ECS - from 0 to 100
- 1. ..
- 2. Amazon EC2 Container Service Vitaliy Kuznetsov, Senior Solutions Architect @CloudZone
- 3. Agenda Why orchestration? ECS Cluster Task definition Service App deployment New features from Re:Invent 2017
- 4. Why Docker?
- 5. Why Docker? Simple to Build Simple to Test Best Resource Utilization Highly Portable Simple to Deploy
- 6. Why Orchestration? DeploymentConfiguration Scaling Monitoring
- 7. Why Orchestration? Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS Server Guest OS AZ 1 AZ 2 AZ 3
- 8. Agenda Why orchestration? ECS Cluster Task definition Service App deployment New features from Re:Invent 2017
- 10. ECS Amazon EC2 Container Service (ECS) is a highly scalable, high performance container management service that supports Docker containers and allows you to easily run applications on a managed cluster of Amazon EC2 instances. There is no additional charge for Amazon ECS
- 11. ECS Cluster Cluster Instance Task Task Instance Task Task Service
- 12. ECS Cluster
- 13. ECS Cluster Cluster configuration: • Cluster Name • Provisioning Model • Instance Type • Number of instances • EBS Storage • Key pair (optional)
- 14. ECS Cluster Networking configuration: • VPC • Subnet • Security Group Instance IAM role
- 15. ECS Cluster UserData to join to cluster
- 16. Agenda Why orchestration? ECS Cluster Task definition Service App deployment New features from Re:Invent 2017
- 17. Task Definition Cluster JSON document, that defines the task settings Most notable parameters: • Task Role • Network Mode • Container definitions • Constraints
- 18. Task Definition Cluster Task definition: • Name • Task Role • Network Mode • Task Memory • Task CPU (units)
- 19. Task Definition Cluster • Container definitions • Constraints • Volumes
- 20. Task Definition - Container Definitions ClusterContainer definition: • Name • Image • Memory limits • Port mappings
- 21. Task Definition - Container Definitions - Advanced Cluster Container environment: • CPU units • Essential (Y/N) • Container overrides • Env Vars
- 22. Task Definition - Container Definitions - Advanced Cluster
- 23. Task Definition - Container Definitions - Advanced ClusterMounts: EFS / EBS Volumes: From containers
- 24. Task definition - Container definitions - Advanced Cluster Security: Privileged Security Options
- 25. Task Definition - Constraints Cluster Built-in Attributes • ecs.ami-id The ID of the AMI used to launch the instance. An example value for this attribute is "ami-eca289fb" • ecs.availability-zone The Availability Zone for the instance. An example value for this attribute is "us-east-1a" • ecs.instance-type The instance type for the instance. An example value for this attribute is "g2.2xlarge" • ecs.os-type The operating system for the instance. The possible values for this attribute are "linux" and "windows". Custom Attributes: Cluster query language
- 26. Agenda Why orchestration? ECS Cluster Task definition Service App deployment New features from Re:Invent 2017
- 27. ECS: Service ClusterCluster Instance Task A Task B Instance Task A Task B Service
- 28. ECS: Service Service Definition: Task Placement: • Task Definition • Cluster • Service Name • Number of tasks • Minimum healthy % • Maximum % • AZ Balanced Spread • AZ Balanced BinPack • BinPack • One Task Per Host • Custom
- 29. ECS: Service
- 30. ECS: Service load balancing Service can be attached to Load Balancer of any type It is not possible to update after service creation • Health-check grace period • Service IAM Role • Load Balancer Name
- 31. ECS: Service load balancing
- 32. ECS: Service Auto-scaling Service can use auto-scaling based on CloudWatch alarms
- 34. ECS: Task
- 37. ECS: Useful with Other AWS Services • Elastic Load Balancing • Application Load Balancer • Amazon ECR • Amazon EFS • Amazon Elastic Block Store(EBS) • Amazon Virtual Private Cloud • AWS Identity and Access Management • AWS CloudWatch
- 38. Agenda Why orchestration? ECS Cluster Task definition Service App deployment New features from Re:Invent 2017
