SlideShare a Scribd company logo

Amazon Amazon Elastic Container Service (Amazon ECS)

Amazon Web Services
Amazon Web Services

AWS Builders' Days

1 of 60
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Paul Maddox - @paulmaddox Developer Technologies, AWS January 2018 (Nordic Dev Days) Amazon ECS Deep Dive From zero to production
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. About me Paul Maddox Specialist Solutions Architect Amazon Web Services • 16 years of dev, SRE, and systems architecture background • 7 of 7 8 AWS certifications • Developer: Go/Java/C/Node Twitter: @paulmaddox Email: pmaddox@amazon.com @paulmaddox Paul
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What to expect from this talk • Build and deploy a containerized microservices application • Twitter analyzer • Go, RPC, Amazon Kinesis Firehose, AWS SSM Parameter Store • Amazon ECS • Deployment • Availability • Cost optimization • Scaling • Security • Monitoring & logging
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key Components Development cluster Container instance Container instance Container instance Production cluster Container instance Container instance Container instance Amazon Elastic Container Service (Amazon ECS) Container Container Volume Task definition Amazon Elastic Container Registry (Amazon ECR)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key Components Development cluster Container instance Container instance Container instance Production cluster Container instance Container instance Container instance Amazon Elastic Container Service (Amazon ECS) Container Container Volume Task definition Amazon EC2 Container Registry (Amazon ECR) NEW NEW
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: ECS AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided. Deployment Security Patching Monitoring Scaling Availability Cost Control $ aws ecs create-cluster --cluster-name dev AWS Customer
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: ECR Deployment Security Cost Control AWS Customer Monitoring Scaling Availability Patching AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: Container Instances Development cluster Cluster instance Cluster instance Cluster instance Deployment Cost Control Patching Monitoring Scaling Availability Security AWS Customer AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Container Instances: Building Blocks Provided Deployment Security Patching Monitoring Scaling Availability Cost Control CloudFormation Update your AMI, replace instances CloudWatch Auto Scaling group Reserved Instances CLI SDKs etc... IAM Inspector VPC Flow Logs etc... Spot Fleet
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: Tasks & Containers Container Container Volume Deployment Security Patching Monitoring Scaling Availability Logging AWS Customer AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployment
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How Should I Set This Up? Use the AWS Management Console?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How Should I Set This Up? Flex your scripting skills? What happens if my script fails halfway through? How long should I pause? How do I upgrade / roll back?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployments should be: - A self-contained, deployable unit - Repeatable - Auditable - Self-documenting
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CloudFormation: Infrastructure-as-Code
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Time to deploy! …or…
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Time to update… …or…
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. When a new environment is required… …or…
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CLI ECR CloudFormation (YAML) Resources: MyRepository: Type: AWS::ECR::Repository Properties: Name: myapp
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Using ECR Use AWS CLI to perform ‘docker login’ Tip: Use the Amazon ECR Credential Helper for automatic logins https://github.com/awslabs/amazon-ecr-credential-helper
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CLI ECS Cluster CloudFormation (YAML) Resources: ECSCluster: Type: AWS::ECS::Cluster Properties: ClusterName: preprod
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS Container Instances • Highly available architecture, distributed across multiple Availability Zones • VPC with public and private subnets • Application Load Balancer with path based routing for inbound traffic • NAT gateways for outbound traffic • Auto Scaling group of container instances • CloudWatch Logs for centralized container logging Private Subnet Availability Zone Availability Zone Internet Gateway Public Subnet Public Subnet Private Subnet Nat GatewayNat Gateway AutoScaling GroupContainer InstanceContainer Instance Container InstanceContainer Instance Application Load Balancer CloudWatch Logs (container logs)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Inbound Traffic • Incoming HTTP/HTTPS traffic comes in via the Application Load Balancer (ALB) in public subnets • The ALB uses path based routing to route /products/* to the container instances in private subnets running our product’s service • Supports dynamic host port mapping, allowing multiple containers of the same type on each host Internet Gateway AutoScaling Group Container Instance Container Instance Application Load Balancer
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Outbound Traffic • Our container instances are in private subnets, with no direct internet access • At some point, they might need access to external services • NAT gateways provide a highly scalable and available solution Private Subnet Internet Gateway Public Subnet Public Subnet Private Subnet Nat GatewayNat Gateway Container Instance Container Instance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Logging Container Instance Container Instance CloudWatch Logs (container logs) • ECS integrates directly with CloudWatch Logs (as well as others) • Centralized collection of container logs • Centralized collection of instance logs • Search, filter, and alert on log conditions • (more to come later…)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. tl;dr - ECS Reference Architecture on GitHub https://github.com/awslabs/ecs-refarch-cloudformation
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. hands-on-demo (because slides are boring)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Let's build an application
