ECS

Introduction

• Elastic Container Service (ECS) manages Docker applications across a cluster. It's regional.

Feature

• Task Definition

  • Specify one or more containers, including:

    • Docker repository and image

    • memory and CPU

    • shared data volumes

    • Network mode:

      • none

      • bridge (default): utilizes Docker's built-in virtual network which runs inside the instance.

      • awsvpc: each task is allocated an ENI, and must have a NetworkConfiguration for the ECS service. (provides more control over bridge mode)

      • host: bypasses virtual network to the instance's network directly. Can't run multiple instantiations of the same task on a single container instance when port mappings are used.

• ECS Cluster can contain multiple different container instance types.

• Can create IAM policies for Clusters, Task Execution roles.

• Schedule ECS in 2 ways:

  • Service Scheduler

  • Custom Scheduler

• Can use ECS agent (Linux only) to connect to EC2 instances of the Cluster.

• Security Groups operate at instance level, not at the task or container level.

• ECS can't be the origin of CloudFront.

Reference

• Docker

  • Packages code, configurations, dependencies into containers (standard units).

  • Docker is infinitely scalable so running docker on AWS is a great way to run distributed applications at any scale.

  • Strength:

    • No more dependency hell

    • Consistent progression from DEV -> TEST -> QA -> UAT -> PROD

    • Isolation (applications are devided into different containers)

    • Extreme code portability

    • Microservices

• Virtualization vs Contrainerization: