This document summarizes a presentation on clustering Docker containers on AWS using Amazon ECS and ECR. It provides an overview of the requirements for modern cluster orchestration and introduces Amazon ECS and ECR. It also includes case studies from companies like Coursera and Meteor that used ECS to focus on development rather than managing clusters. The presentation concludes with demonstrations of creating and scaling an ECS cluster, running a sample app, and load balancing microservices across random ports.
Explain how to build and run applications and services without having to manage infrastructure. In this slides, we show how you can build web applications without server and in a faster and agile way. We introduce how you can use AWS Lambda, API Gateway, Cognito and DynamoDB to implement a 3-Tier serverless architectural patterns.
In this session we'll discuss and demonstrate key concepts and design patterns for continuous deployment and integration using technologies like AWS OpsWorks and Chef to enable better control of applications and infrastructures.
An introduction to serverless architectures (February 2017)Julien SIMON
An introduction to serverless
AWS Lambda
Amazon API Gateway
Demo: writing your first Lambda function
Demo: building a serverless pipeline
Additional resources
How do you automate operational tasks when managing your infrastructure on AWS, such as code deployment, software configurations, package installations, database setups, and server scaling? Using AWS OpsWorks, you can deploy and operate applications of all shapes and sizes. In addition, you can model your application stack with layers that define the building blocks of your application: load balancers, application servers, and databases.
The webinar will accelerate your use of OpsWorks by helping you learn how to manage and configure instances, create and deploy applications, and monitor your resources using AWS OpsWorks.
Learning Objectives:
• How to model your application stack
• How to manage and configure instances
• How to create and deploy applications
• How to automate operational tasks
Who Should Attend:
- Developers,
- Dev-ops Engineers,
- System Administrators
AWS CloudFormation template with single & redundant systemNaoya Hashimoto
* Use CloudFormation to create Stacks composed of VPC, Internet Gateway, Route Table, ELB, EC2 Instance, EBS Volumes
* Single pattern with EC2 Instances WEB server and DB server with the same AZ
* Redundant pattern with EC2 Instances WEB server and DB server with multi-AZ
Talk @ API Days Paris, 13/12/2016
Simplifying development and deployment of serverless applications with Open Source frameworks and tools: Serverless, Gordon, Chalice, etc.
Developing and deploying serverless applications (February 2017)Julien SIMON
What’s new on AWS Lambda?
Simplifying development
Demo: The Serverless framework
Demo: Gordon
Demo: Chalice
Other tools
Simplifying deployment
Demo: AWS Serverless Application Model
Additional resources
Explain how to build and run applications and services without having to manage infrastructure. In this slides, we show how you can build web applications without server and in a faster and agile way. We introduce how you can use AWS Lambda, API Gateway, Cognito and DynamoDB to implement a 3-Tier serverless architectural patterns.
In this session we'll discuss and demonstrate key concepts and design patterns for continuous deployment and integration using technologies like AWS OpsWorks and Chef to enable better control of applications and infrastructures.
An introduction to serverless architectures (February 2017)Julien SIMON
An introduction to serverless
AWS Lambda
Amazon API Gateway
Demo: writing your first Lambda function
Demo: building a serverless pipeline
Additional resources
How do you automate operational tasks when managing your infrastructure on AWS, such as code deployment, software configurations, package installations, database setups, and server scaling? Using AWS OpsWorks, you can deploy and operate applications of all shapes and sizes. In addition, you can model your application stack with layers that define the building blocks of your application: load balancers, application servers, and databases.
The webinar will accelerate your use of OpsWorks by helping you learn how to manage and configure instances, create and deploy applications, and monitor your resources using AWS OpsWorks.
Learning Objectives:
• How to model your application stack
• How to manage and configure instances
• How to create and deploy applications
• How to automate operational tasks
Who Should Attend:
- Developers,
- Dev-ops Engineers,
- System Administrators
AWS CloudFormation template with single & redundant systemNaoya Hashimoto
* Use CloudFormation to create Stacks composed of VPC, Internet Gateway, Route Table, ELB, EC2 Instance, EBS Volumes
* Single pattern with EC2 Instances WEB server and DB server with the same AZ
* Redundant pattern with EC2 Instances WEB server and DB server with multi-AZ
Talk @ API Days Paris, 13/12/2016
Simplifying development and deployment of serverless applications with Open Source frameworks and tools: Serverless, Gordon, Chalice, etc.
