Containers In AWS
| Owner | |
|---|---|
| Verification | |
| Tags | |
| Last edited time |
ECS
Run multiple Docker containers on the same machine with easy service discovery (networking) and ELB+ASG. can run batch or scheduled tasks - easy to migrate to the cloud.
Concepts
ECS Cluster - logical collection of EC2 instances
ECS Service - defines how many tasks run and how
Task definitions - metadata (JSON) to tell ECS how to run the container
ECS task - an instance of a task definition - a running container
ECS IAM roles: ec2InstanceProfile (API calls from EC2) ecstaskrole (API to s3)
create EC2 instance role with minimum permissions to ECS
create IAM task role for each service and reference the task definition
supports Dynamic Port Mapping working with ALB to run multiple apps on the same EC2 for better durability and maximize CPU utilization
ECS Anywhere
Run containers in Hybrid architecture with ECS control plane by defining an “External” launch type - use Direct connect (compliance, latency )
Fargate
Launch docker without managing the infra - just create task definition and specify CPU
Service auto scaling - target / step / scheduled
can inject data from SSM parameter store and secrets manager
networking:
- none - no network connectivity
- bridge - uses Docker default
- host - use host network
- awsvpc (default) - ENI for every task + IP, SG, flow logs
ECR
Store and manage Docker images on AWS, can setup private and public repository
access is controlled using IAM policy. supports , versioning, tags ‘ lifecycle, vulnerability scanning with ECR Image Scanning (manual or on push. results can trigger event bridge (basic) or Inspector (enhanced)
EKS
works with EC2 or Fargate (cloud agnostic)
EKS nodes running EKS pods
Node types:
Managed - (on demand + spot) managed by ASG+EKS
Self managed - register to EKS cluster , can use Optimized AMI
Fargate - serverless
Storage
need to specify Storage Class (CSI - container storage interface )
EBS, EFS (farget), FSX luster / ONTAP
EKS Anywhere
mange kubernetes clusters outside of AWS using EKS Distro, need to install EKS connector and EKS installer in Partly or fully disconnected mode
App Runner
fully managed container and code deployment with VPC,HA,ELB and KMS support
can connect to DB’s and cache + SQS
can set multi AZ
AWS BATCH
run batch jobs as Docker images on Fargate or EC2 (fleet) in a VPC
you can set the managed compute environment (set max price, select spot) or unmanaged (you configure)
