AWS FIS able to restrict fargate targets to separate regular ECS from Fargate Batch Jobs?

0

Hi all!

With regards to AWS Fault Injection Simulator when working with ecs:stop-task or ecs:drain-containers actions, is there a way for the target to distinguish:

  • Batch job oriented fargate tasks/ecs clusters
  • Non-Batch (normal) fargate tasks/ecs clusters

Thanks!

asked 2 years ago260 views
2 Answers
0
Accepted Answer

Hello,

Warm Greetings !

When working with Fault Injection Simulator, there are following ways to identity the target resources and you can choose anyone depending on the one which best full-fills your use-case:

  1. Resources IDs: When configuring the target for resource type such as “aws:ecs:cluster”, you can select the target cluster using the “Resource IDs” dropdown which will show you all the existing clusters in that region. This allows you to selectively choose specific clusters as targets for your use-case.

  2. Resource Tags: Adding different tags to different resources can also be used to determine the target. So, adding same tags to similar cluster or tasks can help you to easily select multiple similar target at once when configuring target within FIS.

  3. Resource filters: This method allows you to use specific attribute of a resource to select your target. For example, in case we are talking about “aws:ecs:cluster”, so DescribeClusters [1] is the API call which can be used to get the details of a particular cluster. In your case if you call this API for your two different clusters and if there is a certain attribute which is different for these two types of cluster, then you can use that attribute to construct a “Resource filter” and select your targets.

For more details & examples around the above mentioned ways to Identify target resources, please refer the documentation link [2].

Additionally, I just wanted to share an additional details as you mentioned Fargate i.e. currently FIS supports container services as targets the ones with the EC2 Launch Type only [3]. You might receive an error such as "Unable to drain all container instances. The following targeted clusters do not contain ECS container instances: [clsuter-name] " if you target a ECS cluster Fargate resource.


== References ==

[1] https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeClusters.html

[2] https://docs.aws.amazon.com/fis/latest/userguide/targets.html#target-identification

[3] https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#ecs-actions-reference

AWS
SUPPORT ENGINEER
answered 2 years ago
  • Thanks, I can see how those options could make it work, but requires significant pre-setup by teams to get assets tagged the way desired....which at scale (say, 20 application ecs clusters and 5 batch job ecs clusters) was hoping for a more explicit and reusable way so that -other teams- could leverage such a solution other than bespoke tagging.

  • Additional potential - are there filters for subnets, such that if batch job ecs clusters (or tasks for the stop-task version) were in different array/list of subnets.

0

Gurjot_S: "I just wanted to share an additional details as you mentioned Fargate i.e. currently FIS supports container services as targets the ones with the EC2 Launch Type only [3]. You might receive an error such as "Unable to drain all container instances. The following targeted clusters do not contain ECS container instances: [clsuter-name] " if you target a ECS cluster Fargate resource.

-- thanks...that's kind of a big deal considering 100% of at least my ECS workload is Fargate

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions