Week 10 - AWS Containers
Week 10 - AWS Containers
Host OS
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5
Evolution of deployment models:
VMs
Isolated applications
VM VM VM
Application Application Application
Isolated libraries A B C
Libraries Libraries Libraries
More OS maintenance
Guest OS Guest OS Guest OS More server space for OS
Virtualization platform
Better resource
Host OS
utilization
Host server
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 6
Evolution of deployment models: Containers
Lightweight, efficient,
and fast
Containerization platform
Host server
Better resource
utilization
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 7
Docker container virtualization platform
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 8
Docker container benefits
• Portable runtime application
environment
• Application and dependencies can be
packaged in a single, immutable
artifact
• Ability to run different application
versions with different dependencies
simultaneously
• Faster development and deployment
cycles
• Better resource utilization and
efficiency
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 9
Docker container components
Layer 4
Layer 3
Layer 2
Layer 1
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 11
Dockerfile example:
Common tasks
# Start with CentOS 7 image
FROM centos:7
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 12
Each line of the Dockerfile adds aImage
layerlayers (read-only)
# 3 Expose port 80
EXPOSE Port 80 3 EXPOSE 80
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 13
Comparing monolithic and microservice architectures
Monolithic Storefront UI
Account service
Cart service
Microservices
Account service (Node.js)
Storefront
Cart service (Python)
UI (Node.js)
Browser Load Shipping service (Java)
balancer
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 14
Microservices and containers
Microservices design Container characteristics
• Decentralized, evolutionary • Each container uses the language and technology that are best suited for the service.
design • Each component or system in the architecture can be isolated, and can evolve separately,
• Smart endpoints, dumb pipes instead of updating the system in a monolithic style.
• Independent products, not • You can use containers to package all of your dependencies and libraries into a single,
projects immutable object.
• Designed for failure • You can gracefully shut down a container when something goes wrong and create a new
instance. You start fast, fail fast, and release any file handlers.
• Disposable
• The development pattern is like a circuit breaker. Containers are added and removed,
workloads change, and resources are temporary because they constantly change.
• Development and production • Containers can make development, testing, and production environments consistent.
parity • This consistency facilitates DevOps, in which a containerized application that works on a
developer's system will work the same way on a production system.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 15
AWS Container Services
Challenges of managing containers at scale
• State of containers
• Scheduling of starts and stops
• Resources available on each
server
• Maximizing availability,
resilience, and performance
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 17
Container orchestration platforms
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 18
Amazon ECS
Fully managed container
orchestration service
• Scales rapidly to thousands of
containers with no additional
Amazon Elastic
complexity Container Service
• Schedules placement across managed (Amazon ECS)
clusters
• Integrates with third-party schedulers
and other AWS services
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 19
Amazon ECR
Fully managed container registry that you can use to
easily store, run, and manage container images for
applications that run on Amazon ECS
Amazon Elastic
• Scalable and highly available Container Registry
(Amazon ECR)
• Integrated with Amazon ECS and
Docker CLI
• Secure:
• Encryption at rest
• Integration with the AWS Identity and
Access Management Service (IAM)
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 20
Amazon ECS solution architecture
Pull the container
image from
a registry
Select the
Amazon launch type AWS
ECR Fargate
Amazon
ECS Define your Manage
application your containers
Other Amazon
container EC2
registry
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 21
Amazon ECS with Fargate or Amazon EC2
Containers
Amazon ECS cluster Amazon ECS cluster
backed by Fargate Container instance Container instance Container instance backed by Amazon EC2
1 2 3
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 23
Amazon EKS
• Managed service that runs Kubernetes on
the AWS Cloud
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 24
Amazon EKS
Fargate
Amazon EKS
Run Kubernetes
Amazon EC2 applications
Provision an Deploy worker Connect to
Amazon EKS nodes for your Amazon EKS
cluster Amazon EKS
cluster
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 25
Section 5 key takeaways
• Container orchestration services
(or systems) simplify managing
containers at scale.
• Amazon ECS is a fully managed
container orchestration service
that you can use to launch
containers to either Fargate or EC2
instances.
• Amazon ECR is a fully managed
container registry service.
• Amazon EKS is a managed service
that you can use to run Kubernetes
in the cloud.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 26
Deploying applications with
Elastic Beanstalk
Elastic Beanstalk
• Service for deploying and scaling web
applications and services
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 28
Elastic Beanstalk components
Component Description
Application Logical collection of Elastic Beanstalk components. Conceptually similar to a folder.
Application
Specific, labeled iteration of deployable code for a web application.
version
Environment Collection of AWS resources that run an application version.
Designation of the type of application that the environment runs. Determines what resources Elastic Beanstalk
Environment tier
provisions to support it.
Environment
Collection of parameters and settings that define how an environment and its associated resources behave.
configuration
Saved
Template that you can use as a starting point for creating unique environment configurations.
configuration
Combination of an OS, programming language runtime, web server, application server, and Elastic Beanstalk
Platform
components. You design and target your web application to a platform.
Elastic Beanstalk CLI for Elastic Beanstalk. Provides interactive commands that simplify creating, updating, and monitoring
CLI environments from a local repository.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 29
IAM permissions in Elastic Beanstalk environments
IAM roles assigned during environment creation
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 31
Elastic Beanstalk simplifies container deployment
Getting started with Getting started with
Amazon ECS Elastic Beanstalk
1. Create a task definition 1. Write a Dockerrun.aws.json file and
2. Create and configure a cluster provide your zipped code
including: 2. Select the platform for your
• EC2 instances language
• VPC settings 3. Launch your application
• IAM role definition
3. Create a service to run and
maintain a specified number of
instances of a task
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 32
Multicontainer Docker platform
Elastic Beanstalk
Elastic
Load
app1.elasticbeanstalk.com:9000
Balancing
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 33
Dockerrun.aws.json file
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 34
Elastic Beanstalk deployment policies
Deployment option namespaces
aws:elasticbeanstalk:command
• Choose the deployment policy
• Set a timeout
• Choose options for size and type of batches to use
• Choose whether to cancel deployment on a failed health check
aws:elasticbeanstalk:trafficsplitting
• Choose the percentage of traffic to go to new instances
• Choose how long to wait before continuing to shift more traffic
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 36
Example of traffic splitting (canary testing)
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 37
Blue/green deployments on Elastic Beanstalk
myapp.useast-1.elasticbeanstalk.com myapp_new.useast-1.elasticbeanstalk.com
3 Swap the
CNAMEs
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. 38
Additional Resources
• Blog posts
• Building Container Images on Amazon ECS on AWS Fargate:
https://aws.amazon.com/blogs/containers/building-container-images-on-
amazon-ecs-on-aws-fargate/
• Developing Twelve-Factor Apps Using Amazon ECS and AWS Fargate:
https://aws.amazon.com/blogs/containers/developing-twelve-factor-apps-
using-amazon-ecs-and-aws-fargate/
• Amazon ECS Workshop: https://ecsworkshop.com/
• You can use Elastic Beanstalk to
Section 6 key manage all of the resources that run
takeaways your application as an environment.
• You can quickly launch a Docker
multicontainer environment with
Elastic Beanstalk without worrying
about Amazon ECS configuration
details.
• Deployment options include traffic
splitting and blue/green to support
testing new versions.