AWS ECS: Kickstart Containers into Production

Gepostet am: 12. November 2018

There are quite some ways to bring containers into production, e.g. Kubernetes, Openshift or Docker Swarm. This article will present another viable addition to this list: Elastic Container Service on AWS (AWS ECS) as solution to run containers at scale. In this github repository we will show example code to instantly spawn an AWS ECS cluster on top of EC2 nodes. Mind you: This is not about AWS Fargate, this is about ECS.

The AWS ECS Environment

To run containers there must be an ECS cluster that is built up from EC2 instances. There are some components needed for this:

  • the ECS cluster itself,
  • compute instances that are joined into the cluster as docker hosts,
  • the task definition that defines how to start the containers.

Some additional things have to be in place for this to work:

  • a VPC with network,
  • a loadbalancer.

All code examples to provision these components can be found at this github repository.

The ECS cluster relies on the ECS agent that runs on the compute instances as a container. The agent connects the compute instance to the ECS cluster and schedules everything.

The base layer of our setup consists of ordinary EC2 instances. On selecting the AMI there are two options: either use a Linux basis AMI (e.g. Ubuntu) and build the host from scratch or use an ECS-optimized AMI from amazon (e.g ami-10e6c8fb). These ECS-optimized images come with all the necessary stuff such as an adequate Docker version, the ECS agent and separate volumes so Docker images will be kept apart from the root partition.

All components can be seen in the big picture:

AWS ECS environment schematic

AWS ECS Overview

Spinning up containers on top of ECS

Let us assume we want to start an nginx container right on top of this. First we create an ECS service and add a task description. The task definition is for the docker daemon, the ECS service handles the scheduler settings.

The ECS service encapsulates settings such as the number of tasks, how to spread tasks across the cluster and interconnection to the loadbalancer. In the task we define the container we want to run.

In order to make this nginx container accessible for the outside world we use AWS loadbalancing:

  1. create a lb target group
  2. register the ECS  service within this target group
  3. add this target group to a listener

Wrap up

ECS itself is easy to use—no hidden trapdoors, no deep-dive into container technologies whatsoever. Nevertheless, there are some components that need to be there to get a production-ready solution:

  • AWS VPC including networks
  • AWS EC2 instance with ECS Agent
  • AWS Loadbalancer with a listener and a target group
  • AWS IAM roles
  • Proper security groups for the interconnection in the VPC
  • AWS ECS cluster
  • AWS ECS service

Join us!

Interested in Cloud Computing and Containers? Check out our offerings or join us as a Cloud Platform Engineer!

 

2018-11-12T14:59:36+00:00