Slide 1

Slide 1 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. C I T Y N A M E

Slide 2

Slide 2 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Modern Application Design with Containers Marek Kuczynski Sr Solutions Architect - startups Amazon Web Services marekq

Slide 3

Slide 3 text

The 12 factor application Use declarative formats for setup automation, to minimize time and cost for new developers joining the project; Have a clean contract with the underlying operating system, offering maximum portability between execution environments; Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration; Minimize divergence between development and production, enabling continuous deployment for maximum agility; And can scale up without significant changes to tooling, architecture, or development practices.

Slide 4

Slide 4 text

The 12 factor application I. Codebase One codebase tracked in revision control, many deploys II. Dependencies Explicitly declare and isolate dependencies III. Config Store config in the environment IV. Backing services Treat backing services as attached resources V. Build, release, run Strictly separate build and run stages VI. Processes Execute the app as one or more stateless processes VII. Port binding Export services via port binding VIII. Concurrency Scale out via the process model IX. Disposability Maximize robustness with fast startup and graceful shutdown X. Dev/prod parity Keep development, staging, and production as similar as possible XI. Logs Treat logs as event streams XII. Admin processes Run admin/management tasks as one-off processes https://12factor.net/

Slide 5

Slide 5 text

You know what’s great for a 12 factor app?

Slide 6

Slide 6 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon ECS and Fargate

Slide 7

Slide 7 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING A SINGLE CONTAINER

Slide 8

Slide 8 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task EC2 Instance Task Task Task Task RUNNING CONTAINERS

Slide 9

Slide 9 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3 Scheduling and Orchestration Cluster Manager Placement Engine

Slide 10

Slide 10 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS AMI Docker agent ECS agent ECSTask ECSTask ECSTask ECSTask EC2 Instance

Slide 11

Slide 11 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance Scheduling and Orchestration Cluster Manager Placement Engine

Slide 12

Slide 12 text

“Just launch 10 copies of my container distributed across three availability zones and connect them to this load balancer” X 10

Slide 13

Slide 13 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. What about Kubernetes?

Slide 14

Slide 14 text

Elastic Kubernetes Service (EKS) on AWS EKS Key Tenants • Enterprise Class Platform to run production-grade workloads • Native and upstream Kubernetes experience • Seamless integrations with AWS services • Actively contributes to the Kubernetes Community

Slide 15

Slide 15 text

Containers on AWS: various launch options ECS EKS EC2 Fargate EC2 Fargate (to be released this year) 1. Choose your orchestration tool 2. Choose your launch type

Slide 16

Slide 16 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS container services landscape Management Deployment, scheduling, scaling, & management of containerized applications Hosting Where the containers run Amazon Elastic Container Service Amazon Elastic Container Service for Kubernetes Amazon EC2 AWS Fargate Image registry Container image repository Amazon Elastic Container Registry

Slide 17

Slide 17 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. I. Codebase One codebase tracked in revision control, many deploys

Slide 18

Slide 18 text

Deployed Version Code Version Control

Slide 19

Slide 19 text

Staging / QA Production Dev #1 Dev #2

Slide 20

Slide 20 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. II. Dependencies Explicitly declare and isolate dependencies

Slide 21

Slide 21 text

Dependencies Binaries Code Application Bundle

Slide 22

Slide 22 text

Dependency Declaration: Node.js npm install yarn install package.json

Slide 23

Slide 23 text

Dependency Declaration: Python pip install requirements.txt

Slide 24

Slide 24 text

Dependencies Dependencies Binaries Code

Slide 25

Slide 25 text

Dependency Declaration & Isolation: Docker docker build Dockerfile

Slide 26

Slide 26 text

Development Production docker run

Slide 27

Slide 27 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. III. Config Store config in the environment

Slide 28

Slide 28 text

Development Configuration Production Configuration Development Production

Slide 29

Slide 29 text

Development Production Same container deployed to both environments. Configuration is part of the environment on the host.

Slide 30

Slide 30 text

At runtime the container gets config from the environment.

