Puneeth Nanjundaswamy, profile picture
Uploaded byPuneeth Nanjundaswamy
PDF, PPTX1,114 views

Zero downtime ECS host updates with Terraform

The document outlines the management of ECS hosts using AWS Lambda, Step Functions, and Terraform at Comtravo, detailing the integration of six environments within a CI/CD pipeline. It discusses challenges such as updating EC2 hosts in an ECS cluster and solutions for handling ECS agent disconnections. The process involves Terraform emitting AWS CloudWatch events, managing launch configurations, and using step functions to enhance automation and alerting on failures.

Embed presentation

Download as PDF, PPTX
Managing ECS hosts with AWS lambda and step functions
Terraform at Comtravo
Terraform at Comtravo ➢ Six environments maintained by Terraform. ➢ Integrated into our CI/CD pipeline. ➢ Each environment has: ○ 500+ AWS components. ○ 43 Lambdas. ○ 25 microservices.
CI/CD at Comtravo: Mono-repo Pull request
CI/CD at Comtravo: Mono-repo Pull request
CI/CD at Comtravo: Mono-repo Merge to master
CI/CD at Comtravo: Mono-repo Merge to master
ECS at Comtravo
ECS: Many interesting challenges
One such challenge: Update EC2 hosts in a ECS cluster
Update EC2 hosts in a ECS cluster: Use cases ➢ You have a custom AMI for your ECS cluster(s). ➢ You want to always rollout the latest ECS-optimized AMIs. ➢ You want to rotate the admin keys. ➢ Change Instance type. ➢ Use an updated user_data script.
Update EC2 hosts in a ECS cluster: The process ➢ Terraform emits an AWS cloudwatch event once launch configuration was created. ➢ Detach “old instances“ from ASG and wait for capacity. ➢ “Move” services from old instances to new instances. ➢ Terminate old instances when no more tasks running. ➢ Alert on failures.
Terraform + AWS Events + AWS Step functions = Awesome I created a new launch configuration lc-1234 for ASG asg-1234 belonging to ECS cluster cluster-A
AWS CloudWatch Events time Task A started bar Task C started Task B stopped ECS Host bla baz custom event custom event custom event
Terraform Event Emitter resource "null_resource" "launch-config-update" { provisioner "local-exec" { command = "python ${path.module}/scripts/emit_launchconfig_event.py --launch_configuration_name ${aws_launch_configuration.ecs-lc.name} --autoscaling_group_name ${aws_autoscaling_group.ecs-asg.name} --ami ${var.aws_ami} --cluster ${var.cluster}" } triggers { launchConfigurationName = "${aws_launch_configuration.ecs-lc.name}" } }
Terraform Event { "version": "0", "id": "f24d8f1c-8c3f-9b62-cb3c-54430739fc55", "source": "comtravo.terraform.alpha", "account": "1234567890", "time": "2018-05-09T13:35:43Z", "region": "eu-west-1", "resources": [ "ct-backend-ecs-alpha-t2.large-generic20180509133303168200000003" ], "detail": { "ami": "ami-bfb5fec6", "status": "ACTIVE", "agentConnected": false, "autoscalingGroupName": "ct-backend-ecs-alpha-t2.large-generic20180503065507554700000005", "environment": "alpha", "clusterArn": "arn:aws:ecs:eu-west-1:1234567890:cluster/ct-backend-ecs-alpha" "launchConfigurationName": "ct-backend-ecs-alpha-t2.large-generic20180509133303168200000003" }, "detailType": "ECS Launch Configuration Change" }
AWS CloudWatch Event Rules resource "aws_cloudwatch_event_rule" "ecs-manager" { name = "capture-ecs-events-${terraform.workspace}" description = "Capture ECS related events" event_pattern = <<PATTERN { "source": [ "comtravo.terraform.${terraform.workspace}" ], "detail-type": [ "ECS Launch Configuration Change" ], "detail": { "clusterArn": [ "arn:aws:ecs:${var.region}:${var.ct_account_id}:cluster/ct-backend-ecs-${terraform.workspace}" ], "status": ["ACTIVE"] } } PATTERN }
AWS Step functions
DEMO
Questions
You all have been awesome!!!
Extras
ECS Challenge #1 ECS AGENT DISCONNECTS
#1 ECS agent disconnects - Initial solution ➢ Cron job on ECS hosts to notify via SNS event and restart ECS agent. ➢ Chances of ECS agent failing again due to some inherent problem within the instance are high.
#1 ECS agent disconnects - Initial solution
#1 ECS agent disconnects - Better solution ➢ Detect ECS agent disconnects. ➢ Bootup new ECS host and wait for it to be healthy. ➢ “Move” all the existing containers from the problematic instance to a new Instance. ➢ Terminate the problematic instance. ➢ Alert on failures.
#1 ECS agent disconnects - Better solution
#1 ECS agent disconnects: Detection How do we detect ECS agent disconnects? AWS Cloudwatch EVENTS to the rescue!!!
#1 ECS agent disconnects: ECS Events time Task A started bar Task C started Task B stopped foo baz ECS agent disconnected ECS agent connected ECS agent disconnected
#1 ECS agent disconnects: Filter ECS Events { "detail": { "agentConnected": [ false ], "clusterArn": [ "arn:aws:ecs:eu-west-1:1234567890:cluster/ct-backend-ecs-qa" ], "status": [ "ACTIVE" ] }, "detail-type": [ "ECS Container Instance State Change" ], "source": [ "aws.ecs" ] }
#1 ECS agent disconnects: Trigger step function
#1 ECS agent disconnects: ECS Events

