11 messages
Discussion related to Amazon Web Services (AWS)
Archive: https://archive.sweetops.com/aws/
Emmanuel Oover 1 year ago
Hello, I'm currently facing an issue with aws load balancer.
I have an ecs fargate cluster with about five tasks. However, I noticed that these instances dont scale pass 10 users during a load test. Upon further debugging, I had to ssh into each of these instances and did a htop to see the cpu and memory utilization of these five tasks. I noticed that one of these tasks had 100% cpu utilization and the rest had no cpu utilization. This makes the cpu utilization get very high and makes the ecs tasks unhealthy and unable to receive more traffic.
This image shows the ecs cpu utilization for one instance. How can i ensure this traffic is evenly distributing the traffic to all tasks in the ecs service.
Upon checking my load balancer access logs, I also noticed that a lot of requests came from one ip address.
I tried modifying the load balancer traffic distribution style to round robin but it still doesnt distribute traffic evenly across all my tasks. What can I do to ensure scalability of my application?
Has anyone faced this ?
I have an ecs fargate cluster with about five tasks. However, I noticed that these instances dont scale pass 10 users during a load test. Upon further debugging, I had to ssh into each of these instances and did a htop to see the cpu and memory utilization of these five tasks. I noticed that one of these tasks had 100% cpu utilization and the rest had no cpu utilization. This makes the cpu utilization get very high and makes the ecs tasks unhealthy and unable to receive more traffic.
This image shows the ecs cpu utilization for one instance. How can i ensure this traffic is evenly distributing the traffic to all tasks in the ecs service.
Upon checking my load balancer access logs, I also noticed that a lot of requests came from one ip address.
I tried modifying the load balancer traffic distribution style to round robin but it still doesnt distribute traffic evenly across all my tasks. What can I do to ensure scalability of my application?
Has anyone faced this ?
Veerapandian Mover 1 year ago
Hi, Team. I am looking for help with Azure DevOps repository + AWS Amplify deployment.
jaysunover 1 year ago
https://github.com/aws/containers-roadmap/issues/474
hey there, how are you all working around aws' silly limitation on EKS access entries not supporting wildcards? it's a nightmare for permission set arns, since they have that random string at the end of the permission set role
hey there, how are you all working around aws' silly limitation on EKS access entries not supporting wildcards? it's a nightmare for permission set arns, since they have that random string at the end of the permission set role
Markover 1 year ago
Hey everyone,
Recently we did a change on our ECS infrastructure. We've transitioned to using AWS service discovery and have configured our containers to use HTTPS on their hostnames. After resolving various issues with
Previously, we used an ALB for each service in the ECS cluster. With the move to HTTPS and service discovery, we need to set HTTPS as the port for service health checks. The challenge we're facing is that target groups don’t allow us to define a hostname for service discovery.
You might wonder why we switched to HTTPS. The decision was driven by difficulties we encountered with service discovery, which we found were best addressed by using HTTPS.
I’ve attached the task definition file for one of the services and the
Just a note: I'm fairly new to DevOps—only been in this field for two months—and I'm really enjoying the learning process!
Recently we did a change on our ECS infrastructure. We've transitioned to using AWS service discovery and have configured our containers to use HTTPS on their hostnames. After resolving various issues with
appsettings and Dockerfiles, the HTTPS port is now open.Previously, we used an ALB for each service in the ECS cluster. With the move to HTTPS and service discovery, we need to set HTTPS as the port for service health checks. The challenge we're facing is that target groups don’t allow us to define a hostname for service discovery.
You might wonder why we switched to HTTPS. The decision was driven by difficulties we encountered with service discovery, which we found were best addressed by using HTTPS.
I’ve attached the task definition file for one of the services and the
appsettings file. These should help illustrate the issue with the target group's inability to accept a hostname.Just a note: I'm fairly new to DevOps—only been in this field for two months—and I'm really enjoying the learning process!
Veerapandian Mover 1 year ago
I am a team looking for help with the yml pipeline for Azure DevOps to Azure static Apps service in the nextjs application.
Dexter Cariñoover 1 year ago
Hello, how to deploy docker compose on aws fargate? I searched some but its outdated/retired.
jaysunover 1 year ago
https://github.com/aws/containers-roadmap/issues/2411
Can we get some traction on this 👍️
Support for custom eks access entry policies
Can we get some traction on this 👍️
Support for custom eks access entry policies
RBover 1 year ago
I came across this OWASP project recently that implements an open source version of AWS PrivateCA without the costs of PrivateCA
https://serverlessca.com/
https://serverlessca.com/
Sean Turnerover 1 year ago
Going deep on renovate lately in a move from cluster-branch ArgoCD Applications to ApplicationSets...
AWS Just released m8g instances. How do you all go about upgrading your Karpenter Manifests to pull in the newest instance type? Do you decaratively express family + version (e.g. m8g? Or perhaps just family (e.g. mg)?
AWS Just released m8g instances. How do you all go about upgrading your Karpenter Manifests to pull in the newest instance type? Do you decaratively express family + version (e.g. m8g? Or perhaps just family (e.g. mg)?
Adarshover 1 year ago
Has anyone worked with SRV record type , I have a private hosted zone , and had a dns records of Type A for my services deployed in ecs for inter-communication , I had to change one of the service record type from A to SRV to expose one of the route to public via api gateway , When i created SRV record it automatically created a type A record too , so
SRV type record :- svc1.accept.com and A type record :- 678521378612382091734.svc1.accept.com , and on running dig command on svc1.accept.com it is pointing to 678521378612382091734.svc1.accept.com , although the service was exposed using the api gateway , but the other services in the cluster are failing to connect my service , I tried to replace the urls in the other services env files to :-
678521378612382091734.svc1.accept.com -> connection refused
svc1.accept.com -> cannot resolve
678521378612382091734.svc1.accept.com:8080 -> connection refused
I cannot change it back to A record because api gateway needs SRV type only
SRV type record :- svc1.accept.com and A type record :- 678521378612382091734.svc1.accept.com , and on running dig command on svc1.accept.com it is pointing to 678521378612382091734.svc1.accept.com , although the service was exposed using the api gateway , but the other services in the cluster are failing to connect my service , I tried to replace the urls in the other services env files to :-
678521378612382091734.svc1.accept.com -> connection refused
svc1.accept.com -> cannot resolve
678521378612382091734.svc1.accept.com:8080 -> connection refused
I cannot change it back to A record because api gateway needs SRV type only
Shirisha Sudhakar Raoover 1 year ago
Is it possible to use Cloudposse's VPC module to also create the database and intra subnets (similar to the terraform-aws-modules/vpc/aws component)?