aws black belt online seminar 2018 re:invent recap: compute, container and network
TRANSCRIPT
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.2018.01.17
【AWS Black Belt Online Seminar】
re:Invent Recap: Compute, Container and Network
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• 2018 1 17AWS (http://aws.amazon.com)
• AWSAWS
•
• AWS does not offer binding price quotes. AWS pricing is publicly available and is subject to change in accordance with the AWS Customer Agreement available at http://aws.amazon.com/agreement/. Any pricing information included in this document is provided only as an estimate of usage charges for AWS services based on certain information that you have provided. Monthly charges will be based on your actual use of AWS services, and may vary from the estimates provided.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Who am I ?
Keisuke NishitaniSpecialist Solutions Architect, Serverless
Amazon Web Service Japan K.K
@Keisuke69 Keisuke69 Keisuke69 Keisuke69Keisuke69x
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• API Gateway, Lambda, Cognito, S3, Kinesis, DynamoDB, Rekognition etc…
2018 2
Amazonhttp://amzn.asia/0QzrGYh
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compute update
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AMAZON EC2 HOST
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
NITRO SYSTEM
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CPU
C3
re:Invent 2013
AMAZON EC2 C3
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
EC2
re:Invent 2014
AMAZON EC2 C4
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
EC2
re:Invent 2014
AMAZON EC2 C4
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
C5 EC2
Annapurna AWS
Linux KVM
EC2
AMAZON EC2 C5
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AMAZON EC2 C5
CPUHPC
Skylake Xeon Platinum 8000 3.0GHzTurbo Boost 3.5GHz AVX-512
(C4) 25% /
NITRO CPU
Elastic Network Adaptor(ENA) 25Gbps
3
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
N E W
!
Bare Metal
Instances
AWS
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Bare Metal Instances
•
• AWS AWSOS
• Bare Metal i3.metal
• CPU:Intel Xeon E5-2686v4 2Processers(2.3Ghz), 36core(HT72core)
• :512GiB
• : 15.2TB SSDNVMe
• :25Gbps (ENA )
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Burstable
T2
Big DataOptimized
H1
MemoryOptimized
R4
In-memory
X1
High I/O
I 3
Compute Intensive
C5
GraphicsIntensive
G3
General Purpose GPU
P3
MemoryIntensive
X1e
General Purpose
M5
Vi rtual Pr i vate Servers
Bare Metal High I/O
I 3m
Dense Storage
D2 F1
FPGA
Amazon
Lightsail
EC2 Elast ic GPUs
Graph i cs accel erat i on f o r EC2 i nstances
EC2 Spot Instances
• Hi bernati on• No Bi d Pr i ci ng
N E
W !
NEW! NEW! NEW!
NEW!
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2 H1
•
• D2 CPU
• I/OCPU Intel Xeon E5-2686 v4
•
vCPU NW
h1.2xlarge 8 32GiB 2TB 10Gbps
h1.4xlarge 16 64GiB 4TB 10Gbps
h1.8xlarge 32 128GiB 8TB 10Gbps
h1.16xlarge 64 256GiB 16TB 25Gbps
H1
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2 M5
•
• 2.5GHz Xeon Platinum 8000 Skylake M414%
• NITRO
• EBS
• Intel-AVX512
•
vCPU EBS NW
m5.large 2 8GiB 2,120Mbps 10Gbps
m5.xlarge 4 16GiB 2,120Mbps 10Gbps
m5.2xlarge 8 32GiB 2,120Mbps 10Gbps
m5.4xlarge 16 64GiB 2,120Mbps 10Gbps
m5.12xlarge 48 192GiB 5,000Mbps 10Gbps
m5.24xlarge 96 384GiB 10,000Mbps 25Gbps
New Hypervisor!
M5
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
T2 Unlimited
• CPUCPU
• 24
• Cloudwatch
• 1vCPU Linux $0.05 Windows $0.096
•
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Nitro Hypervisor(C5&M5)OS ENA + NVMe ACPI OS
OS ( https://aws.amazon.com/jp/ec2/faqs/)
Amazon Linux 2014.03 or newer Ubuntu 14.04 or newer
SUSE Linux Enterprise Server 12 or newer Red Hat Enterprise Linux 7.4 or newer
CentOS 7 or newer FreeBSD 11.1-RELEASE
Windows Server 2012 R2 Windows Server 2016
Amazon Linux AMI
• AMI acpid (yum install acpid) stop
CentOS
• CentOS 6: ENA
• CentOS 7: Marketplace AMI M5 (C5 )
SLES 12
• AMI NVMe initramfs initramfsAMI
M5C5
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Container update
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
DAY ONE!
