Tweet
Tweet

Slide 1

Slide 1 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. dear aws please run my containers for me t iffa n y je r n ig a n t iffa n y fa y j

Slide 2

Slide 2 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J OUR JOURNEY

Slide 3

Slide 3 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J AMAZON EC2

Slide 4

Slide 4 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J DOCKER EC2 Instance Containers Customers started containerizing applications

Slide 5

Slide 5 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J Containers made it easy to build and scale cloud-native applications

Slide 6

Slide 6 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J Customers needed an easier way to manage large clusters of instances and containers

Slide 7

Slide 7 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J AMAZON ELASTIC CONTAINER SERVICE Cluster Management as a hosted service Scheduling and Orchestration Cluster Manager Placement Engine

Slide 8

Slide 8 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J PRODUCTION WORKLOADS ON AWS DEEP INTEGRATION WITH AWS SERVICES AWS VPC networking mode IAM roles Load Balancers CloudWatch Service Discovery ADVANCED TASK PLACEMENT AND SCHEDULING MANAGE VIA CONSOLE OR CLI

Slide 9

Slide 9 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J BUT CLUSTER MANAGEMENT IS ONLY HALF THE EQUATION… ECS Agent Docker Engine OS EC2 Instance

Slide 10

Slide 10 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scheduling and Orchestration Cluster Manager Placement Engine ECS AMI Docker Engine ECS Agent EC2 Instance ECS AMI Docker Engine ECS Agent EC2 Instance ECS AMI Docker Engine ECS Agent EC2 Instance

Slide 11

Slide 11 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J INTRODUCING AWS FARGATE MANAGED BY AWS No EC2 Instances to provision, scale or manage ELASTIC Scale up & down seamlessly Pay only for what you use INTEGRATED with the AWS ecosystem: VPC Networking, Elastic Load Balancing, IAM Permissions, CloudWatch, Service Discovery, and more

Slide 12

Slide 12 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J AWS CONTAINER SERVICES LANDSCAPE MANAGEMENT Deployment, Scheduling, Scaling & Management of containerized applications HOSTING Where the containers run Amazon Elastic Container Service Amazon Elastic Container Service for Kubernetes Amazon EC2 AWS Fargate IMAGE REGISTRY Container Image Repository Amazon Elastic Container Registry

Slide 13

Slide 13 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J FOCUS FOR THIS TALK MANAGEMENT Deployment, Scheduling, Scaling & Management of containerized applications HOSTING Where the containers run Amazon Elastic Container Service AWS Fargate

Slide 14

Slide 14 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J HOW DO I RUN CONTAINERS ON FARGATE? • Primitives • Compute • Networking • IAM • Container Registries • Cloudformation • Visibility & Monitoring • Storage

Slide 15

Slide 15 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J Define application containers: Image URL, CPU & Memory requirements, etc. register Task Definition create Cluster • Infrastructure Isolation boundary • IAM Permissions boundary run Task • A running instantiation of a task definition • Use FARGATE launch type create Service Elastic Load Balancer • Maintain n running copies • Integrated with ELB • Unhealthy tasks automatically replaced PRIMITIVES

Slide 16

Slide 16 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J RUNNING FARGATE CONTAINERS WITH ECS Use ECS APIs to launch Fargate containers Easy migration – Run Fargate and EC2 launch type tasks in the same cluster Same Task Definition schema

Slide 17

Slide 17 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J { "family": “nginx-demo", "containerDefinitions": [ { "name":“nginx", "image":”nginx" } ] } JSON document Contains a list of up to 10 container definitions All containers are co-located on the same host Each container definition has: • A name • Image URL (Amazon ECR or public images) • And more…stay tuned! Task Definition Snippet TASK DEFINITION

Slide 18

Slide 18 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J COMPUTE

Slide 19

Slide 19 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J CPU & MEMORY { ”cpu": “1 vCPU”, ”memory": “2 gb”, "networkMode": “awsvpc", "compatibilities": [”FARGATE", ”EC2"], "placementConstraints": [], "containerDefinitions": [ { ... Task level resources • Configurable independently (within a range) Dimensions: Task level CPU and memory Per-second billing Task Level Resources

