This document provides an overview of Amazon Web Services (AWS) container services, including Amazon Elastic Container Service (ECS), AWS Fargate, and Amazon Elastic Kubernetes Service (EKS). It discusses how ECS allows users to run and scale containerized applications using tasks on a cluster of EC2 instances or Fargate. EKS manages Kubernetes clusters that can schedule containers across AWS infrastructure and integrates with other AWS services. The document emphasizes that EKS provides an upstream Kubernetes experience and high availability while allowing integration with native AWS networking and services.

1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Patricio Vazquez, Solutions Architect
https://www.linkedin.com/in/patriciov/
Sept 24th
AWS Container Services Overview

2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
BUILDING AN ECOSYSTEM

3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
RUNNING CONTAINER

4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
RUNNING CONTAINERS

5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon ECS—Task & Service
EC2 INSTANCES
LOAD
BALANCER
Internet
ECS
AGENT
TASK
Container
TASK
Container
ECS
AGENT
TASK
Container
TASK
Container
AGENT COMMUNICATION
SERVICE
Amazon ECS
API
CLUSTER MANAGEMENT
ENGINE
KEY/VALUE STORE
ECS
AGENT
TASK
Container
TASK
Container
LOAD
BALANCER
ECS Service

6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Define application containers: Image
URL, CPU & Memory requirements,
etc.
register
Task Definition
create
Cluster
• Infrastructure Isolation
boundary
• IAM Permissions boundary
run
Task
• A running instantiation of
a task definition
create
Service
Elastic Load
Balancer
• Maintain running copies
• Integrated with ELB
• Unhealthy tasks
automatically replaced
CONSTRUCTS

7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Scheduling and Orchestration
Cluster Manager Placement Engine
RUNNING CONTAINERS AT SCALE WITH ECS
Availability Zone #1 Availability Zone #2 Availability Zone #3

8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PRODUCTION WORKLOADS ON AWS
AWS VPC
networking mode
Advanced task
placement
Deep integration
with AWS services
ECS CLI…{ }
Global footprint
Powerful scheduling
engines
Auto scaling
CloudWatch metrics
Load balancers

9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ECS
AMI
Docker
agent
ECS
agent
ECSTaskECSTask
ECSTaskECSTask
EC2 Instance

10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Scheduling and Orchestration
Cluster Manager Placement Engine
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance

11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ECS Instance ECS Instance ECS Instance ECS InstanceECS Instance ECS Instance
EC2
FARGATE
Notifications
Amazon ECS CLUSTER
Availability Zone #1 Availability Zone #2 Availability Zone #3
Subnet 2
172.31.2.0/24
Subnet 1
172.31.1.0/24
Subnet 3
172.31.3.0/24
Web
Shopping
Cart

12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
N o cl usters
to manage
Manages underl yi ng
i nfrastructure
Easy to run,
easy to scal e
AWS FARGATE

13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
T A K E A W A Y

14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PRODUCTION WORKLOADS ON AWS
AWS VPC
networking mode
Advanced task
placement
Deep integration
with AWS services
ECS CLI…{ }
Global footprint (in 2018)
Powerful scheduling
engines
Auto scaling
CloudWatch metrics
Load balancers

15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
57%of Kubernetes runs on
AWS today
— Cloud Native Computing Foundation

16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“Run Kubernetes for me.”

17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“Give us an upstream experience.”
“Please don’t fork.”
“Make sure it’s compatible”

18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
A M A Z O N E L A S T I C C O N TA I N E R S E R V I C E F O R K U B E R N E T E S
(Amazon EKS)

19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Customer adopting EKS

20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
3x Kubernetes masters for HA
Kubernetes on AWS

21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
API
server
Cloud
controller
Controller
manager
Scheduler Add-onsKubeDNS
Kubernetes master

22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Availability
Zone 1
Etcd
Master
Etcd
Master
Etcd
Master
Availability
Zone 2
Availability
Zone 3

23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Availability
Zone 1
Etcd
Master
Etcd
Master
Availability
Zone 2
Availability
Zone 3
Etcd
Master

24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Availability
Zone 1
Master Master
Availability
Zone 2
Availability
Zone 3
Master
Workers Workers Workers
Customer Account
AWS Managed

25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
mycluster.eks.amazonaws.com
Availability
Zone 1
Availability
Zone 2
Availability
Zone 3
Kubectl

26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
k u b e c t l
AW S A u t h
K u b e r n e t e s R B A C

28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
k u b e c t l
AW S A u t h
c o n f i g m a p & R B A C
Wo r k e r s
R o l e
R o l e
config map

29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
C r e a t e H A m a s t e r s
C e r t i f i c a t e m a n a g e m e n t
I A M i n t e g r a t i o n
S e t u p L BC r e a t e H A e t c d
A u t o s c a l e
C r e a t e c l u s t e r

30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Native VPC networking
with CNI plugin
Pods have the same VPC
address inside the pod
as on the VPC
Simple, secure networking
Open source and
on Github
…{ }

31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Nginx Pod
Java Pod
ENI
Secondary IPs:
10.0.0.1
10.0.0.2
Veth IP: 10.0.0.1
Veth IP: 10.0.0.2
Nginx Pod
Java Pod
ENI
Veth IP: 10.0.0.20
Veth IP: 10.0.0.22
Secondary IPs:
10.0.0.20
10.0.0.22
ec2.associateaddress()
VPC Subnet – 10.0.0.0/24
Instance 1 Instance 2

32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
T A K E A W A Y

33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Integrated w i th
AWS S ervi ce s
H i ghl y
a v a i l a b l e
U pstream P roducti on
w orkl oads
Amazon EKS

34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
G r a c i a s !