- 39. ECS: Deployment Task definition ClusterCluster Instance Task A Task B Instance Task A Task B Service
- 40. ECS: Deployment ClusterCluster Instance Task A task definition: service:1.0 Instance Service Task A task definition: service:1.1 Minimum healthy percent: 50 Maximum percent: 100
- 41. ECS: Deployment ClusterCluster Instance Task A task definition: service:1.1 Instance Service Task A task definition: service:1.1 Minimum healthy percent: 50 Maximum percent: 100
- 42. ECS: Deployment ClusterCluster Instance Task A task definition: service:1.0 Service Minimum healthy percent: 100 Maximum percent: 200 Task A task definition: service:1.1 Task A task definition: service:1.0 Task A task definition: service:1.1 Instance
- 43. ECS: Deployment ClusterCluster Instance Task A task definition: service:1.1 Instance Service Task A task definition: service:1.1 Minimum healthy percent: 100 Maximum percent: 200
- 44. ECS: Automation
- 45. Agenda Why orchestration? ECS Cluster Task definition Service App deployment New features from Re:Invent 2017
- 46. ECS: New features • awsweb networking mode • Windows Server Containers • Memory and CPU Limits at the Task Level • New regions for ECS and ECR: Sao Paolo and Mumbai
- 47. ECS: New features awsweb networking mode ClusterCluster Instance Task ENI • Same networking properties as Amazon EC2 instances • ENI is fully managed by Amazon ECS ENI
- 48. Get in touch at vitaliyku@cloudzone.io Thank You!
Editor's Notes
- #3: Ask who has experience with ECS? With Dockers? Couple of words about containers. Service discovery? Configuration injection?
- #4: Ask who has experience with ECS? With Dockers? Couple of words about containers. Service discovery? Configuration injection?
- #5: One task - one service Do one thing, do well Each service can be written on his specific language Services are speaking via network
- #9: Ask who has experience with ECS? With Dockers? Couple of words about containers. Service discovery? Configuration injection?
- #10: Speak about set-up / vpc / subnets / ELB - give definitions: Port mappings, target groups etc.
- #11: Add slide of ECS features
- #12: Check if private link for ECS Add note, that instances should have IAM ROLE and Outboud access to connect to cluster
- #17: Ask who has experience with ECS? With Dockers? Couple of words about containers. Service discovery? Configuration injection?
- #18: Network Mode: None Bridge awsvpc host Add screenshot with general task definintion screen
- #19: Network Mode: None Bridge awsvpc host Add screenshot with general task definintion screen Zoom in to sreenshot
- #20: Network Mode: None Bridge awsvpc host Add screenshot with general task definintion screen Zoom in to sreenshot
- #21: * Probably need to speak about CNI (awsweb network mode)
- #22: Advanced container parameters: Environment Network Settings
- #23: Advanced container parameters: Environment Network Settings Storage And Logging
- #24: Logs: awslogs, syslog, splunk, fluentd, gelf, journald, logentries… Add description to volumes: EBS, NFS mount, Other docker volumes
- #25: Security Options: Labels to provide to SELinux / AppArmor + show drop-down of limits
- #26: Cluster query lang: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html
- #27: Ask who has experience with ECS? With Dockers? Couple of words about containers. Service discovery? Configuration injection?
- #30: Binpack
- #31: Dynamic port mapping - only for ALB and NLB;
- #32: Dynamic port mapping - only for ALB and NLB;
- #35: Created service -> now we have tasks Demo??
- #36: Demo??
- #37: Demo??
- #39: Ask who has experience with ECS? With Dockers? Couple of words about containers. Service discovery? Configuration injection?
- #45: Add Architecture diagram with Wordpress :)
- #46: Ask who has experience with ECS? With Dockers? Couple of words about containers. Service discovery? Configuration injection?
- #47: Add Architecture diagram with Wordpress Add CNI (awsvpc) as new feature
- #48: Linux AMI only for now