Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

AWS ECS Workshop A Journey to Modern Applications

272 views

Published on

近年來,各企業為了快速應對商業挑戰,不僅在業務行為上做出很多嘗試,同時在IT應用環境上也因應這樣的挑戰而掀起了很多新的技術應用,容器(Container)技術應用與微服務是當前各企業所擁抱的熱門話題。

尤其以數位化為目標的企業,多數希望運用容器技術實踐微服務、批次處理、應用程式遷移至雲端、混合應用程式以及持續整合(CI)和持續部署(CD),讓以往動輒需時半年以上的應用系統版本更新週期,得以縮短到每天、甚至是即時地提出更貼近消費者喜好的服務,藉此贏得商機。

微服務的設計痛點在於每個服務邊界掌握,透過這次的工作坊,我們將帶領每位參與者,使用Amazon Elastic Container Service (Amazon ECS) 以 Fargate無伺服器模式部署運行容器應用程式,帶著大家一起探討如何捕捉業務應用系統邊界,挑選合適的功能轉型成微服務設計。以Domain Driven Design(領域驅動設計)為核心的戰略思考角度,幫助你作出微服務設計的關鍵決定,讓應用系統在技術轉型同時,能夠順應各種變化,滿足業務需求,提供更真切的服務設計維度。

  • Be the first to comment

AWS ECS Workshop A Journey to Modern Applications

  1. 1. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Welcome! AWS https://bit.ly/2u4GWWU
  2. 2. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Jayson Hsieh March 2019 AWS ECS Workshop A Journey to Modern Applications
  3. 3. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential What changes have to be made in this new world? Architectural patterns Operational model Software delivery
  4. 4. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Changes to the architectural patterns
  5. 5. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential When the impact of change is small, release velocity can increase Monolith Does everything Microservices Do one thing
  6. 6. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Mobile client Client IoT Microservices architectures API Gateway Account DB Shipping DB Inventory DB Store Front Web App Account Lookup Shipment Query Inventory Query
  7. 7. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Cloud-native architectures are small pieces, loosely joined
  8. 8. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Changes to the operational model
  9. 9. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Isn’t all of this very hard now that we have lots of pieces to operate?
  10. 10. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential What is serverless? No infrastructure provisioning, no management Automatic scaling Pay for value Highly available and secure
  11. 11. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential AWS Lambda AWS Fargate Amazon API Gateway Amazon SNS Amazon SQS AWS Step Functions COMPUTE DATA STORES INTEGRATION Amazon Aurora Serverless Amazon S3 Amazon DynamoDB AWS AppSync
  12. 12. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Changes to the delivery of software
  13. 13. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential How do I develop and deploy code in a serverless microservices architecture?
  14. 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Microservice development lifecycle developers services monitorreleasetestbuild delivery pipelines monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild
  15. 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Best practices (microservices, 2 pizza teams) (governance, templates)
  16. 16. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Containers are the best on ramp towards modern applications
  17. 17. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Typical use cases • Microservices: Java, Node.js, Go, Web Apps, etc. • Continuous Integration and Continuous Deployment (CICD) • Batch Processing and ETL jobs • Common PaaS Stack for Application Deployment • Legacy Application Migration to the Cloud • Hybrid Workloads • AI/ML • Scale Testing • Backend for IoT use cases
  18. 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Container Services landscape MANAGEMENT Deployment, scheduling, scaling & management of containerized applications HOSTING Where the containers run IMAGE REGISTRY Container image repository
  19. 19. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Amazon Elastic Container Service
  20. 20. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Scheduling and Orchestration Cluster Manager Placement Engine ECS
  21. 21. Amazon ECS EC2 INSTANCES LOAD BALANCER ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER Internet
  22. 22. Amazon ECS - Cluster EC2 INSTANCES LOAD BALANCER Internet ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER
  23. 23. Amazon ECS - Task EC2 INSTANCES LOAD BALANCER Internet ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER
  24. 24. Amazon ECS - Service EC2 INSTANCES LOAD BALANCER Internet ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER
  25. 25. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential AWS Fargate
  26. 26. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Without Fargate, you end up managing more than just containers EC2 Instance ECS Agent Docker Agent OS
