[06] Services & Scheduling

Question 1

What types of service autoscaling does ECS support?

Answer 1

Target tracking, step scaling policies, and scheduled scaling

Question 2

What does target tracking autoscaling do?

Answer 2

The desired count of the service is adjusted to maintain a metric at a target value

Question 3

What is a limitation of target tracking autoscaling?

Answer 3

It only works for services that should scale-out when the metric is above the target value

Question 4

How are scaling decisions made for scale-out and scale-in with multiple scaling policies?

Answer 4

Scale-out occurs if any of the policies are ready to scale-out, scale-in occurs if any of the policies are ready to scale-in

Question 5

What does step scaling autoscaling do?

Answer 5

The desired count is adjusted in steps based on the size of alarm breaches

Question 6

What is an advantage of step scaling autoscaling?

Answer 6

Step-scaling allows faster scale outs because the threshold and step size is configurable

Question 7

What happens during a cooldown period after a scaling event?

Answer 7

Further scale-outs will only occur if they are larger than the previous event, and scale-in activities are blocked

Question 8

What are scaling decisions based on?

Answer 8

The actual number of running tasks in the service, not the desired count

Question 9

What happens to scale-in processes during deployments?

Answer 9

Scale-in processes are stopped during deployments, but scale-outs can occur

Question 10

What are the most common forms of service load balancing?

Answer 10

ALBs and NLBs

Question 11

Can NLBs be used for dynamic port mapping?

Answer 11

Yes

Question 12

What should the load balancer’s subnet configuration include?

Answer 12

All the AZ’s that tasks are running in

Question 13

What condition should be met to prevent 502 errors?

Answer 13

StopTimeout > target group registration delay > client connection timeout

Question 14

What other condition should be met to prevent 502 errors?

Answer 14

task idle timeout > ALB idle timeout

Question 15

Do the load balancer and tasks need to be in the same VPC?

Answer 15

Yes, but not necessarily the same subnets

Question 16

What can be assigned to NLBs to give them a static IP?

Answer 16

Elastic IPs

Question 17

Can services be registered to multiple target groups?

Answer 17

Yes, but these target groups must be used either all with ALB(s), or all with NLB(s)

Question 18

How can NLBs be configured to terminate connections when the task is stopped?

Answer 18

By setting the connection terminate setting in the target group

Question 19

What are the two ways to connect to a service via API Gateway?

Answer 19

1. Create an HTTP API and route to the service using an ALB, NLB or CloudMap 2. Create a REST API, configure private integration, and route to the service using an NLB

Question 20

What does Service Connect only support connectivity between?

Answer 20

ECS services

Question 21

Why does Service Connect only support connectivity between ECS services?

Answer 21

Because it doesn’t publish DNS records - the proxy sidecar discovers the endpoints using the CloudMap API

Question 22

What networking modes are supported by Service Connect?

Answer 22

bridge and awsvpc

Question 23

What features do the proxies attached to each task by Service Connect enable?

Answer 23

Round-robin load balancing, retries, and the collection of CloudWatch metrics

Question 24

What does Service discovery integrate with?

Answer 24

Cloud Map

Question 25

What does Service discovery support in addition to ECS clients?

Answer 25

Non-ECS clients

Question 26

What networking modes are supported by Service discovery?

Answer 26

awsvpc and bridge for clients that support SRV records

Question 27

What are the three states a service can be in?

Answer 27

ACTIVE, DRAINING, INACTIVE

Question 28

When is a service in the DRAINING state?

Answer 28

Deletion has been triggered, but there are still active tasks

Question 29

When is a service in the INACTIVE state?

Answer 29

All tasks have transitioned to STOPPING or STOPPED and ECS is ready to delete the service

Question 30

What happens to unhealthy tasks in a service?

Answer 30

They are replaced by the service scheduler

Question 31

If a replacement task is UNHEALTHY, what does the service scheduler do?

Answer 31

It will stop either the original or replacement task

Question 32

What are the two service scheduler strategies?

Answer 32

REPLICA, DAEMON

Question 33

What does the REPLICA scheduler strategy do?

Answer 33

The scheduler maintains the desired number of tasks and spreads tasks across AZs by default

Question 34

What does the DAEMON scheduler strategy do?

Answer 34

Exactly one instance of the task runs on each active container instance that matches the task placement constraints

Question 35

What happens with daemon tasks on an instance?

Answer 35

They launch before replica tasks are started on an instance, and are the last to stop to ensure they have priority for resource reservations

Question 36

What are the three update deployment types for services?

Answer 36

Rolling update, Blue / Green deployment with CodeDeploy, External deployment

Question 37

What is a rolling update?

Answer 37

Current tasks are incrementally replaced with new tasks

Question 38

What is minimumHealthyPercent for a rolling update?

Answer 38

The lower limit on the number of tasks that should run during a deployment, expressed as percentage of the desired count

Question 39

What is maximumPercent for a rolling update?