Developing and deploying serverless applications (February 2017)Julien SIMON
What’s new on AWS Lambda?
Simplifying development
Demo: The Serverless framework
Demo: Gordon
Demo: Chalice
Other tools
Simplifying deployment
Demo: AWS Serverless Application Model
Additional resources
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECSWeaveworks
Alfonso described how Weave open source projects (Weave Net and Weave Scope) can help with networking, visualization, and control for ECS. Specifically, Weave acts as a key communicator for networking containers with its multi-host overlay and additional features (including automatic DNS service discovery and multicast).
Monitoring Containers at Scale - September Webinar SeriesAmazon Web Services
Containers come and go rapidly, which is great for scalable or fast-evolving infrastructure. However, the short life of containers make it more challenging to monitor, leaving many with questions such as: How many containers can you run on a given Amazon EC2 instance type? Which metric should you look at to measure contention? How do you manage fleets of containers at scale? In this session, we'll present the challenges and benefits of running containers at scale, how to use quantitative performance patterns to monitor your infrastructure at this magnitude and complexity, and we'll discuss proven strategies for monitoring your containerized infrastructure on AWS and ECS.
Learning Objectives:
- Set up the infrastructure to monitor your containers running on AWS
- Understand the metrics available and what they mean
- Define a strategy to monitor your containers
This session provides the attendee with an overview of our Amazon EC2 Container Service (Amazon ECS) and the benefits of running a managed cluster on AWS. We also discuss the benefits from a customer perspective.
"In recent years, containers have become a key component of modern application design. Increasingly, developers are breaking their applications apart into smaller components and distributing them across a pool of compute resources. It is relatively easy to run a few containers on your laptop, but building and maintaining an entire infrastructure to run and manage distributed applications is hard and requires a lot of undifferentiated heavy lifting.
In this session, we discuss some of the core architectural principles underlying Amazon ECS, a highly scalable, high performance service to run and manage distributed applications using the Docker container engine. We walk through a number of patterns used by our customers to run their microservices platforms, to run batch jobs, and for deployments and continuous integration. We explore the advanced scheduling capabilities of Amazon ECS and dive deep into the Amazon ECS Service Scheduler, which optimizes for long-running applications by monitoring container health, restarting failed containers, and load balancing across containers."
In this session, we introduce you to a solution for easily running a Docker-powered microservices architecture on AWS using Elastic Beanstalk. We will also cover the fundamentals of Elastic Beanstalk and how it benefits developers looking for a quick and scalable way to get their applications running on AWS with no infrastructure work required. In the second half of the session Sean O’Brien, engineer at Prezi, will share how Prezi is using Elastic Beanstalk to build microservices for its entire development team.
Building a microservices architecture using Docker can require a lot of work, from launching and operating the underlying infrastructure to installing and maintaining cluster management software. With AWS Elastic Beanstalk’s multicontainer support feature, many of these tasks are simplified and abstracted away so you can focus on your application code. AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker. Elastic Beanstalk leverages Amazon EC2 Container Service for its container management capabilities.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Adhiraj Singh, Sr. Product Manager
Learn more about the role and tasks of a container management solution and analyze how four common container management solutions - Amazon EC2 Container Service, Docker for AWS, Kubernetes, and Apache Mesos - stack against each other.
February 2016 Webinar Series - EC2 Container Service Deep Dive Amazon Web Services
Running and managing large scale applications with microservices architectures is difficult and often requires operating complex container management infrastructure. Amazon EC2 Container Service (ECS) is a highly scalable, high performance service for running and managing Docker applications.
In this webinar, we will walk through a number of patterns and tools used by our customers to run their applications on Amazon ECS. We will show you how to setup, manage and scale your Amazon ECS resources, keep them secure and deploy your applications to an Amazon ECS cluster. We will also provide best practices for monitoring, logging and service discovery.
Learning Objectives:
Learn how to setup and manage Amazon ECS for production applications
Learn how to schedule containers on production clusters using Amazon ECS
Who Should Attend:
Developers, DevOps Engineers
AWS November Webinar Series - From Local Development to Production Using the ...Amazon Web Services
Running and managing large scale multi-container applications in production usually requires different tools than what is used for development.
