© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Dr. Frank Munz Technical Evangelist, AWS @frankmunz Getting Started with Containers in the Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. About me • Software Architect / DevOps Engineer • Technical Evangelist @ AWS • Published an AWS book (some years ago) • Containers, and a sprinkle of ML & big / fast data @frankmunz

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda 1. Containers (demo) 2. Microservices 3. AWS ECS 4. AWS EKS 5. Service Mesh and CNCF Projects

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo Time!

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What are containers? A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. A popular, widely-used container platform is Docker. More on that here: https://www.docker.com

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Microservices

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What are Microservices? Developing a single application as • Suite of small services • Each running in its own process / owns it‘s data • Communicating with lightweight mechanisms (Definition: M. Fowler / J. Lewis) https://martinfowler.com/articles/microservices.html

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Splitting the Monolith – A. Cockroft @ AWS https://youtu.be/aBcG57Gw9k0

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Technical Challenges SW-Architecture HW / Network Tools How to split a monolith? Database CQRS / Event Sourcing Containers + Serverless + Cloud Services CI / CD Code Repositories IDEs gRPC / REST / SOAP Network Latency CPU Speed

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Organisational Challenge

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers at Scale

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. We’ve had customers running Docker on EC2 from the very beginning… EC2

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. But there were pain points. Things like scheduling, placing, managing and deploying containers were difficult. They wanted something to make those pain points better.

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. + Managing many containers is hard

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. So we built ECS

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS Easiest way to deploy and manage containers at scale Integration with entire AWS platform ALB, Auto Scaling, Batch, Elastic Beanstalk, CloudFormation, CloudTrail, CloudWatch Events, CloudWatch Logs, CloudWatch Metrics, ECR, EC2 Spot, IAM, NLB, Parameter Store, and VPC Scales to support clusters of any size Service integrations (like ALB and NLB) are at container level 1 2 3

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon ECS EC2 INSTANCES ECS AGENT TASK Containers TASK ECS AGENT TASK TASK AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK TASK Internet LOAD BALANCER LOAD BALANCER Containers Containers

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. … therefore we built Fargate

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What does Fargate mean? No worrying about scaling, underlying infrastructure, cluster resources, capacity, setup. Just give it a task definition, set some resource limits, and away you go.

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. So you want to run a (managed) container on AWS Choose your orchestration tool 1 Choose your launch type 2 ECS EKS EC2 Fargate EC2 Fargate (announced)

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 160 billion analytics events per month Up to 270,000 events per second Autoscaling allows them to burst to thousands of containers to seamlessly handle demand ECS

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Kubernetes enters the stage

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. … and devops love Kubernetes

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is Kubernetes (K8s)? Open source container management platform Helps you run containers at scale Gives you primitives for building modern applications

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. “Run Kubernetes for me.”

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. So we built EKS!

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone 1 Availability Zone 2 Availability Zone 3 Kubectl EKS Architecture

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKS is Kubernetes Certified + Heptio IAM Authenticator (open sourced) VPC Networking (open sourced)

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKS: Standard console and kubectl CLI

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. https://eksctl.io/ Tip: Easy way to create an EKS cluster: $ eksctl create cluster --name eks-test --nodes 3

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS ECS or EKS? On-prem and cloud workloads, open-source affinity, CNCF projects, already bought into K8s: AWS EKS Tight integration with AWS cloud, very large clusters: AWS ECS. Use Fargate mode if you don‘t want to manage your hosts yourself

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. There comes more with K8s (and it runs on EKS!)

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Service Meshes

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Open Source Istio Service Mesh with Envoy Proxy Add a 5s delay to 10% of all requests

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Istio Service Mesh with Envoy Proxy • Connect, secure, and observe services • Istio control plane + Envoy data plane • Envoy proxy as sidecar in pods • Automatic injection with AWS EKS • Level 7 proxy • HTTP, HTTP/2, gRPC, AWS Dynamo DB, MongoDB • C++11 , 8 MB

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CNCF Jaeger

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CNCF Grafana

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CNCF Servicegraph

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Customers

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Snap @AWS Summit in New York 2018 https://youtu.be/mCVdcz01Z-g?t=2052

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Conclusion • Architect wisely. Consider AWS ECS or Kubernetes and cloud services • Running Kubernetes is hard, use a managed K8s service like AWS EKS • AWS EKS is unforked, upstream K8s • CNCF projects complement K8s • They work with AWS EKS. You can install open-source Istio with Envoy as a helm chart. It ties into Jaeger, Grafana etc. • Run your containers in the cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. References Ø Getting Started with Istio on Amazon EKS https://aws.amazon.com/blogs/opensource/getting-started-istio-eks/ Ø EKS Workshop (K8s, Helm, CI/CD, Grafana, Kabana) https://eksworkshop.com/introduction/ Ø AWS EKS Documentation https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html Ø Introduction to modern network load balancing and proxying https://blog.envoyproxy.io/introduction-to-modern-network-load-balancing-and-proxying-a57f6ff80236 Ø Istio Book https://www.manning.com/books/istio-in-action Ø InfoQ: Microservices in a Post-Kubernetes Era https://www.infoq.com/articles/microservices-post-kubernetes Ø Istio: Will a Service Mesh become the new Service Bus? (AWS EKS) https://www.youtube.com/watch?v=fDmJf9kWFws Some of these slides are based on a slide deck from @abbyfuller

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Getting Started: EKS Workshop https://eksworkshop.com/

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Open-source Istio and Enovy on AWS EKS https://www.youtube.com/watch?v=fDmJf9kWFws

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Dr. Frank Munz Technical Evangelist, AWS Thank you! @frankmunz