AWS re:Invent re:Cap - Amazon ECS Express Mode

Transcript

1. Amazon ECS Express Mode Production-grade deployments in minutes Jeroen Reijn

2. Evolution of ECS Launched 2014 Autoscaling 2015 ALB support 2016

   Fargate 2017 ECS Exec 2021 Farget EBS integration 2024 Managed Instances ECS Express Mode 2025 https://aws.amazon.com/blogs/aws/celebrating-10-years-of-amazon-ecs-powering-a-decade-of-containerized-innovation/
3. None

4. Simplification

5. Components required / Complexity • ALB • ALB Listener rule

   • ALB Target Groups • ALB Security Group • ACM Certificates • ECS Cluster • ECS Task Definition • ECS Service • ECS Service Security Group • ECS Service Deployment • CloudWatch Rollback Alarm • CloudWatch Log Groups • Route53 Hosted Zone • Application AutoScaling Policy • VPC • VPC Security Groups • Subnets • ..

6. Out of the box experience

7. Intended Audience • Web applications and APIs - Stateless containerized

   applications that serve HTTP requests • Rapid prototyping - Quickly deploy and test applications without infrastructure setup overhead • Developer productivity - Enable application teams to deploy independently without deep AWS knowledge • Platform team efficiency - Reduce maintenance overhead by providing self-service deployment capabilities

8. Amazon ECS Express Mode - promises • Simplified deployment -

   Deploy with production-ready defaults in a single command. • No compromise on capabilities - Full access to underlying AWS resources when needed. • Cost optimization - Shares Application Load Balancers across services to reduce costs. • Transparent infrastructure - All resources visible and accessible in your AWS account.

9. Getting started • Container image • Task role • Infrastructure

   role
10. None
11. None

12. Infrastructure As Code

13. Task IAM Role

14. Infrastructure IAM Role

15. Creating the Express Mode Service

16. None

17. Sensible defaults

18. What can you customize? On creation

19. https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-ecs-expressgatewayservice.html

20. How to reach individual components?

21. Return values • ECSManagedResourceArns.AutoScaling.ApplicationAutoScalingPolicies • ECSManagedResourceArns.AutoScaling.ScalableTarget • ECSManagedResourceArns.IngressPath.CertificateArn • ECSManagedResourceArns.IngressPath.ListenerArn

    • ECSManagedResourceArns.IngressPath.ListenerRuleArn • ECSManagedResourceArns.IngressPath.LoadBalancerArn • ECSManagedResourceArns.IngressPath.LoadBalancerSecurityGroups • ECSManagedResourceArns.IngressPath.TargetGroupArns • ECSManagedResourceArns.LogGroups • ECSManagedResourceArns.MetricAlarms • ECSManagedResourceArns.ServiceSecurityGroups • Endpoint

22. Getting the your application URL

23. Attaching a WAF to your ALB

24. Resource state management

25. L3 Constructs vs Express Mode

26. None

27. ECS Express Mode vs AppRunner?

28. How do they compare? (1/2) Express Mode • Quick implementation

    with full access to resources • Uses Fargate * • ALB in own control • Container image • PaaS with full control App Runner • Quick, but fully managed by AWS with no access • Uses Fargate • ALB is built-in • Container image or source • Ease of use with zero-ops

29. How do they compare? (2/2) Express Mode • Tasks run

    in your VPC • Use AWSVPC network mode • Easier to migrate to full ECS version App Runner • Task run in AWS Managed VPC • Requires connector for communication to VPC resources

30. Summary • Greatly Simplified deployment – For specific workloads and

    teams. • Full Access to underlying AWS resources – Full control from the AWS Console, Limited via IaC • State management – Moves from IaC to AWS • Cost optimization – Sharing the ALB is great even from IaC perspective. • Transparent infrastructure - All resources are visible and accessible in your AWS account.

31. Thank you! Jeroen Reijn Cloud Solutions Architect [email protected] www.luminis.eu Please

    complete the session survey in the mobile app Please complete the session survey by scanning the QR code