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Parameter Store (for Twitter Credentials) Overview Tweet Collector Twitter API Tweet Archiver Kinesis Firehose Amazon S3 (archive) AWS Lambda (realtime) Elasticsearch (analyze)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Microservices and RPC at Twitch • Used for inter-service communication • Structured RPCs are much easier to design and maintain compared to REST • Focus on data models, not transports/routing • Works with protobufs or JSON • HTTP/1 compatible (unlike gRPC) • Simplicity https://blog.twitch.tv/twirp-a- sweet-new-rpc-framework-for- go-5f2febbf35f
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RPC with Twitch Twirp • Write a spec describing your API (using protobufs) • Generate a client and server from the specification • Limited to Go today, but more language support in progress. • (hands-on demo in a few slides)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tweet Collector • Written in Go • Uses Twitter API to subscribe to search terms • Environment variables: • SEARCH_TERMS • ARCHIVE_ENDPOINT • IAM role: • AWS SSM Parameter Store (for Twitter API credentials) • Sends tweets to archiving service via client SDK generated by Twitch Twirp. AWS Parameter Store (for Twitter Credentials) Tweet Collector
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tweet Archiver • Written in Go • Hosts RPC server that receives tweets • Sends tweets to Amazon Kinesis via aws-sdk-go • Environment variables • KINESIS_STREAM_NAME • IAM role • Write access to Kinesis stream • Responds with Kinesis sequence number or error Tweet Archiver Kinesis Firehose
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Local • Run locally with docker- compose • Logs to stdout/stderr • Local AWS credentials • Build/push containers Development Workflow AWS • Deploy to ECS with CloudFormation • Logs in AWS CloudTrail Logs • IAM Task Role • Metrics in CloudWatch
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. https://github.com/paulmaddox/rpc-demo
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Taking it further • Sentiment analysis with Amazon Comprehend • Dashboards with Amazon Quicksight https://aws.amazon.com/blo gs/machine-learning/build-a- social-media-dashboard- using-machine-learning-and- bi-services
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What else do we need for production?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cost Optimization
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Reserved Instances Up to 75% Savings* • Use Auto Scaling groups • Reserve ECS container instances when you have known baseline capacity requirements. • Use On-Demand pricing for capacity peaks. * Dependent on specific AWS service, size/type, and region
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Spot Instances Up to 90% Savings* • Use Spot Fleet to maintain instance availability and define cluster based on required CPU/memory. * Compared to On-Demand price based on specific EC2 instance type, region, and Availability Zone
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multiple ECS Clusters Creating multiple ECS clusters is easy, and often more cost efficient. Consider availability and compute requirements. Example: Development Cluster Spot Fleet Example: Production Cluster Auto Scaling group with Reserved Instances for baseline and On-Demand for capacity peaks Example: Batch Processing Cluster Spot Fleet of GPU Instances
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scaling
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scaling ECS Container Instances Automatically Min Desired Scale out as needed Max • Use Auto Scaling groups • Set Auto Scaling group min, max, desired • Scale in and out based on CloudWatch alarms
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scaling ECS Container Instances Automatically Tip Use the ECS cluster MemoryReservation CloudWatch metric Tutorial: Scaling Container Instances with CloudWatch Alarms
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Application Auto Scaling for ECS Services
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Application Auto Scaling for ECS Services
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Patching ECS Container Instances ECSLaunchConfiguration: Type: AWS::AutoScaling::LaunchConfiguration Properties: ImageId: ami-1924770e ECSAutoScalingGroup: Type: AWS::AutoScaling::AutoScalingGroup Properties: MinSize: 2 MaxSize: 8 DesiredCapacity: 2 AutoScalingRollingUpdate: MinInstancesInService: 2 MaxBatchSize: 2 PauseTime: PT15M WaitOnResourceSignals: true 1. Ensure you have an AutoScalingRollingUpdate policy on your Auto Scaling group 2. Update the AMI in your CloudFormation template 3. aws cloudformation update-stack 4. Let CloudFormation perform a rolling update to your ECS container instances
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Patching Containers
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Minimal Containers • Use the smallest FROM base container to minimize surface attack • FROM scratch is ideal for Go and other languages that compile a (near) static binary
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IAM Roles IAM roles for container instances: • Bound to the ECS container instance • Applies to all containers running on the host • Pulling images from ECR • CloudWatch Logs IAM roles for tasks: • Bound to specific ECS tasks • Task-specific access to AWS services Tip Use principle of least privilege – prefer IAM roles for tasks where applicable
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring & Logging
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring with CloudWatch
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring with CloudWatch
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Prometheus https://github.com/slok/ecs-exporter
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized Logging with CloudWatch Logs • Defined within the task definition • Available log drivers • awslogs • fluentd • gelf • journald • json-file • splunk • Syslog
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized Logging with CloudWatch Logs
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tip: Use Metric Filters with CloudWatch Logs 5
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Everything about everything ECS. https://github.com/nathanpeck/awesome-ecs
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you

