Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Running Docker images in AWS Fargate

1e2ead439777ff94d9b2dd11a0607e01?s=47 Wolf Paulus
October 12, 2019

Running Docker images in AWS Fargate

Allow me to tell you a story, a story about a simple web-service that answers only one question: if a given number is prime.

The core problem is first solved with a Java class, which is then wrapped into a WebServlet and tested within a web server environment. The web server, however, does not get directly installed, but a docker image is created, containing all the mentioned components.

Eventually, the docker container is pushed into AWS ECR, a container registry, from which it is deployed and run. Using AWS ECS and Fargate, the simple service is finally made public and available to the world, scalable, all without having to manage servers or clusters.

Well, this is not about story telling of course, nor will I focus too much on Web-Services or Docker, still, as a starting point, we want to create a simple Web-Service, implemented in Java and made available via Tomcat. This web server will then be put into a docker container and stored at the Amazon Elastic Container Registry (ECR), a private, but fully-managed container registry that makes it easy for developers to store, manage, and deploy Docker container images... But that's just the the beginning, the focus will then be on AWS ECS and Fargate, a compute engine for Amazon ECS allowing you to run containers without having to manage servers or clusters.

All of this is done in code, i.e. not using the AWS Web UI. Of course all the code and shell scripts are demo-ed in this hands-on session .. and shared on github.

I expect that you'll leave the session with a good understand of what AWS ECR, AWS ECS, and Fargate are all about and with a motivation to try it out and run your own docker container in fargate, making it available to your users, customers, or the world.

1e2ead439777ff94d9b2dd11a0607e01?s=128

Wolf Paulus

October 12, 2019
Tweet

More Decks by Wolf Paulus

Other Decks in Technology

Transcript

  1. Wolf Paulus Serverless

  2. Wolf Paulus | https://wolfpaulus.com From the Docks to the Gate

    Posted on September 7, 2019 by Wolf Paulus https://wolfpaulus.com/dock-to-gate/
  3. Wolf Paulus | https://wolfpaulus.com AWS Lambda or AWS Fargate: The

    Step-by-Step Guide to Choosing the Right Technology https://medium.com/greenm/aws-lambda-or-aws-fargate-the-step-by-step-guide-to-choosing-the-right-technology-925ebcf89b7c https://aws.amazon.com/fargate/pricing/
  4. Wolf Paulus | https://wolfpaulus.com 1. Java class that determines if

    a given number is a prime number 2. Turn this class into a Web Service 3. Run the Web Service locally within Apache Tomcat 4. Create a Docker image (Tomcat 9.0.26, Java JDK 11.04, web-service) 5. Run the docker container locally 6. Store the docker image in AWS Elastic Container Registry (ECR) 7. Launch a docker container in Fargate / AWS Elastic Container Service
  5. Wolf Paulus | https://wolfpaulus.com AWS Fargate is Amazon’s solution to

    run docker containers without managing any servers for container orchestration. However, Fargate is actually just one way of running containers in Amazon ECS. 
 ECS supports both running containers on EC2 instances and with Fargate. Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high- performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Fargate relies on docker containers to run an application. The containers run as ECS Tasks (similar to a Pod in Kubernetes). Tasks are managed by Services and services can be set up with an Elastic Load Balancer to receive external traffic over HTTP. Those tasks are persistent, i.e. will continue to run even if no requests are received. Therefore, there is no warmup time caused by Fargate. ECS Tasks can also be configured to run on a schedule or as the result of CloudWatch events. This allows the use of ECS Tasks for jobs that do not require a persistent docker container.
  6. Wolf Paulus | https://wolfpaulus.com Running a Docker Container in AWS

    Fargate Prerequisites AWS account set up with credentials stored in ~/.aws/credentials Software components installed: • Docker • Java • gradle (brew install gradle) • git (brew install git) • aws-cli (brew install awscli) • ecs-cli (brew install amazon-ecs-cli) • httpie (brew install httpie) Running the container locally cd ~/ git checkout https://github.com/wolfpaulus/dock2gate.git gradle war docker build -t tomcatprime . docker-compose up -d http localhost/isPrime/17
  7. Wolf Paulus | https://wolfpaulus.com Amazon Elastic Container Registry (ECR) is

    a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images 1.) Creating a ECR Repository aws ecr create-repository --repository-name $REPO_NAME --region $REGION --profile $PROFILE 2.) Update the variables in the shell script .. update ./ecr_push.sh variables 3.) Execute the shell script ./ecr_push.sh
  8. Wolf Paulus | https://wolfpaulus.com

