AWS has service limits to protect you from unexpected excessive provisioning, as well as protection from malicious actions intended to increase your bill, as well as to protect the service endpoints. Similar limits often are present in SaaS and other third party interfaces. In a data center or office workspace, there are limitations in network, storage, and compute availability. Document and manage your limitsYou need to know what your current limits are. Managing limits- Document the current limits of the AWS services used (may require AWS Support)
- Document physical limitations of physical data centers or office workspace
- Select system of record to store these limits: database, Configuration Management Database (CMDB), etc.
- Integrate current AWS usage via AWS Config or other AWS service APIs such as EC2 Describe Instance
- Integrate current use of physical data center or office resources from monitoring systems
- Configure or create systems to create alerts when limits are approached
- Create system to call AWS Support API to automatically enter tickets to request limit increases when within an acceptable limit. Acceptable can be cost driven, absolute limit for visibility, both reasons, or another reason.
Resourceshttps://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html For cloud-based workload architectures, there are service quotas (which are also referred to as service limits). These quotas exist to prevent accidentally provisioning more resources than you need and to limit request rates on API operations so as to protect services from abuse. There are also resource constraints, for example, the rate that you can push bits down a fiber-optic cable, or the amount of storage on a physical disk. ResourcesAWS Live re:Inforce 2019 - Service Quotas
What Is Service Quotas?
AWS Service Quotas (formerly referred to as service limits)
Amazon EC2 Service Limits
AWS Trusted Advisor Best Practice Checks (see the Service Limits section)
AWS limit monitor on AWS answers
AWS Marketplace: CMDB products that help track limits
APN Partner: partners that can help with configuration management Best Practices:Aware of service quotas and constraints: You are aware of your default quotas and quota increase requests for your workload architecture. You additionally know which resource constraints, such as disk or network, are potentially impactful. Manage service quotas across accounts and regions: If you are using multiple AWS accounts or AWS Regions, ensure that you request the appropriate quotas in all environments in which your production workloads run. Accommodate fixed service quotas and constraints through architecture: Be aware of unchangeable service quotas and physical resources, and architect to prevent these from impacting reliability. Monitor and manage quotas: Evaluate your potential usage and increase your quotas appropriately allowing for planned growth in usage. Automate quota management: Implement tools to alert you when thresholds are being approached. By using AWS Service Quotas APIs, you can automate quota increase requests. Ensure that a sufficient gap exists between the current quotas and the maximum usage to accommodate failover: When a resource fails, it may still be counted against quotas until its successfully terminated. Ensure that your quotas cover the overlap of all failed resources with replacements before the failed resources are terminated. You should consider an Availability Zone failure when calculating this gap. For some AWS services, you can use the usage metrics to visualize your current service usage on CloudWatch graphs and dashboards. You can use a CloudWatch metric math function to display the service quotas for those resources on your graphs. You can also configure alarms that alert you when your usage approaches a service quota. For more information about service quotas, see What Is Service Quotas in the Service Quotas User Guide. Currently, the following services integrate their usage metrics with Service Quotas: To visualize a service quota and optionally set an alarm Open the CloudWatch console at https://console.aws.amazon.com/cloudwatch/. In the navigation pane, choose Metrics. On the All metrics tab, choose Usage, and then choose By AWS Resource. The list of service quota usage metrics appears. Select the check box next to one of the metrics. The graph displays your current usage of that AWS resource. To add your service quota to the graph, do the following: Choose the Graphed metrics tab. Choose Math expression, Start with an empty expression. In the new row, under Details, enter SERVICE_QUOTA(m1). A new line is added to the graph, displaying the service quota for the resource represented in the metric.
To see your current usage as a percentage of the quota, add a new expression or change the current SERVICE_QUOTA expression. The new expression to use is m1/SERVICE_QUOTA(m1)*100. (Optional) To set an alarm that notifies you if you approach the service quota, do the following: On the row with m1/SERVICE_QUOTA(m1)*100, under Actions, choose the alarm icon. It looks like a bell. The alarm creation page appears. Under Conditions, ensure that Threshold type is Static and Whenever Expression1 is is set to Greater. Under than, enter 80. This creates an alarm that goes into ALARM state when your usage exceeds 80 percent of the quota. Choose Next. On the next page, select an Amazon SNS topic or create a new one, and then choose Next. The topic you select is notified when the alarm goes to ALARM state.
Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, and set alarms.
AWS Trusted Advisor
Along comes the Trusted Advisor (TA) tool, another AWS service with the goal of providing help by monitoring AWS resource limits and usage.
The Service Quotas console is a browser-based interface that you can use to view and manage your service quotas.
You can use Service Quotas console to view and request increases for most AWS quotas. Important: Most service quotas are specific to an AWS Region. Select the AWS Region where you require the quota increase in.
|