Recommended

Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and SchedulingAmazon Web Services
 
Containers State of the Union
Containers State of the UnionContainers State of the Union
Containers State of the UnionAmazon Web Services
 
Building Global Serverless Backends
Building Global Serverless BackendsBuilding Global Serverless Backends
Building Global Serverless BackendsAmazon Web Services
 
Deep Dive into AWS Fargate
Deep Dive into AWS FargateDeep Dive into AWS Fargate
Deep Dive into AWS FargateAmazon Web Services
 
Serverless Architectural Patterns
Serverless Architectural PatternsServerless Architectural Patterns
Serverless Architectural PatternsAmazon Web Services
 
Amazon ECS Deep Dive
Amazon ECS Deep DiveAmazon ECS Deep Dive
Amazon ECS Deep DiveAmazon Web Services
 
State of the Union: Containers on AWS
State of the Union: Containers on AWSState of the Union: Containers on AWS
State of the Union: Containers on AWSAmazon Web Services
 
How To Run Your Containers on AWS with ECS & Fargate: Collision 2018
How To Run Your Containers on AWS with ECS & Fargate: Collision 2018How To Run Your Containers on AWS with ECS & Fargate: Collision 2018
How To Run Your Containers on AWS with ECS & Fargate: Collision 2018Amazon Web Services
 

Recommended

Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and SchedulingAmazon Web Services
 
Containers State of the Union
Containers State of the UnionContainers State of the Union
Containers State of the UnionAmazon Web Services
 
Building Global Serverless Backends
Building Global Serverless BackendsBuilding Global Serverless Backends
Building Global Serverless BackendsAmazon Web Services
 
Deep Dive into AWS Fargate
Deep Dive into AWS FargateDeep Dive into AWS Fargate
Deep Dive into AWS FargateAmazon Web Services
 
Serverless Architectural Patterns
Serverless Architectural PatternsServerless Architectural Patterns
Serverless Architectural PatternsAmazon Web Services
 
Amazon ECS Deep Dive
Amazon ECS Deep DiveAmazon ECS Deep Dive
Amazon ECS Deep DiveAmazon Web Services
 
State of the Union: Containers on AWS
State of the Union: Containers on AWSState of the Union: Containers on AWS
State of the Union: Containers on AWSAmazon Web Services
 
How To Run Your Containers on AWS with ECS & Fargate: Collision 2018
How To Run Your Containers on AWS with ECS & Fargate: Collision 2018How To Run Your Containers on AWS with ECS & Fargate: Collision 2018
How To Run Your Containers on AWS with ECS & Fargate: Collision 2018Amazon Web Services
 