Slide 31

Slide 31 text

Application code pulls from the environment Environment is customized when docker runs a container

Slide 32

Slide 32 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. IV. Backing services Treat backing services as attached resources

Slide 33

Slide 33 text

Amazon S3 PostgreSQL app1 Host app2 3rd party service Treat local services just like remote third party ones

Slide 34

Slide 34 text

PostgreSQL app1 app2 Load balancer Use CNAMES for maximum flexibility and easy reconfiguration postgres.mycompany.com app2.mycompany.com

Slide 35

Slide 35 text

Easily create and maintain custom maps of your applications Before Version 2 After Version 2

Slide 36

Slide 36 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. V. Build, release, run Strictly separate build and run stages

Slide 37

Slide 37 text

Dependencies Binaries Code Build

Slide 38

Slide 38 text

Release Config Release Build Artifact + = Tagged image stored in ECR

Slide 39

Slide 39 text

Amazon Elastic Container Service Config

Slide 40

Slide 40 text

Run Task Definition Release v1 Task Definition Release v2

Slide 41

Slide 41 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. VI. Processes Execute the app as one or more stateless processes

Slide 42

Slide 42 text

Stateful container stores state in local disk or local memory. Workload ends up tied to a specific host that has state data. eu-west-1b Container 1 Disk eu-west-1c -west-1a

Slide 43

Slide 43 text

Stateful data Use services: • Amazon RDS • Elasticache • S3 • SQS • SES • ……

Slide 44

Slide 44 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. VII. Port binding Export services via port binding

Slide 45

Slide 45 text

Port 32456 Port 32457 Port 32458

Slide 46

Slide 46 text

Port 32768 Port 33487 Port 32192 Port 32794 Port 32781 Match: /api/users* Match: /api/auth*

Slide 47

Slide 47 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. VIII. Concurrency Scale out via the process model

Slide 48

Slide 48 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3 Scheduling and Orchestration Cluster Manager Placement Engine

Slide 49

Slide 49 text

Scaling Instance Container 1 Instance Instance Instance Instance Instance + Container 1 Container 1 Container 1 Container 1 Container 1

Slide 50

Slide 50 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. IX. Disposability Maximize robustness with fast startup and graceful shutdown

Slide 51

Slide 51 text

Responsive Graceful Shutdown Fast Launch

Slide 52

Slide 52 text

Fast Launch Minimize the startup time of processes: • Scale up faster in response to spikes • Ability to move processes to another host as needed • Replace crashed processes faster

Slide 53

Slide 53 text

Responsive, Graceful Shutdown Should respond to SIGTERM by shutting down gracefully

Slide 54

Slide 54 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. X. Dev/prod parity Keep development, staging, and production as similar as possible

Slide 55

Slide 55 text

Staging / QA Production Dev #1 Dev #2

Slide 56

Slide 56 text

Local Application Remote Staging / QA Production Dev #1 Dev #2

Slide 57

Slide 57 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. XI. Logs Treat logs as event streams

Slide 58

Slide 58 text

Containerized code writes to stdout Docker connects container’s stdout to a log driver

Slide 59

Slide 59 text

CLOUDWATCH LOGS CONFIGURATION • Use the awslogs driver to send stdout from your application to Cloudwatch logs • Create a log group in Cloudwatch • Configure the log driver in your task definition • Remember to add permissions via the Task Execution Role { "family": "scorekeep", ... "containerDefinitions": [ { "name":“scorekeep-frontend", ... "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group": "scorekeep", "awslogs-region": “us-east-1", "awslogs-stream-prefix": "scorekeep/frontend“}} }, { "name":“scorekeep-api", ... "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group": "scorekeep", "awslogs-region": “us-east-1", "awslogs-stream-prefix": "scorekeep/api"}} } ]} Task Definition

Slide 60

Slide 60 text

CLOUDWATCH LOGS Logs Tab in the Task Detail Page View logs in the ECS or Cloudwatch Console

Slide 61

Slide 61 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. XII. Admin processes Run admin/management tasks as one-off processes

Slide 62

Slide 62 text

Admin / management processes are inevitable: • Migrate database • Repair some broken data • Once a week move database records older than X to cold storage • Every day email a report to this person

Slide 63

Slide 63 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tools for containers

Slide 64

Slide 64 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo

Slide 65

Slide 65 text

Building Blocks for Containerized 12 Factor apps AWS Elastic Beanstalk Amazon SQS Compute AWS X-Ray Developer Tools AWS CodeBuild AWS CodePipeline AWS Cloud9 AWS Fargate Amazon ECS Application Integration Amazon SNS Amazon MQ Logging & Monitoring Amazon CloudWatch AWS CloudTrail Amazon DynamoDB Amazon S3 Storage & Database Amazon ElastiCache Amazon RDS Amazon ECR Amazon EKS Amazon API Gateway Networking & API Proxy Elastic Load Balancing Amazon Route 53 AWS Step Functions

Slide 66

Slide 66 text

Public container roadmap for ECS/ECR/EKS https://github.com/aws/containers-roadmap/projects/1

Slide 67

Slide 67 text

Well architected framework https://aws.amazon.com/architecture/well-architected/

Slide 68

Slide 68 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! Marek Kuczynski marekq