More Related Content

PDF
Terraform 0.9 + good practices
byRadek Simko
 
PDF
Boulder Ruby Statsd
byMark Morris
 
PDF
Terraform: Cloud Configuration Management (WTC/IPC'16)
byMartin Schütte
 
PPTX
Terraform Modules and Continuous Deployment
byZane Williamson
 
PDF
Terraform in action
byDamien Pacaud
 
PPTX
Effective terraform
byCalvin French-Owen
 
PDF
Building infrastructure with Terraform (Google)
byRadek Simko
 
PDF
Terraform: Configuration Management for Cloud Services
byMartin Schütte
 
Terraform 0.9 + good practices
byRadek Simko
 
Boulder Ruby Statsd
byMark Morris
 
Terraform: Cloud Configuration Management (WTC/IPC'16)
byMartin Schütte
 
Terraform Modules and Continuous Deployment
byZane Williamson
 
Terraform in action
byDamien Pacaud
 
Effective terraform
byCalvin French-Owen
 
Building infrastructure with Terraform (Google)
byRadek Simko
 
Terraform: Configuration Management for Cloud Services
byMartin Schütte
 

What's hot

PDF
Declarative & workflow based infrastructure with Terraform
byRadek Simko
 
PDF
Elasticsearch (R)Evolution — You Know, for Search… by Philipp Krenn at Big Da...
byBig Data Spain
 
PDF
Infrastructure as code with Terraform
bySam Bashton
 
PPTX
Terraform at Scale
byCalvin French-Owen
 
PDF
London Hug 19/5 - Terraform in Production
byLondon HashiCorp User Group
 
PPTX
Terraform
byAdam Vincze
 
PPTX
AWS re:Invent 2014 talk: Scheduling using Apache Mesos in the Cloud
bySharma Podila
 
PDF
Real World Optimization
byDavid Golden
 
PDF
Deliver Docker Containers Continuously on AWS - QCon 2017
byPhilipp Garbe
 
PPTX
Testing & deploying terraform
byFarid Neshat
 
PDF
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
byStephane Jourdan
 
PDF
From * to Symfony2
byManuel Baldassarri
 
PDF
Terraform modules and best-practices - September 2018
byAnton Babenko
 
PPT
Scalable Event Tracking
byschibstedpayment
 
PDF
Terraform -- Infrastructure as Code
byMartin Schütte
 
PDF
Using Libvirt with Cluster API to manage baremetal Kubernetes
byHimani Agrawal
 
