What is Docker?
β’ Docker is a software development platform to deploy apps
β’ Apps are packaged in containers that can be run on any OS
β’ Apps run the same, regardless of where theyβre run
β’ Any machine
β’ No compatibility issues
β’ Predictable behavior
n β’ Less work
β’ Easier to maintain and deploy
β’ Works with any language, any OS, any technology
β’ Use cases: microservices architecture, lift-and-shift apps from on- premises to the AWS cloud, β¦
Docker on an OS
Where are Docker images stored?
β’ Docker images are stored in Docker Repositories
β’ Docker Hub (https://hub.docker.com)
β’ Public repository
β’ Find base images for many technologies or OS (e.g., Ubuntu, MySQL, β¦)
β’ Amazon ECR (Amazon Elastic Container Registry)
β’ Private repository
β’ Public repository (Amazon ECR Public Gallery https://gallery.ecr.aws)
Docker vs. Virtual Machines
β’ Docker is βsort ofβ a virtualization technology, but not exactly
β’ Resources are shared with the host => many containers on one server
Getting Started with Docker
Docker Containers Management on AWS
β’ Amazon Elastic Container Service (Amazon ECS)
β’ Amazonβs own container platform
β’ Amazon Elastic Kubernetes Service (Amazon EKS)
β’ Amazonβs managed Kubernetes (open source)
β’ AWS Fargate
β’ Amazonβs own Serverless container platform
β’ Works with ECS and with EKS
β’ Amazon ECR:
β’ Store container images
Amazon ECS - EC2 Launch Type
Amazon ECS makes it easy to deploy, manage, and scale Docker containers running applications, services, and batch processes.
β’ ECS = Elastic Container Service
β’ Launch Docker containers on AWS = Launch ECS Tasks on ECS Clusters
β’ EC2 Launch Type: you must provision & maintain the infrastructure (the EC2 instances)
β’ Each EC2 Instance must run the ECS Agent to register in the ECS Cluster
β’ AWS takes care of starting / stopping containers
Amazon ECS β Fargate Launch Type
β’ Launch Docker containers on AWS
β’ You do not provision the infrastructure (no EC2 instances to manage)
β’ Itβs all Serverless!
β’ You just create task definitions
β’ AWS just runs ECS Tasks for you based on the CPU / RAM you need
β’ To scale, just increase the number of tasks. Simple - no more EC2 instances
Amazon ECS β IAM Roles for ECS
β’ EC2 Instance Profile (EC2 Launch Type only):
β’ Used by the ECS agent
β’ Makes API calls to ECS service
β’ Send container logs to CloudWatch Logs
β’ Pull Docker image from ECR
β’ Reference sensitive data in Secrets Manager or SSM Parameter Store
β’ ECS Task Role:
β’ Allows each task to have a specific role
β’ Use different roles for the different ECS Services you run
β’ Task Role is defined in the task definition
Amazon ECS β Load Balancer Integrations
β’ Application Load Balancer supported and works for most use cases
β’ Network Load Balancer recommended only for high throughput / high performance use cases, or to pair it with AWS Private Link
β’ Elastic Load Balancer supported but not recommended (no advanced features β no Fargate)
Amazon ECS β Data Volumes (EFS)
β’ Mount EFS file systems onto ECS tasks
β’ Works for both EC2 and Fargate launch types
β’ Tasks running in any AZ will share the same data in the EFS file system
β’ Fargate + EFS = Serverless
β’ Use cases: persistent multi-AZ shared storage for your containers
β’ Note:
β’ Amazon S3 cannot be mounted as a file system
ECS Service Auto Scaling
β’ Automatically increase/decrease the desired number of ECS tasks
β’ Amazon ECS Auto Scaling uses AWS Application Auto Scaling
β’ ECS Service Average CPU Utilization
β’ ECS Service Average Memory Utilization - Scale on RAM
β’ ALB Request Count Per Target β metric coming from the ALB
β’ Target Tracking β scale based on target value for a specific CloudWatch metric
β’ Step Scaling β scale based on a specified CloudWatch Alarm
β’ Scheduled Scaling β scale based on a specified date/time (predictable changes)
β’ ECS Service Auto Scaling (task level) β EC2 Auto Scaling (EC2 instance level)
β’ Fargate Auto Scaling is much easier to setup (because Serverless)
EC2 Launch Type β Auto Scaling EC2 Instances
β’ Accommodate ECS Service Scaling by adding underlying EC2 Instances
β’ Auto Scaling Group Scaling
β’ Scale your ASG based on CPU Utilization
β’ Add EC2 instances over time
β’ ECS Cluster Capacity Provider
β’ Used to automatically provision and scale the infrastructure for your ECS Tasks
β’ Capacity Provider paired with an Auto Scaling Group
β’ Add EC2 Instances when youβre missing capacity (CPU, RAMβ¦)
ECS Rolling Updates
β’ When updating from v1 to v2, we can control how many tasks can be started and stopped, and in which order
ECS Rolling Update β Min 50%, Max 100%
β’ Starting number of tasks: 4
ECS tasks invoked by Event Bridge
ECS tasks invoked by Event Bridge Schedule
β’ ECR = Elastic Container Registry
β’ Store and manage Docker images on AWS
β’ Private and Public repository (Amazon ECR Public Gallery https://gallery.ecr.aws)
β’ Fully integra\ted with ECS, backed by Amazon S3
β’ Access is controlled through IAM (permission errors => policy)
β’ Supports image vulnerability scanning, versioning, image tags, image lifecycle, β¦
Amazon EKS Overview
β’ Amazon EKS = Amazon Elastic Kubernetes Service
β’ It is a way to launch managed Kubernetes clusters on AWS
β’ Kubernetes is an open-source system for automatic deployment, scaling and management of containerized (usually Docker) application
β’ Itβs an alternative to ECS, similar goal but different API
β’ EKS supports EC2 if you want to deploy worker nodes or Fargate to deploy serverless containers
β’ Use case: if your company is already using Kubernetes on-premises or in another cloud, and wants to migrate to AWS using Kubernetes
β’ Kubernetes is cloud-agnostic (can be used in any cloud β Azure, GCPβ¦)
β’ For multiple regions, deploy one EKS cluster per region