Serverless Developer Experience
Serverless Developer ExperienceServerless Developer Experience
Serverless Developer ExperienceAmazon Web Services
 
Intro to Amazon ECS
Intro to Amazon ECSIntro to Amazon ECS
Intro to Amazon ECSAmazon Web Services
 
Advanced Container Scheduling
Advanced Container SchedulingAdvanced Container Scheduling
Advanced Container SchedulingAmazon Web Services
 
Deep Dive on Serverless Application Development
Deep Dive on Serverless Application DevelopmentDeep Dive on Serverless Application Development
Deep Dive on Serverless Application DevelopmentAmazon Web Services
 
Advanced Serverless Apps With Step Functions
Advanced Serverless Apps With Step FunctionsAdvanced Serverless Apps With Step Functions
Advanced Serverless Apps With Step FunctionsAmazon Web Services
 
Getting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSGetting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSAmazon Web Services
 
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateDeep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateAmazon Web Services
 
Getting Started with Docker on AWS
Getting Started with Docker on AWSGetting Started with Docker on AWS
Getting Started with Docker on AWSAmazon Web Services
 
AWS Containers Day.pdf
AWS Containers Day.pdfAWS Containers Day.pdf
AWS Containers Day.pdfAmazon Web Services
 
Introducing AWS Fargate
Introducing AWS FargateIntroducing AWS Fargate
Introducing AWS FargateAmazon Web Services
 
Running Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSRunning Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSAmazon Web Services
 
Getting Started with Amazon EC2 Container Service
Getting Started with Amazon EC2 Container ServiceGetting Started with Amazon EC2 Container Service
Getting Started with Amazon EC2 Container ServiceAmazon Web Services
 
Building CI-CD Pipelines for Serverless Applications
Building CI-CD Pipelines for Serverless ApplicationsBuilding CI-CD Pipelines for Serverless Applications
Building CI-CD Pipelines for Serverless ApplicationsAmazon Web Services
 
Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and SchedulingAmazon Web Services
 
Deep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveDeep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveAmazon Web Services
 
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019AWS Summits
 
Containers on AWS: An Introduction
Containers on AWS: An IntroductionContainers on AWS: An Introduction
Containers on AWS: An IntroductionAmazon Web Services
 
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...Amazon Web Services
 
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAmazon Web Services
 
Amazon Elastic Container Service (ECS)
Amazon Elastic Container Service (ECS)Amazon Elastic Container Service (ECS)
Amazon Elastic Container Service (ECS)Andrew Dixon
 
Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018
Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018
Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018AWS Germany
 
Containers on AWS
Containers on AWSContainers on AWS
Containers on AWSAmazon Web Services
 

More Related Content

What's hot

Deep Dive on Serverless Application Development
Deep Dive on Serverless Application DevelopmentDeep Dive on Serverless Application Development
Deep Dive on Serverless Application DevelopmentAmazon Web Services
 
Advanced Serverless Apps With Step Functions
Advanced Serverless Apps With Step FunctionsAdvanced Serverless Apps With Step Functions
Advanced Serverless Apps With Step FunctionsAmazon Web Services
 
Getting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSGetting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSAmazon Web Services
 
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateDeep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateAmazon Web Services
 
Getting Started with Docker on AWS
Getting Started with Docker on AWSGetting Started with Docker on AWS
Getting Started with Docker on AWSAmazon Web Services
 
Running Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSRunning Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSAmazon Web Services
 
Getting Started with Amazon EC2 Container Service
Getting Started with Amazon EC2 Container ServiceGetting Started with Amazon EC2 Container Service
Getting Started with Amazon EC2 Container ServiceAmazon Web Services
 
Building CI-CD Pipelines for Serverless Applications
Building CI-CD Pipelines for Serverless ApplicationsBuilding CI-CD Pipelines for Serverless Applications
Building CI-CD Pipelines for Serverless ApplicationsAmazon Web Services
 
Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and SchedulingAmazon Web Services
 
Deep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveDeep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveAmazon Web Services
 
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019AWS Summits
 
Containers on AWS: An Introduction
Containers on AWS: An IntroductionContainers on AWS: An Introduction
Containers on AWS: An IntroductionAmazon Web Services
 