PDF
Scaling terraform
byPaolo Tonin
 
PDF
Orbiter and how to extend Docker Swarm
byGianluca Arbezzano
 
PDF
Terraform at Scale - All Day DevOps 2017
byJonathon Brouse
 
Declarative & workflow based infrastructure with Terraform
byRadek Simko
 
Elasticsearch (R)Evolution — You Know, for Search… by Philipp Krenn at Big Da...
byBig Data Spain
 
Infrastructure as code with Terraform
bySam Bashton
 
Terraform at Scale
byCalvin French-Owen
 
London Hug 19/5 - Terraform in Production
byLondon HashiCorp User Group
 
Terraform
byAdam Vincze
 
AWS re:Invent 2014 talk: Scheduling using Apache Mesos in the Cloud
bySharma Podila
 
Real World Optimization
byDavid Golden
 
Deliver Docker Containers Continuously on AWS - QCon 2017
byPhilipp Garbe
 
Testing & deploying terraform
byFarid Neshat
 
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
byStephane Jourdan
 
From * to Symfony2
byManuel Baldassarri
 
Terraform modules and best-practices - September 2018
byAnton Babenko
 
Scalable Event Tracking
byschibstedpayment
 
Terraform -- Infrastructure as Code
byMartin Schütte
 
Using Libvirt with Cluster API to manage baremetal Kubernetes
byHimani Agrawal
 
Scaling terraform
byPaolo Tonin
 
Orbiter and how to extend Docker Swarm
byGianluca Arbezzano
 
Terraform at Scale - All Day DevOps 2017
byJonathon Brouse
 

Similar to Zero downtime ECS host updates with Terraform

PDF
Zero down time ECS cluster upgrades
byPuneeth Nanjundaswamy
 
PPTX
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
byWeaveworks
 
PDF
intro elastic container service amazon aws
byDanielJara92
 
PPTX
Docker on Amazon ECS
byDeepak Kumar
 
PDF
ECS and ECR deep dive
byShiva Narayanaswamy
 
PDF
AWS DevOps - Terraform, Docker, HashiCorp Vault
byGrzegorz Adamowicz
 
PPTX
Amazon ECS.pptx tasks conatiner ecs new car
byzineblahib2
 
PDF
Amazon ECS (March 2016)
byJulien SIMON
 
PDF
Etcd terraform by Alex Somesan
byMaarten van der Hoef
 
PDF
Running Docker clusters on AWS (November 2016)
byJulien SIMON
 
PDF
Running Docker clusters on AWS (June 2016)
byJulien SIMON
 
PPTX
Efficient way to manage environments in AWS
byamii894
 
PPTX
A year in Production with the Hashistack
byJason Harley
 
PPTX
AWS Monitoring & Logging
byJason Poley
 
PDF
AWS System Administration Best Practices for Sysadmins in the Amazon Cloud 1s...
bykoidemoreaqb
 
PPTX
ECS and Docker at Okta
byJon Todd
 
PPTX
RIMA-Infrastructure as a code with Terraform.pptx
byMrJustbis
 
PDF
Getting started with Amazon ECS
byIoannis Polyzos
 
PPTX
"Continuously delivering infrastructure using Terraform and Packer" training ...
byAnton Babenko
 