Slide 20

Slide 20 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J TASK CPU & MEMORY CONFIGURATIONS Flexible configuration options – 50 CPU/memory configurations CPU Memory 256 (.25 vCPU) 512MB*, 1GB, 2GB 512 (.5 vCPU) 1GB to 4GB (1GB increments) 1024 (1 vCPU) 2GB to 8GB (1GB increments) 2048 (2 vCPU) 4GB to 16GB (1GB increments) 4096 (4 vCPU) 8GB to 30GB (1GB increments)

Slide 21

Slide 21 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J NETWORKING

Slide 22

Slide 22 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J VPC INTEGRATION Subnet Internet Other Entities in VPC LB DB etc. • AWS VPC Networking Mode – each task gets its own interface • All Fargate Tasks run in customer VPC and subnets • Configure security groups to control inbound & outbound traffic • Public IP support ENI Fargate Task

Slide 23

Slide 23 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J VPC CONFIGURATION { "family": ”nginx-demo", "cpu": "1 vCpu", "memory": "2 gb", "networkMode": "awsvpc", "containerDefinitions": [ { … $ aws ecs run-task ... -- task-definition nginx-demo:1 -- network-configuration “awsvpcConfiguration = { subnets=[subnet1-id, subnet2-id], securityGroups=[sg-id] }” Enables ENI creation & attachment to Task Run Task Task Definition Snippet

Slide 24

Slide 24 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J LOAD BALANCING APPLICATION LOAD BALANCER NETWORK LOAD BALANCER

Slide 25

Slide 25 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J ECS MANAGED SERVICE DISCOVERY • Service registry: • Predictable Names for services • Auto updated with latest, healthy IP, port • Managed: No overhead of installation or monitoring • High availability, high scale • Extensible: Flexible boundaries for auto discovery NEW!

Slide 26

Slide 26 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J IAM

Slide 27

Slide 27 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J PERMISSION TIERS Cluster Permissions Task Role Task Execution Role Cluster Fargate Task CLUSTER Control who can launch/describe tasks in your cluster APPLICATION: TASK ROLE Allows your application containers to access AWS resources securely HOUSEKEEPING: TASK EXECUTION ROLE Allows us to perform housekeeping activities around your task: • ECR Image Pull • CloudWatch Logs pushing • ENI creation • Register/Deregister targets into ELB

Slide 28

Slide 28 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J CONTAINER REGISTRIES

Slide 29

Slide 29 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J REGISTRY SUPPORT 3rd Party Private Repositories (coming soon!) Public Repositories supported Amazon Elastic Container Registry (ECR)

Slide 30

Slide 30 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J CLOUDFORMATION SUPPORT

Slide 31

Slide 31 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J

Slide 32

Slide 32 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J VISIBILITY & MONITORING

Slide 33

Slide 33 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J VISIBILITY AND MONITORING Service-level metrics available CloudWatch Logs CloudWatch Events supported

Slide 34

Slide 34 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J ECS TASK METADATA ENDPOINT • Query environmental data and statistics for running tasks • Enables third party monitoring tools like Datadog, etc. NEW!

Slide 35

Slide 35 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J Define custom health check commands in the ECS Task Definition CONTAINER HEALTH CHECKS NEW!

Slide 36

Slide 36 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J STORAGE

Slide 37

Slide 37 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J STORAGE Writable Layer Storage – 10GB EBS backed non-persistent storage provided in the form of: Volume Storage – 4GB

Slide 38

Slide 38 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J DEMO

Slide 39

Slide 39 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J TAKE AWAYS • Fargate is a launch type within ECS to run containers without having to manage EC2 instances • If you’re debating between EC2 and Fargate mode, start architecting with Fargate. It forces good design practice by keeping your application containers truly independent of the underlying host. • If you think you must have access to the underlying host, think again. • There are some good reasons: special instance type needs, EC2 dedicated instances, utilizing EC2 reserved instances • And tell us about your use case, we want to support it on Fargate! • Start using Fargate today! • Fargate works with most Docker container images • You can run existing task definitions on Fargate with only minor modifications.

Slide 40

Slide 40 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. T I F F A N Y F A Y J WANT TO LEARN MORE? https://aws.amazon.com/fargate/ https://aws.amazon.com/blogs/compute/category/compute/aws-fargate/ https://youtu.be/wrZvlJlcZio https://github.com/aws-samples/eb-java-scorekeep/tree/fargate

Slide 41

Slide 41 text

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. tiffanyfayj http://bit.ly/codeeuropetfj Special thanks to: Deepak Dayama, Anthony Suarez, Archana Srikanta, Dan Gerdesmeier, and many more… THANK YOU