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
450+%
(2016 )50+
2015 GA
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
=API
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scheduling and Orchestration
Cluster Manager Placement Engine
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS
AWS VPC
AWS
ECS CLI{ }
(2018 )
CloudWatch
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
{
”cpu": “1 vCPU”,
”memory": “2 gb”,
"networkMode": ”AWSVPC",
"compatibilities": [”FARGATE", ”EC2"],
"placementConstraints": [],
"containerDefinitions": [
{
<snip>…....
• CPU
: CPU Task
Level
Resources
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CPU
50 CPU/
CPU Memory
256 (.25 vCPU) 512MB, 1GB, 2GB
512 (.5 vCPU) 1GB to 4GB (1GB )
1024 (1 vCPU) 2GB to 8GB (1GB )
2048 (2 vCPU) 4GB to 16GB (1GB )
4096 (4 vCPU) 8GB to 30GB (1GB )
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
FARGATE: UNDER THE
HOOD
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
HOW DO I RUN
CONTAINERS
ON FARGATE?
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fargate
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
ECS CONSTRUCTS
Define application containers: Image URL, CPU & Memory
requirements, etc.
register
Task Definition
create
Cluster• Infrastructure Isolation boundary
• IAM Permissions boundary
run
Task• A running instantiation of a
task definition
• Use FARGATE launch type
create
Service
Elastic Load Balancer
• Maintain n running copies
• Integrated with ELB
• Unhealthy tasks automatically replaced
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fargate
ECS API
- Fargate EC2
Task Definition
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPC INTEGRATION 172.31.0.0/16
Subnet
172.31.1.0/24
Internet
Other Entities in VPC
EC2 LB DB etc.
Private IP
172.31.1.164
• AWS VPC Networking Mode
• Fargate VPC/
• /
• Public IP
• AZ
us-east-1a
us-east-1b
us-east-1c
ENI FargateTaskPublic /
208.57.73.13 /
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
LOAD BALANCING
APPLICATION LOAD BALANCER
NETWORK LOAD BALANCER
Task network mode awsvpcALB/NLB target type ip ECS/Fargate
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
SECURITY
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
PROD Cluster Infrastructure
DEV Cluster Infrastructure
BETA Cluster Infrastructure
QA Cluster InfrastructureWeb Web
Shopping
Cart
Shopping
Cart
Notifications NotificationsWeb
Shopping
Cart NotificationsWeb
Shopping
Cart
Shopping
Cart
Notifications NotificationsWeb Web
PROD CLUSTER BETA CLUSTER
DEV CLUSTER QA CLUSTER
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
PERMISSION TIERS
Cluster
Permissions
Application
Permissions
Task
Housekeeping
Permissions
Cluster
Fargate Task
Cluster Permissions:/
Application (Task) Permissions:AWS
Housekeeping Permissions:ECS
e.g.
• ECR Image Pull
• CloudWatch Logs pushing
• ENI creation
• Register/Deregister targets into ELB
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CONTAINER REGISTRIES
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
REGISTRY SUPPORT
3rd Party Private Repositories (coming soon!)
Public Repositories supported
Amazon Elastic Container Registry (ECR)
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VISIBILITY AND MONITORING
CloudWatch LogsCloudWatch Events
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
STORAGE
Container Storage Space 10GB
Ephemeral storage backed by EBS
4GB
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fargate EC2
• Fargate
• Windows Containers
• GPU Support
• docker exec
• Spot RI
• Task
• Fargate OK
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fargate Lambda
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
99.99%
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What is Kubernetes?
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
63%of Kubernetes workloads
run on AWS today —CNCF survey
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
3x Kubernetes masters for HA
Kubernetes on AWS
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
API
server
Cloud
controller
Controller
manager
Scheduler Add-onsKubeDNS
Kubernetes master
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Availability
Zone 1
Etcd
Master
Etcd
Master
Etcd
Master
Availability
Zone 2
Availability
Zone 3
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Availability
Zone 1
Etcd
Master
Etcd
Master
Availability
Zone 2
Availability
Zone 3
Etcd
Master
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“Run Kubernetes for me.”
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“Nat ive AWS Integrat ions.”
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
”An Open Source Kubernetes Exper ience.”