Answer 39

The upper limit of tasks that can run in the service relative to the desired count

Question 40

What are stuck deployments?

Answer 40

When the scheduler can’t stop or start any new tasks

Question 41

What causes a stuck deployment when tasks can’t be stopped?

Answer 41

The minimum required tasks is rounded up e.g. if the desired count is two and minimumHealthyPercent is 75%, then tasks can’t be stopped

Question 42

What causes a stuck deployment when tasks can’t be started?

Answer 42

The maximum allowed tasks is rounded down e.g. if the desired count is 2 the maximum percent is 125%, then tasks can’t be started

Question 43

What is failure detection for deployments?

Answer 43

It identifies when a deployment has failed, and optionally triggers a rollback to the last COMPLETED deployment

Question 44

What does the deployment circuit breaker check?

Answer 44

That the tasks transition to the RUNNING state, and don’t fail ELB, CloudMap or container health checks

Question 45

What is the failure threshold for the deployment circuit breaker?

Answer 45

50% of the desired task count, bounded on [3, 200] tasks

Question 46

How can CloudWatch alarms be used for custom failure detection criteria?

Answer 46

The alarm is ignored if it’s in the ALARM state at the beginning of the deployment, and during the bake time ECS continues to monitor the alarms even after the new tasks have started while the deployment remains IN_PROGRESS

Question 47

What steps does the service scheduler take to replace tasks during a deployment?

Answer 47

First removes the task from the load balancer and waits for connections to drain, then sends a SIGTERM to the container(s), then a SIGKILL if they don’t stop before the stopTimeout

Question 48

What handles Blue/Green deployments?

Answer 48

CodeDeploy

Question 49

What are the three ways to shift traffic during a Blue/Green deployment?

Answer 49

Canary, Linear, All-at-once

Question 50

What is required for a Blue/Green deployment?

Answer 50

The service must use an ALB or NLB with two target groups

Question 51

What does the external deployment type allow?

Answer 51

ECS to delegate deployment to a third-party controller, which uses the ECS API actions e.g. UpdateTaskSet

Question 52

What is task scale-in protection?

Answer 52

It prevents a specific task from being terminated by service autoscaling or a deployment

Question 53

How can task scale-in protection be set?

Answer 53

Either with the container agent endpoint or ecs:UpdateTaskProtection

Question 54

What is service throttling?

Answer 54

When service tasks repeatedly fail to reaching RUNNING

Question 55

What happens during service throttling?

Answer 55

The time between subsequent restart attempts is gradually increased up to 15 minutes

Question 56

What tasks will trigger service throttling?

Answer 56

Only tasks that never reach RUNNING, not tasks which fail health checks or immediately exit

Question 57

What service event is generated during throttling?

Answer 57

(service service-name) is unable to consistently start tasks successfully.

Question 58

What states do tasks transition through in ECS?

Answer 58

PROVISIONING, PENDING, ACTIVATING, RUNNING, DEACTIVATING, STOPPING, DEPROVISIONING, STOPPED

Question 59

What state will a task be in while ECS is performing additional steps before it is launched?

Answer 59

PROVISIONING

Question 60

What is the PROVISIONING state?

Answer 60

ECS needs to perform additional steps before the task is launched e.g. provision an ENI for the task if it’s awsvpc

Question 61

What state is a task in when ECS is waiting for the agent to take further action?

Answer 61

PENDING

Question 62

What is the PENDING state?

Answer 62

ECS is waiting for the agent to take further action

Question 63

What state is a task in when ECS is performing additional steps after it has launched?

Answer 63

ACTIVATING

Question 64

What is the ACTIVATING state?

Answer 64

ECS is performing additional steps after the task has launched e.g. registering it with an ELB target group

Question 65

What state is a task in when it is successfully running?

Answer 65

RUNNING

Question 66

What is the RUNNING state?

Answer 66

The task is successfully running

Question 67

What state is a task in when ECS is performing additional steps before stopping it?

Answer 67

DEACTIVATING

Question 68

What is the DEACTIVATING state?

Answer 68

ECS is performing additional steps before the tasks is stopped e.g. deregistering it from a target group

Question 69

What state is a task in when ECS is waiting for the agent to stop it?

Answer 69

STOPPING

Question 70

What is the STOPPING state?

Answer 70

ECS is waiting for the ECS agent to take further action

Question 71

What linux parameters are supported for stopping tasks?

Answer 71

For Linux containers, the agent sends a SIGTERM to the container(s), then SIGKILL after waiting the stopTimeout

Question 72

What state is a task in when ECS is performing additional steps after stopping it?

Answer 72

DEPROVISIONING

Question 73

What is the DEPROVISIONING state?

Answer 73

ECS is performing additional steps e.g. deleting the ENI for awsvpc tasks

Question 74

What state is a task in after it has been successfully stopped?

Answer 74

STOPPED

Question 75

What is the STOPPED state?

Answer 75

The task has been successfully stopped