PDF
AWS ECS Quick Introduction
byVinothini Raju
 
Zero down time ECS cluster upgrades
byPuneeth Nanjundaswamy
 
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
byWeaveworks
 
intro elastic container service amazon aws
byDanielJara92
 
Docker on Amazon ECS
byDeepak Kumar
 
ECS and ECR deep dive
byShiva Narayanaswamy
 
AWS DevOps - Terraform, Docker, HashiCorp Vault
byGrzegorz Adamowicz
 
Amazon ECS.pptx tasks conatiner ecs new car
byzineblahib2
 
Amazon ECS (March 2016)
byJulien SIMON
 
Etcd terraform by Alex Somesan
byMaarten van der Hoef
 
Running Docker clusters on AWS (November 2016)
byJulien SIMON
 
Running Docker clusters on AWS (June 2016)
byJulien SIMON
 
Efficient way to manage environments in AWS
byamii894
 
A year in Production with the Hashistack
byJason Harley
 
AWS Monitoring & Logging
byJason Poley
 
AWS System Administration Best Practices for Sysadmins in the Amazon Cloud 1s...
bykoidemoreaqb
 
ECS and Docker at Okta
byJon Todd
 
RIMA-Infrastructure as a code with Terraform.pptx
byMrJustbis
 
Getting started with Amazon ECS
byIoannis Polyzos
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
byAnton Babenko
 
AWS ECS Quick Introduction
byVinothini Raju
 

Recently uploaded

PDF
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PDF
Lost Android Phone Recovery_ Steps That Work Fast.pdf
byIsabella Reed
 
PDF
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
PDF
Prompt Engineering vs Content Engineering vs RAG.pdf
byVineet Sharma
 
PDF
Supercharging Grafana with Community Plugins
byImma Valls Bernaus
 
PPTX
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
PDF
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
PPTX
Connecting to MCP Servers in OutSystems Platform
byOzanCali
 
PDF
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PDF
Clean Architecture with Vertical Slice Architecture in .NET 8
byVineet Sharma
 
PDF
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
PDF
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
PDF
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
PDF
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
PDF
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
PDF
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
PDF
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
PDF
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
Lost Android Phone Recovery_ Steps That Work Fast.pdf
byIsabella Reed
 
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
Prompt Engineering vs Content Engineering vs RAG.pdf
byVineet Sharma
 
Supercharging Grafana with Community Plugins
byImma Valls Bernaus
 
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
Connecting to MCP Servers in OutSystems Platform
byOzanCali
 
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
Clean Architecture with Vertical Slice Architecture in .NET 8
byVineet Sharma
 
