[20160502194942] Amazon Linux 2016.03

On April 5th, Amazon sent this announcement:

We recently released a new Amazon ECS-optimized AMI that includes Amazon Linux 2016.03 and addresses an issue that causes the agent to stop accepting incoming requests.

This update starts using the amzn-ami-2016.03.a-amazon-ecs-optimized AMIs that are listed on the Launching an Amazon ECS Container Instance docs

Generally Convox is fast to follow AMI updates. However the upgrade from Amazon Linux 2015.09 to 2016.03 had system changes that caused some problems with the Convox UserData around restarting the Docker daemon to pick up custom settings. We now configure the instance with CloudInit which offers the ability to write custom Docker settings to the disk earlier in the boot process so they are there when the AMI does the first Docker start.

This is all for your information only. This is precisely the type of work we think Convox should sort out so you don’t have to.

Thanks a ton to @bobzoller for contributing the original patch and @mwarkentin for lots of testing.

SwapSize Parameter

Swap is now offered on a dedicated 5GB EBS volume. Advanced users can tune the amount of swap with the SwapSize Parameter.

Prior to this swap was a file on the root partition. In some cases this contributed to instance failures when the root partition is 100% full.

Most applications should not use swap, but we have seen some large Rails and Python apps benefit greatly from having swap available. To enable swap for an application, run convox env set SWAP=1.

Note that ECS does not not yet support swap (GitHub issue) but Convox does!

InstanceRunCommand Parameter

Convox offers an experimental parameter, InstanceRunCommand, that enables you to customize your cluster without burning custom AMIs.

You can use this to install custom packages on every instance:

$ convox rack params set InstanceRunCommand="yum install -y htop"

Run a Docker container on every instance:

$ convox rack params set InstanceRunCommand="docker run -d --rm logstash logstash -e 'input { stdin { } } output { stdout { } }'"

This can be extended to even setup complex monitoring tools like DataDog on every instance:

$ convox rack params set InstanceBootCommand="\"echo '**** START BOOTSTRAP ***' ; curl -H 'Authorization: token <token>' -H 'Accept: application/vnd.github.v3.raw' -o /tmp/bootstrap.sh -L https://raw.githubusercontent.com/user/repo/master/amazon-linux-ecs-bootstrap.sh ; DATADOG_API_KEY=<key> bash /tmp/bootstrap.sh\""

You do need to be careful about string and shell encoding on with this parameter.

Thanks to @mwarkentin for motivation and testing.

ACM Region Check

This update improves error report on convox certs create in regions that do not have AWS Cert Manager available.

Convox Service Proxy

This update offers a proxy utility to help securely access your Convox services like Postgres from your laptop:

$ convox services proxy postgres-1833
proxying to staging-postgres-1833.jrfuyrifhdjk.us-east-1.rds.amazonaws.com:5432

$ psql -h localhost