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...Amazon Web Services
 
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAmazon Web Services
 
Amazon Elastic Container Service (ECS)
Amazon Elastic Container Service (ECS)Amazon Elastic Container Service (ECS)
Amazon Elastic Container Service (ECS)Andrew Dixon
 

What's hot (20)

Serverless Developer Experience
Serverless Developer ExperienceServerless Developer Experience
Serverless Developer Experience
 
Intro to Amazon ECS
Intro to Amazon ECSIntro to Amazon ECS
Intro to Amazon ECS
 
Advanced Container Scheduling
Advanced Container SchedulingAdvanced Container Scheduling
Advanced Container Scheduling
 
Deep Dive on Serverless Application Development
Deep Dive on Serverless Application DevelopmentDeep Dive on Serverless Application Development
Deep Dive on Serverless Application Development
 
Advanced Serverless Apps With Step Functions
Advanced Serverless Apps With Step FunctionsAdvanced Serverless Apps With Step Functions
Advanced Serverless Apps With Step Functions
 
Getting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSGetting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWS
 
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateDeep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
 
Getting Started with Docker on AWS
Getting Started with Docker on AWSGetting Started with Docker on AWS
Getting Started with Docker on AWS
 
AWS Containers Day.pdf
AWS Containers Day.pdfAWS Containers Day.pdf
AWS Containers Day.pdf
 
Introducing AWS Fargate
Introducing AWS FargateIntroducing AWS Fargate
Introducing AWS Fargate
 
Running Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSRunning Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWS
 
Getting Started with Amazon EC2 Container Service
Getting Started with Amazon EC2 Container ServiceGetting Started with Amazon EC2 Container Service
Getting Started with Amazon EC2 Container Service
 
Building CI-CD Pipelines for Serverless Applications
Building CI-CD Pipelines for Serverless ApplicationsBuilding CI-CD Pipelines for Serverless Applications
Building CI-CD Pipelines for Serverless Applications
 
Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and Scheduling
 
Deep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveDeep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep Dive
 
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
 
Containers on AWS: An Introduction
Containers on AWS: An IntroductionContainers on AWS: An Introduction
Containers on AWS: An Introduction
 
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...
Moving to Containers: Building with Docker and Amazon ECS - CON310 - re:Inven...
 
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWS
 
Amazon Elastic Container Service (ECS)
Amazon Elastic Container Service (ECS)Amazon Elastic Container Service (ECS)
Amazon Elastic Container Service (ECS)
 

Similar to Amazon Amazon Elastic Container Service (Amazon ECS)

Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018
Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018
Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018AWS Germany
 
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Amazon Web Services
 
CON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSCON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSAmazon Web Services
 
Serverless use cases with AWS Lambda
Serverless use cases with AWS Lambda Serverless use cases with AWS Lambda
Serverless use cases with AWS Lambda Boaz Ziniman
 
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017Amazon Web Services
 
Semplificare la gestione dei container con i servizi AWS
Semplificare la gestione dei container con i servizi AWSSemplificare la gestione dei container con i servizi AWS
Semplificare la gestione dei container con i servizi AWSAmazon Web Services
 
Genomics on aws-webinar-april2018
Genomics on aws-webinar-april2018Genomics on aws-webinar-april2018
Genomics on aws-webinar-april2018Brendan Bouffler
 
Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...
Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...
Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...Amazon Web Services
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 
Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...
Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...
Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...Amazon Web Services
 
Getting Started with Containers on AWS
Getting Started with Containers on AWSGetting Started with Containers on AWS
Getting Started with Containers on AWSAmazon Web Services
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesAmazon Web Services
 
High-Throughput Genomics on AWS - LFS309 - re:Invent 2017
High-Throughput Genomics on AWS - LFS309 - re:Invent 2017High-Throughput Genomics on AWS - LFS309 - re:Invent 2017
High-Throughput Genomics on AWS - LFS309 - re:Invent 2017Amazon Web Services
 

Similar to Amazon Amazon Elastic Container Service (Amazon ECS) (20)

Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018
Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018
Deep Dive on Amazon Elastic Container Service (ECS) I AWS Dev Day 2018
 