In this webinar, we will show you how to use the Amazon EC2 Container Service CLI with Docker Compose to define and run multi-container applications in a local development environment. We will also show how you can eliminate the need to install, operate, and scale your own cluster management infrastructure by using Amazon ECS. We will then demonstrate how to schedule your multi-container application as defined by Compose across a production Amazon ECS cluster. We will also walk through some best practice patterns used by customers for running their microservices platforms or batch jobs.
Learning Objectives:
Understand the basics of the Amazon ECS CLI
Run multi-container applications defined by Docker Compose using the Amazon ECS CLI
Learn how to run and manage production applications using Amazon ECS
Who Should Attend:
Developers, system administrators, Docker users, container users
Deliver Docker Containers Continuously on AWS - QCon 2017Philipp Garbe
With Docker it became easy to start applications locally without installing any dependencies. Even running a local cluster is not a big thing anymore.
AWS on the other side offers with ECS a managed container service that starts to schedule containers based on resource needs, isolation policies, and availability requirements.
Sounds good, but is it really that easy? In this talk, you'll get an overview of ECS and all other services that are needed to run your containers in production. Philipp shows how an ECS cluster and your containerized applications can automatically be deployed and scaled. He also shares his experiences and discusses what features are still missing.
An introduction to computer vision with Hugging FaceJulien SIMON
In this code-level talk, Julien will show you how to quickly build and deploy computer vision applications based on Transformer models. Along the way, you'll learn about the portfolio of open source and commercial Hugging Face solutions, and how they can help you deliver high-quality solutions faster than ever before.
Starting your AI/ML project right (May 2020)Julien SIMON
In this talk, we’ll see how you can put your AI/ML project on the right track from the get-go. Applying common sense and proven best practices, we’ll discuss skills, tools, methods, and more. We’ll also look at several real-life projects built by AWS customers in different industries and startups.
Building Machine Learning Inference Pipelines at Scale (July 2019)Julien SIMON
Talk at OSCON, Portland, 18/07/2019
Real-life Machine Learning applications require more than a single model. Data may need pre-processing: normalization, feature engineering, dimensionality reduction, etc. Predictions may need post-processing: filtering, sorting, combining, etc.
Our goal: build scalable ML pipelines with open source (Spark, Scikit-learn, XGBoost) and managed services (Amazon EMR, AWS Glue, Amazon SageMaker)
Optimize your Machine Learning Workloads on AWS (July 2019)Julien SIMON
Talk at Floor 28, Tel Aviv.
Infrastructure, tips to speed up training, hyperparameter optimization, model compilation, Amazon SageMaker Neo, cost optimization, Amazon Elastic Inference
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
2. The problem
Given a certain amount of
processing power and memory,
how can we best manage
an arbitrary number of apps
running in Docker containers?
http://tidalseven.com
3. Requirements for modern cluster orchestration
Distributed state management
Scalable scheduling
Built-in high availability
Amazon EC2 Container Service (ECS)
Launched in 04/2015
https://aws.amazon.com/ecs/
No additional charge J
Amazon EC2 Container Registry (ECR)
Launched in 12/2015
https://aws.amazon.com/ecr/
Free tier: 500MB / month for a year
$0.10 / GB / month + outgoing traffic
6. Case study: Meteor
https://www.youtube.com/watch?v=xIc3WT6kAVw
“Can we scale the amount of compute resources necessary to run all our customers’
apps? Can we scale the mechanics of coordinating all those pieces? Using AWS, we
can answer ‘yes’ to both” - Matt DeBergalis, Cofounder & VP Product
7. Case study: Remind
“Moving to Amazon ECS significantly improved our service performance”
Jason Fischl, VP of Engineering
https://www.youtube.com/watch?v=8zbbQkszP04
8. DEMO #1
Demo gods, I’m your humble servant, please be good to me
Using the ‘aws’ and ‘ecs-cli’ command lines:
Create and scale an Amazon ECS cluster
Pull an image from an Amazon ECR registry
Run, scale and load-balance a simple PHP app
… and look at EC2 Instances, Security Groups, Auto-Scaling Groups,
Elastic Load Balancers and Cloud Formation
10. Micro-services: it gets worse J
Micro-services run in an ever-moving production environment:
continuous deployment, multiple versions running in parallel,
servers coming and going, etc.
• Can micro-services be deployed and scaled independently?