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Elast ic Container Ser vicefor Kubernetes (EKS)
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Tenet 1
EKS
Tenet 2
EKSKubernetes
Tenet 3
EKS AWS
Tenet 4
EKS Kubernetes
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Availability
Zone 1
Etcd
Master
Etcd
Master
Availability
Zone 2
Availability
Zone 3
Etcd
Master
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
mycluster.eks.amazonaws.com
Availability
Zone 1
Availability
Zone 2
Availability
Zone 3
Kubectl
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
APIAPIAPIAPI
EKS
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
aws eks create-cluster –cluster-name reinvent2017 –desired-master-version 1.7.1 –role-arn arn:aws:iam::account-id:role/role-name
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
HTTP/1.1 200 Content-type: application/json
{ "cluster": { "clusterName": "string", "createdAt": number, "currentMasterVersion": "string", "desiredMasterVersion": "string", "masterEndpoint": "string", "roleArn": "string", "status": "string", "statusMessage": "string" }
}
aws eks create-cluster
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
aws eks describe-cluster –cluster-name reinvent2017
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
HTTP/1.1 200 Content-type: application/json
{ "cluster": { "clusterName": "string", "createdAt": number, "currentMasterVersion": "string", "desiredMasterVersion": "string", "masterEndpoint": "string", "roleArn": "string", "status": "string", "statusMessage": "string" }
}
aws eks describe-cluster –cluster-name reinvent2017
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
aws eks list-clusters
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
HTTP/1.1 200 Content-type: application/json{ "clusterArns": [ "string" ], "nextToken": "string" }
aws eks list-clusters
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
aws eks delete-cluster –cluster-name reinvent2017
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
HTTP/1.1 200 Content-type: application/json
{ "cluster": { "clusterName": "string", "createdAt": number, "currentMasterVersion": "string", "desiredMasterVersion": "string", "masterEndpoint": "string", "roleArn": "string", "status": "string", "statusMessage": "string" }
}
aws eks delete-cluster –cluster-name reinvent2017
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fargate EKS 2018
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fargate EKS 2018
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Native VPC networking
with CNI plugin
Pods have the same VPC
address inside the pod
as on the VPC
Simple, secure networkingOpen source and
on Github
…{ }
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Kubernetes Network
Policies enforce network
security rules
Calico is the leading
implementation of the
network policy API
Open source, active
development (>100
contributors)
Commercial support
available from Tigera
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Heptio IAM Authenticator
An open source approach to integrating
AWS IAM authentication with Kubernetes
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Kubectl
3) Authorizes AWS Identity with RBAC
K8s API
1) Passes AWS Identity
2) Verifies AWS Identity
4) K8s action
allowed/denied
AWS Auth
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network update
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
( )
Network
ISP,IXP,VPNSE AWS
AWS : ELB,Direct Connect,VPC,Market Place
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
• AWS Direct Connect Gateway
• AWS PrivateLink
• Amazon VPC(Inter-region VPC peering)
• AWS Time Sync Service
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Direct Connect Gateway
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• Direct Connect Gateway Hub
VPC
• Direct Connect VPC
• 1 Direct Connect VPC
• Direct Connect Direct Connect Gateway
Direct Connect Gateway
1 Direct Connect
VPC
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
1. Direct Connect Gateway Direct Connect
•
2. Direct Connect Gateway VPC
• VPC
3. VPC
4. VIF VPC
us-east-1
(
ap-northeast-1
( )
1. 2. 172.16.0.0/16
10.0.0.0/16
3.