Containers on AWS
Containers on AWSContainers on AWS
Containers on AWS
 
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
 
CON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSCON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWS
 
Serverless use cases with AWS Lambda
Serverless use cases with AWS Lambda Serverless use cases with AWS Lambda
Serverless use cases with AWS Lambda
 
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
 
ARC205_Born in the Cloud
ARC205_Born in the CloudARC205_Born in the Cloud
ARC205_Born in the Cloud
 
Semplificare la gestione dei container con i servizi AWS
Semplificare la gestione dei container con i servizi AWSSemplificare la gestione dei container con i servizi AWS
Semplificare la gestione dei container con i servizi AWS
 
Genomics on aws-webinar-april2018
Genomics on aws-webinar-april2018Genomics on aws-webinar-april2018
Genomics on aws-webinar-april2018
 
Serverless DevOps to the Rescue
Serverless DevOps to the RescueServerless DevOps to the Rescue
Serverless DevOps to the Rescue
 
Building Web Apps on AWS
Building Web Apps on AWSBuilding Web Apps on AWS
Building Web Apps on AWS
 
AWS Serverless Development
AWS Serverless DevelopmentAWS Serverless Development
AWS Serverless Development
 
AWS 容器服務入門實務
AWS 容器服務入門實務AWS 容器服務入門實務
AWS 容器服務入門實務
 
Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...
Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...
Leo Zhadanovsky - Building Web Apps with AWS CodeStar and AWS Elastic Beansta...
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security Baseline
 
Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...
Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...
Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...
 
Getting Started with Containers on AWS
Getting Started with Containers on AWSGetting Started with Containers on AWS
Getting Started with Containers on AWS
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
 
Introduction to Serverless
Introduction to ServerlessIntroduction to Serverless
Introduction to Serverless
 
High-Throughput Genomics on AWS - LFS309 - re:Invent 2017
High-Throughput Genomics on AWS - LFS309 - re:Invent 2017High-Throughput Genomics on AWS - LFS309 - re:Invent 2017
High-Throughput Genomics on AWS - LFS309 - re:Invent 2017
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Amazon Amazon Elastic Container Service (Amazon ECS)