  27. 27. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential - Patching and Upgrading OS, agents, etc. - Scaling the instance fleet for optimal utilization
  28. 28. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Amazon Elastic Container Service
  29. 29. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Amazon Elastic Container Service AWS Fargate run serverless containers
  30. 30. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Your containerized applications Managed by AWS No EC2 Instances to provision, scale or manage Elastic Scale up & down seamlessly. Pay only for what you use Integrated with the AWS ecosystem: VPC Networking, Elastic Load Balancing, IAM Permissions, CloudWatch and more AWS Fargate
  31. 31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Define application containers: Image URL, CPU & memory requirements, etc. register Task Definition create Cluster • Infrastructure Isolation boundary • IAM Permissions boundary run Task • A running instantiation of a task definition • Use FARGATE launch type create Service Elastic Load Balancer • Maintain n running copies • Integrated with ELB • Unhealthy tasks automatically replaced Constructs when using Fargate with ECS
  32. 32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Decide if Fargate should be your launch type --launch-type FARGATE
  33. 33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Which launch type should I use?
  34. 34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Use cases that need Amazon Elastic Container Service EC2 launch type
  35. 35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Web Shopping Cart Notifications Availability Zone 1 Availability Zone 2 Availability Zone 3 Task Task Task Task ECS Cluster Task Task Task Task Task Task Task Task EC2 and Fargate launch type co-exist! Task Task Task Task Task Task Task Task Task Task Task Task
  36. 36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. For Fargate, cluster is an administrative boundary
  37. 37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Permission tiers Cluster Permissions Application Permissions Task Housekeeping Permissions Cluster Fargate Task Cluster permissions: Who can run/see tasks in the cluster? Application (task) permissions: Which of my AWS resources can this application access? Housekeeping permissions: What permissions do I want to grant ECS to perform? For example • ECR image pull • CloudWatch Logs pushing • ENI creation • Register/deregister targets into ELB
  38. 38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Managing multiple environments NotificationsWeb Shopping Cart PROD CLUSTER NotificationsWeb Shopping Cart BETA CLUSTER NotificationsWeb Shopping Cart QA CLUSTER NotificationsWeb Shopping Cart DEV CLUSTER
  39. 39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Networking
  40. 40. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Managing networking for your environments • Task level • All Fargate Tasks run in awsvpc networking mode—i.e., each task gets its own interface • Full control of network access via Security Groups and Network ACLs • Public IP support • Service level • Recommended: Deploy services across multiple subnets for high availability • Subnets<->Availability Zone have 1 to 1 mapping
  41. 41. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Managing networking for your environments (cont’d.) • Cluster level
  42. 42. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Managing compliant workloads
  43. 43. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Customers using Fargate at scale
  44. 44. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Let’s get our hands dirty!
  45. 45. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential The architecture we’re going to build Application Load Balancer Traffic listener (port 80) Target group Tasks Fargate service ECR repository Build Image Push Image Deploy
  46. 46. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Let’s get our hands dirty! https://bit.ly/2NZDcz3
  47. 47. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential ECS Fargate CI/CD
  48. 48. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential CI/CD with AWS Services AWS CodePipeline AWS CodeCommitAWS Cloud9 AWS CodeBuild Push code Trigger Pipeline Amazon Elastic Container Service AWS Fargate Amazon EC2 Container Registry Trigger Build Save Image Trigger Deploy 1 2 3 4 5 Deploy Image 6
  49. 49. Continuous Delivery to Amazon ECS with Jenkins 4. Push image to Amazon ECR 2. Build image from sources 3. Run test on image 1. Code push triggers build 5. Update service 6. Pull image
  50. 50. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential THANK YOU https://aws.amazon.com/containers

×