Modern application design with containers

Transcript

1. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. C I T Y N A M E

2. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Modern Application Design with Containers Marek Kuczynski Sr Solutions Architect - startups Amazon Web Services marekq

3. The 12 factor application Use declarative formats for setup automation,

   to minimize time and cost for new developers joining the project; Have a clean contract with the underlying operating system, offering maximum portability between execution environments; Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration; Minimize divergence between development and production, enabling continuous deployment for maximum agility; And can scale up without significant changes to tooling, architecture, or development practices.

4. The 12 factor application I. Codebase One codebase tracked in

   revision control, many deploys II. Dependencies Explicitly declare and isolate dependencies III. Config Store config in the environment IV. Backing services Treat backing services as attached resources V. Build, release, run Strictly separate build and run stages VI. Processes Execute the app as one or more stateless processes VII. Port binding Export services via port binding VIII. Concurrency Scale out via the process model IX. Disposability Maximize robustness with fast startup and graceful shutdown X. Dev/prod parity Keep development, staging, and production as similar as possible XI. Logs Treat logs as event streams XII. Admin processes Run admin/management tasks as one-off processes https://12factor.net/

5. You know what’s great for a 12 factor app?

6. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Amazon ECS and Fargate

7. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. RUNNING A SINGLE CONTAINER

8. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task RUNNING CONTAINERS

9. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3 Scheduling and Orchestration Cluster Manager Placement Engine

10. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. ECS AMI Docker agent ECS agent ECSTask ECSTask ECSTask ECSTask EC2 Instance

11. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance Scheduling and Orchestration Cluster Manager Placement Engine

12. “Just launch 10 copies of my container distributed across three

    availability zones and connect them to this load balancer” X 10

13. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. What about Kubernetes?

14. Elastic Kubernetes Service (EKS) on AWS EKS Key Tenants •

    Enterprise Class Platform to run production-grade workloads • Native and upstream Kubernetes experience • Seamless integrations with AWS services • Actively contributes to the Kubernetes Community

15. Containers on AWS: various launch options ECS EKS EC2 Fargate

    EC2 Fargate (to be released this year) 1. Choose your orchestration tool 2. Choose your launch type

16. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. AWS container services landscape Management Deployment, scheduling, scaling, & management of containerized applications Hosting Where the containers run Amazon Elastic Container Service Amazon Elastic Container Service for Kubernetes Amazon EC2 AWS Fargate Image registry Container image repository Amazon Elastic Container Registry

17. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. I. Codebase One codebase tracked in revision control, many deploys

18. Deployed Version Code Version Control

19. Staging / QA Production Dev #1 Dev #2

20. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. II. Dependencies Explicitly declare and isolate dependencies

21. Dependencies Binaries Code Application Bundle

22. Dependency Declaration: Node.js npm install yarn install package.json

23. Dependency Declaration: Python pip install requirements.txt

24. Dependencies Dependencies Binaries Code

25. Dependency Declaration & Isolation: Docker docker build Dockerfile

26. Development Production docker run

27. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. III. Config Store config in the environment

28. Development Configuration Production Configuration Development Production

29. Development Production Same container deployed to both environments. Configuration is

    part of the environment on the host.

30. At runtime the container gets config from the environment.

31. Application code pulls from the environment Environment is customized when

    docker runs a container

32. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. IV. Backing services Treat backing services as attached resources

33. Amazon S3 PostgreSQL app1 Host app2 3rd party service Treat

    local services just like remote third party ones

34. PostgreSQL app1 app2 Load balancer Use CNAMES for maximum flexibility

    and easy reconfiguration postgres.mycompany.com app2.mycompany.com

35. Easily create and maintain custom maps of your applications Before

    Version 2 After Version 2

36. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. V. Build, release, run Strictly separate build and run stages

37. Dependencies Binaries Code Build

38. Release Config Release Build Artifact + = Tagged image stored

    in ECR

39. Amazon Elastic Container Service Config

40. Run Task Definition Release v1 Task Definition Release v2

41. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. VI. Processes Execute the app as one or more stateless processes

42. Stateful container stores state in local disk or local memory.

    Workload ends up tied to a specific host that has state data. eu-west-1b Container 1 Disk eu-west-1c -west-1a

43. Stateful data Use services: • Amazon RDS • Elasticache •

    S3 • SQS • SES • ……

44. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. VII. Port binding Export services via port binding

45. Port 32456 Port 32457 Port 32458

46. Port 32768 Port 33487 Port 32192 Port 32794 Port 32781

    Match: /api/users* Match: /api/auth*

47. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. VIII. Concurrency Scale out via the process model

48. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3 Scheduling and Orchestration Cluster Manager Placement Engine

49. Scaling Instance Container 1 Instance Instance Instance Instance Instance +

    Container 1 Container 1 Container 1 Container 1 Container 1

50. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. IX. Disposability Maximize robustness with fast startup and graceful shutdown

51. Responsive Graceful Shutdown Fast Launch

52. Fast Launch Minimize the startup time of processes: • Scale

    up faster in response to spikes • Ability to move processes to another host as needed • Replace crashed processes faster

53. Responsive, Graceful Shutdown Should respond to SIGTERM by shutting down

    gracefully

54. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. X. Dev/prod parity Keep development, staging, and production as similar as possible

55. Staging / QA Production Dev #1 Dev #2

56. Local Application Remote Staging / QA Production Dev #1 Dev

    #2

57. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. XI. Logs Treat logs as event streams

58. Containerized code writes to stdout Docker connects container’s stdout to

    a log driver

59. CLOUDWATCH LOGS CONFIGURATION • Use the awslogs driver to send

    stdout from your application to Cloudwatch logs • Create a log group in Cloudwatch • Configure the log driver in your task definition • Remember to add permissions via the Task Execution Role { "family": "scorekeep", ... "containerDefinitions": [ { "name":“scorekeep-frontend", ... "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group": "scorekeep", "awslogs-region": “us-east-1", "awslogs-stream-prefix": "scorekeep/frontend“}} }, { "name":“scorekeep-api", ... "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group": "scorekeep", "awslogs-region": “us-east-1", "awslogs-stream-prefix": "scorekeep/api"}} } ]} Task Definition

60. CLOUDWATCH LOGS Logs Tab in the Task Detail Page View

    logs in the ECS or Cloudwatch Console

61. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. XII. Admin processes Run admin/management tasks as one-off processes

62. Admin / management processes are inevitable: • Migrate database •

    Repair some broken data • Once a week move database records older than X to cold storage • Every day email a report to this person

63. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Tools for containers

64. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo

65. Building Blocks for Containerized 12 Factor apps AWS Elastic Beanstalk

    Amazon SQS Compute AWS X-Ray Developer Tools AWS CodeBuild AWS CodePipeline AWS Cloud9 AWS Fargate Amazon ECS Application Integration Amazon SNS Amazon MQ Logging & Monitoring Amazon CloudWatch AWS CloudTrail Amazon DynamoDB Amazon S3 Storage & Database Amazon ElastiCache Amazon RDS Amazon ECR Amazon EKS Amazon API Gateway Networking & API Proxy Elastic Load Balancing Amazon Route 53 AWS Step Functions

66. Public container roadmap for ECS/ECR/EKS https://github.com/aws/containers-roadmap/projects/1

67. Well architected framework https://aws.amazon.com/architecture/well-architected/

68. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Thank you! Marek Kuczynski marekq