  9. Wolf Paulus | https://wolfpaulus.com Heading out the Fargate

  10. Wolf Paulus | https://wolfpaulus.com Executing ./setup.sh will:
 • create the

    Task-execution Role • attach the task execution role policy • create an Amazon ECS empty cluster, 
 implicitly also a VPC configured with two public subnets • create a security Group, authorizing network access Heading out the Fargate INTUL168820d95:implicit wpaulus$ ./setup.sh [*] [13:28:59] { "Role": { "Path": "/", "RoleName": "fargateTaskExecutionRoleV1", "RoleId": "AROASTEGIYUJBGLGMNIKM", "Arn": "arn:aws:iam::178522735890:role/fargateTaskExecutionRoleV1", "CreateDate": "2019-09-22T20:28:58Z", "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "Service": "ecs-tasks.amazonaws.com" }, "Action": "sts:AssumeRole" } ] } } } [*] [13:29:00] 'AmazonECSTaskExecutionRolePolicy' attached to role: 'fargateTaskExecutionRoleV1'. INFO[0001] Created cluster cluster=prime-cluster region=us-west-2 INFO[0002] Waiting for your cluster resources to be created... INFO[0003] Cloudformation stack status stackStatus=CREATE_IN_PROGRESS VPC created: vpc-019d99766e8206dbc Subnet created: subnet-0424c8c430c25775d Subnet created: subnet-073630f71b3e59355 Cluster creation succeeded. [*] [13:30:06] VPC created with VpcId: 'vpc-019d99766e8206dbc'. [*] [13:30:07] 'fargateSecurityGroupV1' Security Group with ID 'sg-061addad26fce2cfa' created.
  11. Wolf Paulus | https://wolfpaulus.com 2.) executing ./launch will: • Calls

    ecs-cli compose service up, 
 which creates the service and the task inside, also implicitly creates a VPC • Calls ecs-cli ps, 
 which will expose the DNS name or IP address. 1.) update ./ecs-params.yml file: • Update subnets • Update security group Heading out the Fargate INTUL168820d95:implicit wolf$ ./launch.sh WARN[0000] Skipping unsupported YAML option for service... option name=restart service name=prime-cluster INFO[0000] Using ECS task definition TaskDefinition="implicit:3" WARN[0001] Failed to create log group prime in us-west-2: The specified log group already exists WARN[0001] No log groups to create; no containers use 'awslogs' INFO[0001] Created an ECS service service=implicit taskDefinition="implicit:3" INFO[0002] Updated ECS service successfully desiredCount=1 force-deployment=false service=implicit INFO[0017] (service implicit) has started 1 tasks: (task 44301872-1196-4b36-9426-943904104d01). timestamp="2019-09-22 20:41:59 +0000 UTC" INFO[0048] Service status desiredCount=1 runningCount=1 serviceName=implicit INFO[0048] (service implicit) has reached a steady state. timestamp="2019-09-22 20:42:40 +0000 UTC" INFO[0048] ECS Service has reached a stable state desiredCount=1 runningCount=1 serviceName=implicit Name State Ports TaskDefinition Health 44301872-1196-4b36-9426-943904104d01/prime-cluster RUNNING 34.219.6.186:80->80/tcp implicit:3 UNKNOWN
  12. Wolf Paulus | https://wolfpaulus.com Heading out the Fargate

  13. Wolf Paulus | https://wolfpaulus.com 1. Java class that determines if

    a given number is a prime number 2. Turn this class into a Web Service 3. Run the Web Service locally within Apache Tomcat 4. Create a Docker image (Tomcat 9.0.26, Java JDK 11.04, web-service) 5. Run the docker container locally 6. Store the docker image in AWS Elastic Container Registry (ECR) 7. Launch a docker container in Fargate / AWS Elastic Container Service
  14. Wolf Paulus | https://wolfpaulus.com Thanks https://wolfpaulus.com/dock-to-gate/ https://github.com/wolfpaulus/dock2gate