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 

Zero downtime ECS host updates with Terraform

  • 2.
    Managing ECS hostswith AWS lambda and step functions
  • 3.
  • 4.
    Terraform at Comtravo ➢Six environments maintained by Terraform. ➢ Integrated into our CI/CD pipeline. ➢ Each environment has: ○ 500+ AWS components. ○ 43 Lambdas. ○ 25 microservices.
  • 5.
    CI/CD at Comtravo:Mono-repo Pull request
  • 6.
    CI/CD at Comtravo:Mono-repo Pull request
  • 7.
    CI/CD at Comtravo:Mono-repo Merge to master
  • 8.
    CI/CD at Comtravo:Mono-repo Merge to master
  • 9.
  • 10.
  • 11.
    One such challenge: UpdateEC2 hosts in a ECS cluster
  • 12.
    Update EC2 hostsin a ECS cluster: Use cases ➢ You have a custom AMI for your ECS cluster(s). ➢ You want to always rollout the latest ECS-optimized AMIs. ➢ You want to rotate the admin keys. ➢ Change Instance type. ➢ Use an updated user_data script.
  • 13.
    Update EC2 hostsin a ECS cluster: The process ➢ Terraform emits an AWS cloudwatch event once launch configuration was created. ➢ Detach “old instances“ from ASG and wait for capacity. ➢ “Move” services from old instances to new instances. ➢ Terminate old instances when no more tasks running. ➢ Alert on failures.
  • 14.
    Terraform + AWSEvents + AWS Step functions = Awesome I created a new launch configuration lc-1234 for ASG asg-1234 belonging to ECS cluster cluster-A
  • 15.
    AWS CloudWatch Events time TaskA started bar Task C started Task B stopped ECS Host bla baz custom event custom event custom event
  • 16.
    Terraform Event Emitter resource"null_resource" "launch-config-update" { provisioner "local-exec" { command = "python ${path.module}/scripts/emit_launchconfig_event.py --launch_configuration_name ${aws_launch_configuration.ecs-lc.name} --autoscaling_group_name ${aws_autoscaling_group.ecs-asg.name} --ami ${var.aws_ami} --cluster ${var.cluster}" } triggers { launchConfigurationName = "${aws_launch_configuration.ecs-lc.name}" } }
  • 17.
    Terraform Event { "version": "0", "id":"f24d8f1c-8c3f-9b62-cb3c-54430739fc55", "source": "comtravo.terraform.alpha", "account": "1234567890", "time": "2018-05-09T13:35:43Z", "region": "eu-west-1", "resources": [ "ct-backend-ecs-alpha-t2.large-generic20180509133303168200000003" ], "detail": { "ami": "ami-bfb5fec6", "status": "ACTIVE", "agentConnected": false, "autoscalingGroupName": "ct-backend-ecs-alpha-t2.large-generic20180503065507554700000005", "environment": "alpha", "clusterArn": "arn:aws:ecs:eu-west-1:1234567890:cluster/ct-backend-ecs-alpha" "launchConfigurationName": "ct-backend-ecs-alpha-t2.large-generic20180509133303168200000003" }, "detailType": "ECS Launch Configuration Change" }
  • 18.
    AWS CloudWatch EventRules resource "aws_cloudwatch_event_rule" "ecs-manager" { name = "capture-ecs-events-${terraform.workspace}" description = "Capture ECS related events" event_pattern = <<PATTERN { "source": [ "comtravo.terraform.${terraform.workspace}" ], "detail-type": [ "ECS Launch Configuration Change" ], "detail": { "clusterArn": [ "arn:aws:ecs:${var.region}:${var.ct_account_id}:cluster/ct-backend-ecs-${terraform.workspace}" ], "status": ["ACTIVE"] } } PATTERN }
  • 19.
  • 20.
  • 22.
  • 23.
    You all havebeen awesome!!!
  • 24.
  • 25.
    ECS Challenge #1 ECSAGENT DISCONNECTS
  • 26.
    #1 ECS agentdisconnects - Initial solution ➢ Cron job on ECS hosts to notify via SNS event and restart ECS agent. ➢ Chances of ECS agent failing again due to some inherent problem within the instance are high.
  • 27.
    #1 ECS agentdisconnects - Initial solution
  • 28.
    #1 ECS agentdisconnects - Better solution ➢ Detect ECS agent disconnects. ➢ Bootup new ECS host and wait for it to be healthy. ➢ “Move” all the existing containers from the problematic instance to a new Instance. ➢ Terminate the problematic instance. ➢ Alert on failures.
  • 29.
    #1 ECS agentdisconnects - Better solution
  • 30.
    #1 ECS agentdisconnects: Detection How do we detect ECS agent disconnects? AWS Cloudwatch EVENTS to the rescue!!!
  • 31.
    #1 ECS agentdisconnects: ECS Events time Task A started bar Task C started Task B stopped foo baz ECS agent disconnected ECS agent connected ECS agent disconnected
  • 32.
    #1 ECS agentdisconnects: Filter ECS Events { "detail": { "agentConnected": [ false ], "clusterArn": [ "arn:aws:ecs:eu-west-1:1234567890:cluster/ct-backend-ecs-qa" ], "status": [ "ACTIVE" ] }, "detail-type": [ "ECS Container Instance State Change" ], "source": [ "aws.ecs" ] }
  • 33.
    #1 ECS agentdisconnects: Trigger step function
  • 34.
    #1 ECS agentdisconnects: ECS Events