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Paul Maddox - @paulmaddox Developer Technologies, AWS January 2018 (Nordic Dev Days) Amazon ECS Deep Dive From zero to production
  • 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. About me Paul Maddox Specialist Solutions Architect Amazon Web Services • 16 years of dev, SRE, and systems architecture background • 7 of 7 8 AWS certifications • Developer: Go/Java/C/Node Twitter: @paulmaddox Email: pmaddox@amazon.com @paulmaddox Paul
  • 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What to expect from this talk • Build and deploy a containerized microservices application • Twitter analyzer • Go, RPC, Amazon Kinesis Firehose, AWS SSM Parameter Store • Amazon ECS • Deployment • Availability • Cost optimization • Scaling • Security • Monitoring & logging
  • 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key Components Development cluster Container instance Container instance Container instance Production cluster Container instance Container instance Container instance Amazon Elastic Container Service (Amazon ECS) Container Container Volume Task definition Amazon Elastic Container Registry (Amazon ECR)
  • 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key Components Development cluster Container instance Container instance Container instance Production cluster Container instance Container instance Container instance Amazon Elastic Container Service (Amazon ECS) Container Container Volume Task definition Amazon EC2 Container Registry (Amazon ECR) NEW NEW
  • 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: ECS AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided. Deployment Security Patching Monitoring Scaling Availability Cost Control $ aws ecs create-cluster --cluster-name dev AWS Customer
  • 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: ECR Deployment Security Cost Control AWS Customer Monitoring Scaling Availability Patching AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided.
  • 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: Container Instances Development cluster Cluster instance Cluster instance Cluster instance Deployment Cost Control Patching Monitoring Scaling Availability Security AWS Customer AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided.
  • 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Container Instances: Building Blocks Provided Deployment Security Patching Monitoring Scaling Availability Cost Control CloudFormation Update your AMI, replace instances CloudWatch Auto Scaling group Reserved Instances CLI SDKs etc... IAM Inspector VPC Flow Logs etc... Spot Fleet
  • 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Component: Tasks & Containers Container Container Volume Deployment Security Patching Monitoring Scaling Availability Logging AWS Customer AWS is responsible for operations of the cloud You are responsible for operations in the cloud using the building blocks provided.
  • 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployment
  • 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How Should I Set This Up? Use the AWS Management Console?
  • 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How Should I Set This Up? Flex your scripting skills? What happens if my script fails halfway through? How long should I pause? How do I upgrade / roll back?
  • 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployments should be: - A self-contained, deployable unit - Repeatable - Auditable - Self-documenting
  • 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CloudFormation: Infrastructure-as-Code
  • 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Time to deploy! …or…
  • 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Time to update… …or…
  • 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. When a new environment is required… …or…
  • 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CLI ECR CloudFormation (YAML) Resources: MyRepository: Type: AWS::ECR::Repository Properties: Name: myapp
  • 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Using ECR Use AWS CLI to perform ‘docker login’ Tip: Use the Amazon ECR Credential Helper for automatic logins https://github.com/awslabs/amazon-ecr-credential-helper
  • 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CLI ECS Cluster CloudFormation (YAML) Resources: ECSCluster: Type: AWS::ECS::Cluster Properties: ClusterName: preprod
  • 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS Container Instances • Highly available architecture, distributed across multiple Availability Zones • VPC with public and private subnets • Application Load Balancer with path based routing for inbound traffic • NAT gateways for outbound traffic • Auto Scaling group of container instances • CloudWatch Logs for centralized container logging Private Subnet Availability Zone Availability Zone Internet Gateway Public Subnet Public Subnet Private Subnet Nat GatewayNat Gateway AutoScaling GroupContainer InstanceContainer Instance Container InstanceContainer Instance Application Load Balancer CloudWatch Logs (container logs)
  • 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Inbound Traffic • Incoming HTTP/HTTPS traffic comes in via the Application Load Balancer (ALB) in public subnets • The ALB uses path based routing to route /products/* to the container instances in private subnets running our product’s service • Supports dynamic host port mapping, allowing multiple containers of the same type on each host Internet Gateway AutoScaling Group Container Instance Container Instance Application Load Balancer
  • 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Outbound Traffic • Our container instances are in private subnets, with no direct internet access • At some point, they might need access to external services • NAT gateways provide a highly scalable and available solution Private Subnet Internet Gateway Public Subnet Public Subnet Private Subnet Nat GatewayNat Gateway Container Instance Container Instance
  • 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Logging Container Instance Container Instance CloudWatch Logs (container logs) • ECS integrates directly with CloudWatch Logs (as well as others) • Centralized collection of container logs • Centralized collection of instance logs • Search, filter, and alert on log conditions • (more to come later…)
  • 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. tl;dr - ECS Reference Architecture on GitHub https://github.com/awslabs/ecs-refarch-cloudformation
  • 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. hands-on-demo (because slides are boring)
  • 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Let's build an application