4.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS PrivateLink
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS PrivateLink for AWS
• https://aws.amazon.com/jp/about-aws/whats-
new/2017/11/introducing-aws-privatelink-for-aws-services/
• IP
Amazon Virtual Private
Cloud (VPC) AWS
•
• Amazon Kinesis Streams
• Elastic Load Balancing API
• Amazon Elastic Compute Cloud (Amazon EC2) API
• Amazon EC2 Systems Manager (SSM)
• AWS Service Catalog
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPC Endpoint
VPC Endpoint
IP AWS
VPCS3
Dynamo DB
VPC
Endpoint
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPC Endpoint
VPC Endpoint VPC Endpoint
VPC Endpoint for S3
VPC Endpoint for DynamoDB
VPC Endpoint for S3
VPC Endpoint for DynamoDB
Gateway
EC2
PrivateLink:Interface
SSM Kinesis Stream
ServiceCatalog ELB
VPC Endpoint Gateway Privatelink(Interface )
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
•
VPC
• IP
IP
Gateway
S3
Dynamo DB
VPC Endpoint(vpce-1a2b3c)
S3 vpce-1a2bc3
S3 IP pl-xxxxx
Destination AWS
Amazon Provided DNS
S3 IP 52.219.68.108
52.219.68.108
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
•
IP
• VPC DNS
IP
•
IP
PrivateLink (Interface )
EC2 API
Kinesis Streams API
Amazon Provided DNSAPI
EC2 VPC 10.0.0.100
EC2 VPC 10.0.1.100
EC2 API IP 10.0.0.100 or
10.0.1.100
10.0.0.100
AWS
EC2 API
API
IPIP
ELB
RDS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Gateway PrivateLink(Interface )
IAM PolicyIP
1 IP0.014 USD/ + 0.01 USD/ GBhttps://aws.amazon.com/jp/vpc/pricing/
AZ
AZ
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS PrivateLink
VPCAWS PrivateLink
AWSNetwork Load Balancer TCP
AWS Marketplace
SaaS• CA Technologies – CA Infrastructure Management Essentials, CA App Experience Analytics
Essentials, CA Application Performance Management Essentials.
• Aqua Security – Aqua Container Image Security Scanner.
• Dynatrace – Could-Native Monitoring powered by AI.
• Cisco Stealthwatch – Public Cloud Monitoring – Metered, Public Cloud Monitoring – Contracts.
• Sig Opt – ML Optimization & Tuning.
& VPC
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Privatelink
A
10.1.1.0/24
VPC CIDR: 10.1.0.0 /16
B
10.2.1.0/24
VPC CIDR: 10.1.0.0 /16 VPC CIDR: 10.1.0.0 /16 NLB
•
•
•
• IP
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Inter-region VPC peering
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPC
VPC
• VPCVPC
• AWS
•
•
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPC Peering (VPC )
A
10.1.1.0/24
VPC CIDR: 10.1.0.0 /16
B
10.2.1.0/24
Route Table
Destination Target
10.2.0.0/16 local
0.0.0.0/0 pcx-xxxxxx
VPC CIDR: 10.1.0.0 /16 VPC CIDR: 10.2.0.0 /16
pcx-xxxxxx
VPC
AWS
AWS (
) VPC
MTU (VPC Peering 1,500)Route Table
Destination Target
10.0.0.0/16 local
0.0.0.0/0 pcx-xxxxxx
http://docs.aws.amazon.com/ja_jp/AmazonVPC/latest/UserGuide/vpc-peering.html
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Time Sync Service
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Time Sync Service
• VPC NTP
• EC2 NTP IP169.254.169.123
–
• Leap Smearing
•
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Leap Smearing (2015/07/01)
UTC AWS Adjusted Clock AWS vs. UTC Notes
11:59:59 AM June 30th, 2015 11:59:59 AM June 30th, 2015 +0AWS clocks are synchronized to UTC.
12:00:00 PM 12:00:00 PM +0
12:00:01
Each second is 1/86400 longer and AWS clocks fall behind UTC.
The gap gradually increases to up to 1/2 second.
12:00:01 +1/86400
12:00:02
12:00:02 +2/86400
… … …
23:59:59
23:59:59 +43199/86400
23:59:60 Leap second injected to UTC.
00:00:00 AM July 1st, 2015 -1/2 AWS clocks gain 1/2 second ahead of UTC.
00:00:00 AM July 1st, 2015
AWS clocks keep falling behind and the gap with UTC shrinks
gradually.
00:00:01 -43199/86400
00:00:01
00:00:02 -43198/86400
… … …
11:59:59 AM -1/86400
11:59:59 AM
12:00:00 PM July 1st ,2015 12:00:00 PM July 1st ,2015 +0
The gap shrinks to zero. AWS clocks synchronize to UTC again.12:00:01 12:00:01 +0
… … …
AWS 12
1 1/864000
(Smearing )
1/2
AWS 1/864000
0.5
12
UTC
Smearing
https://aws.amazon.com/jp/blogs/aws/look-before-you-leap-the-coming-leap-second-and-aws/
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS • http://aws.amazon.com/jp/aws-jp-introduction/
AWS Solutions Architect • Q&A
• http://aws.typepad.com/sajp/
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Twitter/Facebook
AWS
@awscloud_jp
http://on.fb.me/1vR8yWm
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS
AWS
https://aws.amazon.com/jp/contact-us/aws-sales/
AWS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.