Posts Tagged aws

Provisioned Concurrency: Avoiding Cold Starts in AWS Lambda

Provisioned Concurrency: Avoiding Cold Starts in AWS Lambda

AWS Lambda cold starts (the time it takes for AWS to assign a worker to a request) are a major frustration point of many serverless programmers. In this article, we will take a look at the problem of latency-critical serverless applications, and how Provisioned Concurrency impacts the status-quo. Concurrency Model of AWS Lambda Despite being serverless, AWS Lambda uses lightweight containers to process incoming requests. Every container, or worker, can process only a single request at any given time.

Read more →

AWS EKS - How to Scale Your Cluster

AWS EKS - How to Scale Your Cluster

AWS Elastic Kubernetes Service (EKS) provides a range of performance and control for dynamically scaling your Kubernetes clusters, including Managed Node Groups, Fargate, and Manually-Managed Node Groups in EC2. In this post, we’ll see how to use each of these compute options, and when to prefer one over the other in order to maximize productivity, flexibility, and control, based on your needs.

Read more →

Running AWS IAM Access Analyzer at Deployment Time

Running AWS IAM Access Analyzer at Deployment Time

Yesterday AWS announced an exciting new feature — the AWS Identity and Access Management (IAM) Access Analyzer — a service powered by automated reasoning that detects potentially-insecure access to your AWS resources, including S3 Buckets, SQS Queues, Lambdas, and more. At the same time, Pulumi announced a new policy as code solution, CrossGuard, that validates policies at deployment time. The question is: Can IAM Access Analyzer and Pulumi CrossGuard be combined to get the best of both solutions?

Read more →

Inside Crosswalk for Kubernetes

Inside Crosswalk for Kubernetes

Running Kubernetes in production can be challenging. This past year, Pulumi has collected common patterns of usage informed by best practices for provisioning Kubernetes infrastructure and running containerized applications. We call this Pulumi Crosswalk for Kubernetes: a collection of playbooks and libraries to help you to successfully configure, deploy, and manage Kubernetes in a way that works for teams in production. Kubernetes is Vast and Complex Kubernetes is the standard multi-cloud platform for modern containerized applications.

Read more →

Architect AWS Application Infrastructure

Architect AWS Application Infrastructure

In this post, we will talk about the best way to architect your Pulumi applications. We are going to build out the following infrastructure in AWS: AWS Fargate service that does not serve traffic directly AWS ALB as the entry point to the Fargate Service AWS RDS Instance that is stored in a separate network from the Application and does not service traffic directly from the internet To do this, we are going to split the infrastructure into two AWS VPCs.

Read more →

Run Your Own RSS Server on AWS with Pulumi

Run Your Own RSS Server on AWS with Pulumi

It’s been a few years since Google shut down Google Reader, and while a number of nice commercial alternatives have sprung in its wake, none of them has ever been quite the right fit for me personally.

So a while back, after far too much time spent wandering the blogsphere manually, typing URLs into address bars by hand, I decided to go looking to see whether the universe had produced an open-source solution to this problem — and to my surprise and delight, it had! Miniflux is an excellent little open-source RSS server and reader, written in Go and backed by PostgreSQL, that also happens to be packaged as a Docker container. So in this post, I’ll show how easy it is to deploy a Miniflux server of your own on AWS, using only Pulumi and a few lines of TypeScript.

Read more →

Persisting Kubernetes workloads with Amazon EFS CSI volumes

Persisting Kubernetes workloads with Amazon EFS CSI volumes

Warning Some parts of this blog post are out-of-date. As an alternative, please refer to the EFS CSI Helm Chart and Pulumi’s support for deploying helm charts The Amazon Elastic File System Container Storage Interface (CSI) Driver implements the CSI specification for container orchestrators to manage the lifecycle of Amazon EFS filesystems. The CSI specification defines an interface along with the minimum operational and packaging recommendations for a storage provider to implement a CSI compatible plugin.

Read more →

ECS vs Fargate vs EKS: The Lowdown on Containers in AWS

ECS vs Fargate vs EKS: The Lowdown on Containers in AWS


Amazon offers multiple solutions for running containers in AWS, through its managed Elastic Container Service (ECS). This includes three major approaches: ECS managed automatically with Fargate, ECS backed by EC2 instances, and Elastic Kubernetes Service (EKS), delivering the full power of Kubernetes. It’s not always easy to choose between these, so in this article we provide some basic guidance on the tradeoffs you’ll encounter when choosing.

Read more →

AWS CloudWatch made easy with Pulumi Infrastructure-as-Code

AWS CloudWatch made easy with Pulumi Infrastructure-as-Code

Pulumi Crosswalk for AWS modules can be used to get first class insights and visualizations directly inside your Pulumi application.

As cloud applications tend to be long-lived, we think it’s vital that it be possible to get regular insights on the performance of the application at all times. Using Crosswalk for AWS Pulumi applications allow you to easily define and visualize the appropriate metrics that show the health of your services, create alarms to let you know when something is wrong, and easily create dashboards to get live visualization of what is happening in the cloud. Because this is vital to the health of the application, we think this should be something built in from the start, and not something added after the fact as an out of band artifact.

Read more →

Mapbox IOT-as-code with Pulumi Crosswalk for AWS

Mapbox IOT-as-code with Pulumi Crosswalk for AWS

Guest Author: Chris Toomey, Solution Architect Lead @ Mapbox

With 8 billion+ connected IoT devices and 2 billion GPS-equipped smartphones already online, logistics businesses are tracking assets at every step in the supply chain. At this scale and complexity, it is imperative to have a flexible way to ingest, process, and act upon this data, without sacrificing security or best practices.

To meet this need, Mapbox has created an Asset Tracking Solution that uses Pulumi’s open source JavaScript libraries (AWS, AWSX) available with multi-language support with Pulumi Crosswalk for AWS. Pulumi Crosswalk for AWS is an open source framework that streamlines creation, deployment and management of AWS services with built-in AWS Best Practices and minimal lines of code in common programming languages.

In this blog, we will show snippets of the Javascript code that embraces the power of Pulumi to program AWS service APIs to create the Mapbox solution. To see the full architecture in action with a live bike race across America, please refer to this webinar recorded on June 13th 2019 and the Mapbox asset tracking solution. Also refer to this blog of the Race across America showcased live during the webinar tomorrow.

Read more →