ECS Explained

What are containers and Dockers:

A container is a package that contains an application, libraries, runtime and tools required to run it.

Run on a container engine like docker.

Provides the isolation benefits of virtualization with less overhead and faster start than VMs.

Containerized applications are portable and offer a consistent environment.

Containerized applications–Allocates memory and CPU per container. There is no hypervisor.

What is ECS:

  • ECS is managed container orchestration service.
  • Create clusters to manage fleet of container deployments.
  • ECS manages EC2 or Fargate instances (no EC2)
  • Schedules containers for Optimul placements.
  • Defines Rules for CPU and Memory requirements.
  • Monitors resource utilization.
  • ECS is free.
  • ECS also integrates with your VPCs, Security group and ECS volumes and ELB.
  • ECS also integrates with cloudtrail and CloudWatch.

What are ECS Components:

There are six basic ECS components:

  1. Cluster: Logical collection of ECS resources-either EC2 instances or Fargate instances.
  2. Task Definition: Defines your application. Similar to a Dockerfile but running containers in ECS. Can contain multiple containers.
  3. Container Definition: Inside a task definition, it defines the individual containers a task uses.Controls CPU and memory allocations and port mappings.
  4. Task: Single Running copy of any containers defined by a task definition. One working copy of an applications(eg DB and Web containers).
  5. Service:Allows task definition to be scaled by adding tasks.Defines minimum and maximum rules.
  6. Registry: Storage for container images (example Elastic container registry(ECR) or Docker Hub.Used to download images to create containers.

What is Fargate:

  • Fargate is Serverless container engine.
  • Fargate eliminates the need to provision and manage servers.
  • Specify and pay for resources per application.
  • Works with both ECS and EKS.
  • Each workload runs in its own kernel.
  • Isolation and Security.

AWS Fargate is a compute engine for ECS that removes the need to configure, manage, and scale EC2 instances. Fargate ensures Availability Zone spread while removing the complexity of managing EC2 infrastructure and works to ensure that Tasks in a Replica Service are balanced across Availability Zones. For RunTask launches with a Fargate launch type Fargate will look to spread Task placement across all available Availability Zones ensuring even distribution of the Task Definition Family that the Task belongs to. By leveraging Fargate, you are able to sidestep the undifferentiated heavy lifting of owning and managing infrastructure allowing you to focus on delivering applications to delight your customers.

When to choose between EC2 instances or Fargate Instances:

Choose EC2 instances if: Compliance requirements that necessitates EC2 instances, if any application requires broader customization, if application requires access to GPU.

What is EKS:

  • EKS is Elastic Kubernetes Service.
  • Kubernetes is open source software that lets you deploy and manage containerized applications at scale.
  • EKS lets you use same toolset on premises and in cloud.
  • Containers are grouped in PODS.
  • Like ECS, EKS supports both EC2 and Fargate .

Why to use EKS: If already using Kubernetes or if already using kubernets and migrate to AWS, then consider EKS.

ECR: ECR is Elastic Container Registry.

  • ECR is managed Docker container registry.
  • Store, manage and Deploy images.
  • Integrated with ECS and EKS.
  • Works with On premise deployments.
  • Highly available.
  • Integrated with IAM.
  • Pay for storage and Data transfer.

ECS with Elastic Load Balancer:

  • Distributes traffic evenly across tasks in your service.
  • Supports ALB, NLB, CLB.
  • Use ALB to route HTTP/HTTPS (Layer 7 traffic)
  • Use ALB or CLB to route TCP (Layer 4 traffic).
  • Supported by both EC2 and Fargate Launch Types.

ALB allows :

  • Dynamic host port mapping.
  • Path based Routing.
  • Priority Rules.
  • ALB is recommended over NLB or CLB.

Security in ECS:

Task Role—Applies policy per task instead of applying policies to all tasks running on that EC2 instance.

Also Refer:

Be the first to comment

Leave a Reply

Your email address will not be published.