  • 29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Parameter Store (for Twitter Credentials) Overview Tweet Collector Twitter API Tweet Archiver Kinesis Firehose Amazon S3 (archive) AWS Lambda (realtime) Elasticsearch (analyze)
  • 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Microservices and RPC at Twitch • Used for inter-service communication • Structured RPCs are much easier to design and maintain compared to REST • Focus on data models, not transports/routing • Works with protobufs or JSON • HTTP/1 compatible (unlike gRPC) • Simplicity https://blog.twitch.tv/twirp-a- sweet-new-rpc-framework-for- go-5f2febbf35f
  • 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RPC with Twitch Twirp • Write a spec describing your API (using protobufs) • Generate a client and server from the specification • Limited to Go today, but more language support in progress. • (hands-on demo in a few slides)
  • 32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tweet Collector • Written in Go • Uses Twitter API to subscribe to search terms • Environment variables: • SEARCH_TERMS • ARCHIVE_ENDPOINT • IAM role: • AWS SSM Parameter Store (for Twitter API credentials) • Sends tweets to archiving service via client SDK generated by Twitch Twirp. AWS Parameter Store (for Twitter Credentials) Tweet Collector
  • 33. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tweet Archiver • Written in Go • Hosts RPC server that receives tweets • Sends tweets to Amazon Kinesis via aws-sdk-go • Environment variables • KINESIS_STREAM_NAME • IAM role • Write access to Kinesis stream • Responds with Kinesis sequence number or error Tweet Archiver Kinesis Firehose
  • 34. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Local • Run locally with docker- compose • Logs to stdout/stderr • Local AWS credentials • Build/push containers Development Workflow AWS • Deploy to ECS with CloudFormation • Logs in AWS CloudTrail Logs • IAM Task Role • Metrics in CloudWatch
  • 35. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. https://github.com/paulmaddox/rpc-demo
  • 36. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Taking it further • Sentiment analysis with Amazon Comprehend • Dashboards with Amazon Quicksight https://aws.amazon.com/blo gs/machine-learning/build-a- social-media-dashboard- using-machine-learning-and- bi-services
  • 37. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What else do we need for production?
  • 38. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cost Optimization
  • 39. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Reserved Instances Up to 75% Savings* • Use Auto Scaling groups • Reserve ECS container instances when you have known baseline capacity requirements. • Use On-Demand pricing for capacity peaks. * Dependent on specific AWS service, size/type, and region
  • 40. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Spot Instances Up to 90% Savings* • Use Spot Fleet to maintain instance availability and define cluster based on required CPU/memory. * Compared to On-Demand price based on specific EC2 instance type, region, and Availability Zone
  • 41. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multiple ECS Clusters Creating multiple ECS clusters is easy, and often more cost efficient. Consider availability and compute requirements. Example: Development Cluster Spot Fleet Example: Production Cluster Auto Scaling group with Reserved Instances for baseline and On-Demand for capacity peaks Example: Batch Processing Cluster Spot Fleet of GPU Instances
  • 42. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scaling
  • 43. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scaling ECS Container Instances Automatically Min Desired Scale out as needed Max • Use Auto Scaling groups • Set Auto Scaling group min, max, desired • Scale in and out based on CloudWatch alarms
  • 44. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scaling ECS Container Instances Automatically Tip Use the ECS cluster MemoryReservation CloudWatch metric Tutorial: Scaling Container Instances with CloudWatch Alarms
  • 45. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Application Auto Scaling for ECS Services
  • 46. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Application Auto Scaling for ECS Services
  • 47. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security
  • 48. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Patching ECS Container Instances ECSLaunchConfiguration: Type: AWS::AutoScaling::LaunchConfiguration Properties: ImageId: ami-1924770e ECSAutoScalingGroup: Type: AWS::AutoScaling::AutoScalingGroup Properties: MinSize: 2 MaxSize: 8 DesiredCapacity: 2 AutoScalingRollingUpdate: MinInstancesInService: 2 MaxBatchSize: 2 PauseTime: PT15M WaitOnResourceSignals: true 1. Ensure you have an AutoScalingRollingUpdate policy on your Auto Scaling group 2. Update the AMI in your CloudFormation template 3. aws cloudformation update-stack 4. Let CloudFormation perform a rolling update to your ECS container instances
  • 49. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Patching Containers
  • 50. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Minimal Containers • Use the smallest FROM base container to minimize surface attack • FROM scratch is ideal for Go and other languages that compile a (near) static binary
  • 51. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IAM Roles IAM roles for container instances: • Bound to the ECS container instance • Applies to all containers running on the host • Pulling images from ECR • CloudWatch Logs IAM roles for tasks: • Bound to specific ECS tasks • Task-specific access to AWS services Tip Use principle of least privilege – prefer IAM roles for tasks where applicable
  • 52. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring & Logging
  • 53. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring with CloudWatch
  • 54. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring with CloudWatch
  • 55. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Prometheus https://github.com/slok/ecs-exporter
  • 56. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized Logging with CloudWatch Logs • Defined within the task definition • Available log drivers • awslogs • fluentd • gelf • journald • json-file • splunk • Syslog
  • 57. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized Logging with CloudWatch Logs
  • 58. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tip: Use Metric Filters with CloudWatch Logs 5
  • 59. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Everything about everything ECS. https://github.com/nathanpeck/awesome-ecs
  • 60. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you