underlying hosts so you can focus on managing your containers instead. The details and configuration on how you want to run your containers are defined on the ECS Task Definition which includes options on networking mode. In this post, we’ll talk about the different networking modes supported by Amazon ECS and determine which mode [...]
About Kenneth SamonteKenneth is an AWS Architect & Linux System Administrator. He's a Red Hat Certified System Administrator, AWS Certified Solutions Architect Professional, and a VMware Certified Professional. He's also a registered Electronics Engineer and Cisco Certified Network Associate (CCNA). He enjoys exploring cloud platforms and administering Linux systems. When he's not busy, you’ll find him online playing League of Legends.
Auto Scaling Lifecycle Hooks In the previous post, we talked about Auto Scaling Lifecycle Hooks and how to configure it on your Auto Scaling group. You can view the article here. It’s better to read it first before proceeding with this section. In a nutshell, Auto Scaling Lifecycle Hooks allow you to put an instance in the “wait” state while the Auto Scaling group responds to a scale-out or scale-in event. While the instance is in the “wait” state, you perform actions such as installing the application before allowing traffic to the instance or sending out the application logs to [...]
Managing the security of your applications is an integral part of any organization especially for infrastructures deployed in the cloud. One aspect of application security is how the parameters such as environment variables, database passwords, API keys, product keys, etc. are stored and retrieved. As a best practice, secret information should not be stored in plain text and not be embedded inside your source code. It is also recommended to set up an automated system to rotate passwords or keys regularly (which is easy to forget when you manage keys manually). Managing and securing these types of data can be [...]
Amazon’s EC2 Auto Scaling provides an effective way to ensure that your infrastructure is able to dynamically respond to changing user demands. For example, to accommodate a sudden traffic increase on your web application, you can set your Auto Scaling group to automatically add more instances. And when traffic is low, have it automatically reduce the number of instances. This is a cost-effective solution since it only provisions EC2 instances when you need them. EC2 Auto Scaling provides you with several dynamic scaling policies to control the scale-in and scale-out events. In this article, we’ll discuss the differences between a [...]
Amazon EC2 Auto Scaling allows you to scale-out or scale-in your EC2 instances automatically based on policies you configured in response to changing demand on your application. Auto Scaling Groups lets you set a minimum and maximum number of EC2 instances to automatically resize your cluster based on a defined schedule or instance metrics such as CPU utilization, network traffic, etc. This is an excellent way to cut costs and make sure you have the correct number of instances since traffic on your application fluctuates throughout the day. Auto Scaling Lifecycle Hooks As your Auto Scaling group scale-out or scale-in [...]
Route 53 Private Hosted Zones Amazon Route 53 DNS service supports Public Hosted Zones and Private Hosted Zones. Private Hosted Zones are useful when you want to use your private domain and have Route 53 respond to queries on that domain from resources within your VPC. For example, if you host a database on an EC2 instance on a private subnet, you can create a Route 53 record set (ex: privatedb.tutorialsdojo.com) for that database instance on your Private Hosted Zone to allow other EC2 instances to resolve the domain name. But what if you have a VPN connection (or AWS [...]