We're running around 17,000 AWS Batch jobs daily on Fargate in awsvpc mode, and I've observed a significant fluctuation in the volume of AWS::EC2::NetworkInterface events recorded in AWS Config. We see thousands of ResourceDiscovered and ResourceDeleted events each day, but the count varies widely—from about 200 to 17,000 on any given day—even though the number of jobs remains roughly the same.
The jobs run for a max of 1.5 hours, so none of them span over midnight. My theory is that Fargate might be reusing ENIs between tasks, which could explain why some days have fewer Config events despite consistent job numbers. However, I couldn't find any official AWS documentation to back this up.
I'm curious if anyone can clarify:
1. Do Fargate tasks actually reuse ENIs between runs, and if so, what determines the size of that pool?
2. Is there another reason for the drastic variation in ENI Config events day to day, regardless of job count?
3 Answers
A practical approach could be to check CloudTrail for events like CreateNetworkInterface, AttachNetworkInterface, DetachNetworkInterface, and DeleteNetworkInterface. This will show you the sequential ENI IDs. Then, examine ECS task events like RunTask and StartTask to see if they correlate with specific ENI IDs. This information can give you insights into what's happening on the ENI level.
Based on my experience, every task typically gets a unique ENI ID. So, from Config’s perspective, each of those would count as separate events, whether or not there's some sort of hardware reuse going on behind the scenes. It seems safe to assume that.
It might be worth considering that if some tasks finish really quickly on certain days, they might not register with the config event poller. Are there specific patterns on days where you get fewer or more ENIs? Also, are you confident that the Fargate tasks are starting as planned on those days? Sometimes, they can fail to trigger or run into API limits that might cause discrepancies. Honestly, I would think it’s unlikely that Fargate would reuse ENIs due to potential security issues.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures