by Harrell Stiles, Sr. Consultant, AWS PorServe, AWS
AWS is an elastic, secure, flexible, and developer-centric ecosystem that serves as an ideal platform for Docker deployments. AWS offers the scalable infrastructure, APIs, and SDKs that integrate tightly into a development lifecycle and accentuate the benefits of the lightweight and portable containers that Docker offers to its users. This session will cover the benefits of containers, introduce Amazon EC2 Container Service, and demonstrates how to use Amazon ECS to run containerized applications at scale in production. Level 100
4. The Problem
Different application stacks
Different hardware deployment
environments
How to run all applications
across different environments?
How to easily migrate from one
environment to another?
Static
website
Web
fronted
Background
workers
User DB
Analytics
DB
Queue
Develop-
ment VM
QA
Server
Single
Prod
Server
Onsite
Cluster
Public
Cloud
Contributor’s
laptop
Customer
Servers
6. Containers
User space running on operating system’s kernel
Little overhead
Guest OS choices limited to Host OS’ Kernel
Been around for a while: chroot (1982), FreeBSD Jail (2000), Solaris
Containers (2004), OpenVZ (2005), LXC (2008), Docker (2013)
7. VMs VS. Containers
App A App B App C
Bins/Libs Bins/Libs Bins/Libs
Guest OS Guest OS Guest OS
Hypervisor
Host OS
Server (Host)
AppA AppA App B App B App C App C
Bins/Libs Bin/Libs
Content Manager (Docker)
Host OS
Server (Host)
VMs Containers
8. Docker
Lightweight container virtualization platform.
Tools to manage and deploy your applications.
Licensed under the Apache 2.0 license.
First released March 2013
Built by Docker, Inc.
9. Benefits
Portable runtime application environment
Package application and dependencies in a single artifact
Run different application versions (different dependencies)
simultaneously
Faster development & deployment cycles
Better resource utilization
10. Use Cases
Consistent environment between Development & Production
Service-Oriented Architectures / Micro-services
Short lived workflows
Isolated environments for testing
11. Docker Image
Read-only template
Used to launch container
Union file systems to combine
Different layers into a single image
Docker images built from base
Image, instructions to add layers on top
Instructions stored in Dockerfile
bootfs
kernel
Base image
Image
Image
Container
References
parent
image
12. Amazon EC2 Container Registry (Amazon ECS)
Cloud-based Docker image registry
Fully managed
Secure – images encrypted at rest, integrated with IAM
Scalable and Highly Available
Integrated with Amazon ECS and the Docker CLI
15. …. to a few hosts
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Tens of hosts with hundreds of containers
16. …. to a lot of hosts – IS HARD!
Hundreds of hosts with thousands of containers
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
18. Amazon EC2 Container Service (ECS)
highly scalable, high performance container management
service that supports Docker containers and allows you to
easily run applications on a managed cluster of
Amazon EC2 instances.
31. Designed for use with other AWS services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
Amazon CloudWatch
AWS Identity and Access Management
AWS CloudTrail
33. Routing via Application Load Balancer
Path-based routing
Allows you to define rules that route traffic to different target groups based on the path of a URL.
e.g example.com/test , example.com/test/test1
Dynamic Port Mapping
Provides the ability to load-balance across multiple ports on the same Amazon EC2 instance. This functionality
specifically targets the use of containers and is integrated into Amazon ECS.
HTTP/S
WebSockets
Detailed Logging
34. Deploying Containers on ECS – Choose a
Scheduler
Batch Jobs
ECS task scheduler
Run tasks once
Batch jobs
RunTask (random)
StartTask (placed)
Long-Running Apps
ECS service scheduler
Health management
Scale-up and scale-down
AZ aware
Grouped containers
35. Amazon ECS
Docker
Task
Container Instance
Amazon
ECS
Container
ECS Agent
ELB
Internet
ELB
User /
Scheduler
API
Cluster Management Engine
Task
Container
Docker
Task
Container Instance
Container
ECS Agent
Task
Container
Docker
Task
Container Instance
Container
ECS Agent
Task
Container
AZ 1 AZ 2
Key/Value Store
Agent Communication Service
45. Create Service
Load Balance traffic across containers
Automatically recover unhealthy containers
Discover services
Elastic Load Balancing
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
46. Scale Service
Scale up
Scale down
Elastic Load Balancing
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
48. Update Service
Deploy new version
Drain connections
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
new new new
Elastic Load Balancing
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
old old old
49. Update Service (cont.)
Deploy new version
Drain connections
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
new new new
Elastic Load Balancing
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
old old old
50. Update Service (cont.)
Deploy new version
Drain connections
Elastic Load Balancing
Shared Data Volume
Containers
Shared Data Volume
Containers
Shared Data Volume
Containers
new new new
51. Update Service (cont.)
Specify a deployment configuration for your service:
• minimumHealthyPercent: lower limit (as a percentage of
the service's desiredCount) of the number of running
tasks that must remain running in a service during a
deployment.
• maximumPercent: upper limit (as a percentage of the
service's desiredCount) of the number of running tasks
that can be running in a service during a deployment.
53. Update Service (cont.)
Deploy quickly without reducing service capacity:
minimumHealthyPercent = 100%, maximumPercent =
200%
54. In Summary
• Docker allows you to easily run different code across different
machines in a standardized, easily defined environment
• Amazon EC2 Container Service allows you to schedule Docker
containers across a managed cluster of Amazon EC2 instances
• Amazon EC2 Container Registry is a secure, private registry for
Docker container images