Containers on AWS: ECS, Fargate, ECR & EKS

Question 1

Amazon ECS - EC2 Launch Type

Answer 1

Elastic Container Service
Launch docker containers on AWS
= Launch ECS Tasks on ECS clusters

EC2 Launch Type - Provision & maintain the infrastructure (EC2 instances)

Each EC2 instance needs ECS agent to register in the ECS cluster

AWS starts/stops containers

Question 2

ECS Architecture - EC2 Launch Type

Answer 2

ECS Cluster -> EC2 instances -> ECS Agent in instances -> each new container is placed in EC2 instance

Question 3

ECS - Fargate Launch Type

Answer 3

Launch docker containers on AWS

No provisioning infrastructure

Serverless

Just create task definitions

AWS runs ECS Tasks for you based on CPU / RAM you need

To scale - increase number of tasks

Question 4

ECS - IAM Roles for ECS

Answer 4

EC2 instance profile (EC2 launch type only)
- used by ECS
- makes API calls to ECS
- send container logs to CLoudWatch
- pull docker image from ECR
- reference sensitive data in secrets manager or SSM parameter store.

ECS Task Role
- allows each task to have specific role
- use different roles for different ECS Services you run

Question 5

ECS Load Balancer Integrations

Answer 5

ALB in front of the ECS Cluster which holds EC2 instances

Question 6

Which Load Balancer is recommended for ECS?

Answer 6

Application Load balancer for most use cases

Network Load Balancer for high throughput/high performance use or to pair with AWS private Link

Question 7

Data Volumes (EFS) for ECS

Answer 7

EFS is able to be used with an ECS Cluster, works for both EC2 and Fargate launch types, and it mounts directly onto the EC2 instance & Fargate

Question 8

Benefit of using EFS with ECS?

Answer 8

Tasks running in any AZ will share the same data in EFS system

Question 9

Ultimate combo for ECS and data volume?

Answer 9

Fargate and EFS = serverless

Question 10

Use cases for EFS in ECS?

Answer 10

multi AZ persistent shared storage for containers

Question 11

What can you NOT do with S3 and ECS?

Answer 11

cannot use S3 as a mounted file system

Question 12

ECS Service Auto Scaling

Answer 12

auto increase/decrease desired number of ECS tasks

ECS auto scaling uses AWS app Auto Scaling
- ECS service Average CPU Utilisation
- ECS Service Average Memory Utilisation - Scale on RAM
- ALB Request count per target - metric coming from ALB

Question 13

What is ECS Target Tracking?

Answer 13

scale based on target value for a specific CloudWatch metric

Question 14

What is ECS Step scaling

Answer 14

scale on specified CLoudWatch Alarm

Question 15

Scheduled scaling in ECS

Answer 15

scale based on a specific date/time (predictable changes)

Question 16

EC2 Launch Type - Auto Scaling EC2 Instances

Answer 16

ASG Scaling
- based on CPU util
- add EC2 instances over time

ECS Cluster Capacity Provider
- used to automatically provision and scale the infrastructure for your ECS Tasks
- capacity provider paired with an ASG
- Add EC2 instances when you’re missing capacity (CPU, RAM)

Question 17

ECS Tasks invoked by Event Bridge

Answer 17

You have Region(VPC(ECS Cluster(AWS Fargate)))

Client uploads object in S3, Event gets sent to Amazon EventBridge which creates new ECS task. ECS task has a role, and its task is to access S3 & DynamoDB. Then the result is saved in AmazonDB

Question 18

ECS tasks invoked by Event Bridge Schedule

Answer 18

For example every 1 hour EventBridge runs an ECS task within AWS fargate in the ECS cluster

Question 19

ECS SQS Queue example

Answer 19

Messages get sent in SQS queue, poll messages to Service A which is within an ECS Service Auto Scaling group

Question 20

Amazon ECR (Elastic Container Registry)

Answer 20

Store and manage docker images on AWS

Private and Public repo (ECR Public Gallery)

Full integration with ECS, backed by S3

IAM access

Supports image vuln scanning, versioning, image tags, images lifecycle

Question 21

How to use ECR with ECS cluster

Answer 21

ECR repo with 2 docker images.

ECS cluster with EC2 instance and 3 containers, each container pulls the image from the ECR repo

Question 22

Amazon EKS

Answer 22

Amazon Elastic Kubernetes Service

Question 23

What is EKS used for

Answer 23

launch managed Kubernetes cluster on AWS

Question 24

EKS vs ECS

Answer 24

similar but use different API

Question 25

When is EKS good to be used for?

Answer 25

If your company is already using Kubernetes on-prem

Question 26

EKS Node Types

Answer 26

Managed Node Groups
- AWS manages them
- Part of ASG managed by EKS
- Supports on demand & spot instances

Self-Managed Nodes
- created by you, registered to EKS cluster and managed by ASG
- can use prebuilt AMI - EKS Optimised AMI
- supports on-demand & spots

AWS Fargate
- no maintenance required- no nodes managed

Question 27

Amazon EKS - Data Volumes

Answer 27

Specify StorageClass manifest on EKS cluster

Leverage Container Storage Interface (CSI)

Supports
- EBS
- EFS (Fargate)
- FSx for Lustre
- FSx for NetApp ONTAP

Question 28

AWS App Runner

Answer 28

managed service that deploys web app and APIs at scale

No infra exp required

start with source code or container image

automatically builds and deploys web app

Question 29

Benefits of AWS App Runner

Answer 29

HA
LB
Encryption
VPC access support
Connect DB, cache, message queue service