There have been multiple analyses about the recent (2020/11/25) outage of AWS Kinesis and its cascading failure mode, taking a chunk of AWS services with it — including seemingly unrelated Cognito — due to dependencies hidden to the user. If you haven’t read the official postmortem statement by AWS yet, go read it now. There… Continue reading My Brief Thoughts on the AWS Kinesis Outage
Category: AWS
WordPress を AWS Lambda で運用する
以前 WordPress を AWS Lambda で 運用する記事を投稿 (英語) しましたが、EFS対応前に執筆しました。EFS を使える様になって、WordPress を AWS Lambda 内の実行環境が完全に変わったので新しい記事を書きました。 今回は、SAM より Terraform を選びました。理由はいくつかありますが、主には私が管理するインフラはほぼ Terraform で管理されているのため、既存環境と融合性が優れてる。 Terraform モジュールとして公開しています。ソースコードは GitHub で公開しています。 実際どうなの? まあまあいいよ。このリンク先で稼働しています。めちゃくちゃ速いわけでもないけど、遅すぎというわけでもない。CloudFrontを利用して静的アセットをキャッシュし、 opcache をチューニングしたらだいぶ速くなった。 通常なら Lambda が同時並行で起動されるときは個々のインスタンスが独立されて実行されれますが、 EFS を使えば異なる Lambda のインスタンスを跨いでファイルシステムを同期させることができる。このため、通常通り WordPress の更新、テーマやプラグインインストール、アップロード等利用できる。 準備するもの 今回のチュートリアルでは、 Lambda のソースコードに入ってるのは PHP を実行する環境のみ。 WordPress のファイル等は、 EFS のボリュームにインストールするので、別途 EC2 のインスタンスを用意する必要があります。 下記に、具体的に何を用意しないといけないのをリストしました。 有効なAWSアカウント インターネットにアクセスできるプライベートサブネット。 EFS を使うために VPC… Continue reading WordPress を AWS Lambda で運用する
WordPress on AWS Lambda (EFS Edition)
I previously wrote a post about running WordPress on AWS Lambda, but it was before EFS support was announced (EFS is a managed network file system AWS provides). Being able to use EFS completely changes the way WordPress works in Lambda (for the better!), so I felt it warranted a new blog post. In addition,… Continue reading WordPress on AWS Lambda (EFS Edition)
Rails on AWS: Do you need nginx between Puma and ALB?
When I set up Rails on AWS, I usually use the following pattern: (CloudFront) → ALB → Puma I was wondering: Is it always necessary to put nginx between the ALB and Puma server? My theory behind not using nginx is that because it has its own queue (while the Classic Load Balancer had a… Continue reading Rails on AWS: Do you need nginx between Puma and ALB?
Hosting a Single Page Application with an API with CloudFront and S3
I’ve written about how to host a single page application (SPA) on AWS using CloudFront and S3 before, using the CloudFront “rewrite not found errors as a 200 response with index.html” trick. Recently, working on a few serverless apps, I’ve realized that this trick, while quick, isn’t perfect. The specific case where it broke down… Continue reading Hosting a Single Page Application with an API with CloudFront and S3
Serverless WordPress on AWS Lambda
Update 2020/07/29: AWS recently announced EFS support for Lambda, which makes running WordPress in Lambda easier, with fewer limitations. Here’s the new article about how to run WordPress in Lambda using EFS. There are a few ways to run WordPress “serverless” on AWS. I’m going to talk about running WordPress on Lambda for this article.… Continue reading Serverless WordPress on AWS Lambda
Managing ECS clusters, 4 years in.
Throughout these past 4 years since AWS ECS became generally available, I’ve had the opportunity to manage 4 major ECS cluster deployments. Across these deployments, I’ve built up knowledge and tools to help manage them, make them safer, more reliable, and cheaper to run. This article has a bunch of tips and tricks I’ve learned… Continue reading Managing ECS clusters, 4 years in.
AWS Application Auto-scaling for ECS with Terraform
Update: Target tracking scaling is now available for ECS services. I’ve been working on setting up autoscaling settings for ECS services recently, and here are a couple notes from managing auto-scaling for ECS services using Terraform. min_capacity and max_capacity must both be set. schedule uses the CloudWatch schedule expression syntax, with the addition of the… Continue reading AWS Application Auto-scaling for ECS with Terraform
ECS ChatOps with CodePipeline and Slack
I’m currently working on migrating a Rails application to ECS at work. The current system uses a heavily customized Capistrano setup that’s showing its signs, especially when deploying to more than 10 instances at once. While patiently waiting for EKS, I decided to use ECS over manage my own Kubernetes cluster on AWS using something… Continue reading ECS ChatOps with CodePipeline and Slack
IAM Policy for KMS-Encrypted Remote Terraform State in S3
{ “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “s3:GetObject”, “s3:PutObject”, “s3:DeleteObject” ], “Resource”: [ “arn:aws:s3:::<bucket name>/*”, “arn:aws:s3:::<bucket name>” ] }, { “Effect”: “Allow”, “Action”: [ “kms:Encrypt”, “kms:Decrypt”, “kms:GenerateDataKey” ], “Resource”: [ “<arn of KMS key>” ] } ] } Don’t forget to update the KMS Key Policy, too. I spent a bit of… Continue reading IAM Policy for KMS-Encrypted Remote Terraform State in S3