• Can multiple copies of a micro-service run on the same server?
• Can micro-services register their name & port automatically?
• Can micro-services discover each other?
• Can traffic be load-balanced across multiple copies of a micro-service?
11. Yes we can!
• Can micro-services be deployed and scaled independently?
Micro-service = Docker image + task definition + service definition
• Can multiple copies of a micro-service run on the same server?
Let Docker assign a random port
• Can micro-services register name & port automatically?
Use Registrator to inspect containers and register them in Consul
• Can micro-services discover each other?
Use local Consul agent for DNS lookups
• Can traffic be load-balanced across multiple copies of a micro-service?
User-facing service: ELB (80) à Fabio (fixed port) à service (random port)
Internal service: DNS lookup (53) à service (random port)
12. Internet
Gateway
Elastic Load
Balancer
Consul server
EC2 instance
R R RC C C
F F F:9999 :9999 :9999
:80
ECS agent
R
Registrator
C
Consul agent
F
Fabio
P
Portal
S
Stock
W
Weather
P P P PP P
S
:random
S
:random
S
:random
W
:random
W
:random
:random :random :random:random :random
ECS instance ECS instance ECS instance
IP and port number of service returned by local DNS lookup
Consul traffic
omitted for brevity
and sanity J
ECS
cluster
Load balancing services on random ports
:53:53:53
:random
J. Simon
13. DEMO #2Demo gods, I know I’m pushing it, but please don’t let me down now
Run an application built from 3 micro-services (portal, stock, weather) running on random ports
Use a combination of ELB, Fabio and Consul (DNS lookups) for load-balancing
Scale & break stuff, see what happens J
14. Thank you. Let’s keep in touch!
@aws_actus @julsimon
facebook.com/groups/AWSFrance/
AWS User Groups in Paris,
Lyon, Nantes, Lille & Rennes
(meetup.com)
March 7-8
AWS Summit
May 31st
April 20-22
March 23-24 April 6-7 (Lyon)
April 25
March 16
17. Amazon ECS resources
Building demos #1 & #2
https://docs.aws.amazon.com/fr_fr/AmazonECS/latest/developerguide/docker-basics.html
https://github.com/awslabs/ecs-demo-php-simple-app
https://aws.amazon.com/blogs/compute/service-discovery-via-consul-with-amazon-ecs/
https://github.com/awslabs/service-discovery-ecs-consul
https://www.consul.io/ - https://github.com/gliderlabs/registrator - https://github.com/eBay/fabio
Tech articles by Werner Vogels, CTO of Amazon
http://www.allthingsdistributed.com/2014/11/amazon-ec2-container-service.html
http://www.allthingsdistributed.com/2015/04/state-management-and-scheduling-with-ecs.html
http://www.allthingsdistributed.com/2015/07/under-the-hood-of-the-amazon-ec2-container-service.html
Amazon ECS video @ AWS re:Invent 2015
Amazon ECS: Distributed Applications at Scale https://www.youtube.com/watch?v=eun8CqGqdk8
Turbocharge Your Deployment Pipeline with Containers https://www.youtube.com/watch?v=o4w8opVCI-Q
From Local Docker Development to Production Deployments https://www.youtube.com/watch?v=7CZFpHUPqXw
20. Creating, scaling and deleting an ECS cluster
$ ecs-cli configure -c CLUSTER_NAME -r eu-west-1
$ ecs-cli up --keypair KEY_PAIR_ID --capability-iam --size 1
--instance-type t2.micro
$ ecs-cli scale --size 3 --capability-iam
$ ecs-cli ps
$ ecs-cli down CLUSTER_NAME --force
Reminder:
• ‘ecs-cli up’ launches a CloudFormation template
• By default, the cluster is created in a new VPC
• By default, only port 80 is open on ECS instances
• See ‘ecs-cli up –help’ for advanced networking options
24. Amazon ECS metadata
Log into the ECS instance
Instance information
$ curl http://localhost:51678/v1/metadata
Task information
$ curl http://localhost:51678/v1/tasks
25. Creating and scaling an Amazon ECS service
Write a docker-compose.yml file
$ ecs-cli compose service start
$ ecs-cli compose service up
$ ecs-cli compose service scale 3
26. Stopping and deleting an Amazon ECS service
$ ecs-cli compose service stop
$ ecs-cli compose service delete