SlideShare a Scribd company logo

Amazon ECS (March 2016)

Julien SIMON
Julien SIMON

This document summarizes a presentation on clustering Docker containers on AWS using Amazon ECS and ECR. It provides an overview of the requirements for modern cluster orchestration and introduces Amazon ECS and ECR. It also includes case studies from companies like Coursera and Meteor that used ECS to focus on development rather than managing clusters. The presentation concludes with demonstrations of creating and scaling an ECS cluster, running a sample app, and load balancing microservices across random ports.

Related slideshows

Building a Serverless Pipeline
Building a Serverless PipelineBuilding a Serverless Pipeline
Building a Serverless Pipeline
 
Hands-on with AWS IoT
Hands-on with AWS IoTHands-on with AWS IoT
Hands-on with AWS IoT
 
Workshop: Building Containerized Swift Applications on Amazon ECS
Workshop: Building Containerized Swift Applications on Amazon ECSWorkshop: Building Containerized Swift Applications on Amazon ECS
Workshop: Building Containerized Swift Applications on Amazon ECS
 
1 of 26
Download to read offline
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Docker Grenoble, 13/01/2016 Docker Lyon, 14/01/2016 Docker Nantes, 18/01/2016 Docker Rennes, 01/03/2016 Clustering Docker on AWS with Amazon ECR & ECS Julien Simon, Principal Technical Evangelist @julsimon
The problem Given a certain amount of processing power and memory, how can we best manage an arbitrary number of apps running in Docker containers? http://tidalseven.com
Requirements for modern cluster orchestration Distributed state management Scalable scheduling Built-in high availability Amazon EC2 Container Service (ECS) Launched in 04/2015 https://aws.amazon.com/ecs/ No additional charge J Amazon EC2 Container Registry (ECR) Launched in 12/2015 https://aws.amazon.com/ecr/ Free tier: 500MB / month for a year $0.10 / GB / month + outgoing traffic
https://github.com/aws/amazon-ecs-init https://github.com/aws/amazon-ecs-agent http://www.allthingsdistributed.com/2015/07/under-the-hood-of-the-amazon-ec2-container-service.html
Case study: Coursera https://www.youtube.com/watch?v=a45J6xAGUvA “Amazon ECS enabled Coursera to focus on releasing new software rather than spending time managing clusters” Frank Chen, Software Engineer
Case study: Meteor https://www.youtube.com/watch?v=xIc3WT6kAVw “Can we scale the amount of compute resources necessary to run all our customers’ apps? Can we scale the mechanics of coordinating all those pieces? Using AWS, we can answer ‘yes’ to both” - Matt DeBergalis, Cofounder & VP Product
Case study: Remind “Moving to Amazon ECS significantly improved our service performance” Jason Fischl, VP of Engineering https://www.youtube.com/watch?v=8zbbQkszP04
DEMO #1 Demo gods, I’m your humble servant, please be good to me Using the ‘aws’ and ‘ecs-cli’ command lines: Create and scale an Amazon ECS cluster Pull an image from an Amazon ECR registry Run, scale and load-balance a simple PHP app … and look at EC2 Instances, Security Groups, Auto-Scaling Groups, Elastic Load Balancers and Cloud Formation
Load balancing services on fixed ports Amazon EC2 Container Service Developer Guide
Micro-services: it gets worse J Micro-services run in an ever-moving production environment: continuous deployment, multiple versions running in parallel, servers coming and going, etc. •  Can micro-services be deployed and scaled independently? •  Can multiple copies of a micro-service run on the same server? •  Can micro-services register their name & port automatically? •  Can micro-services discover each other? •  Can traffic be load-balanced across multiple copies of a micro-service?
Yes we can! •  Can micro-services be deployed and scaled independently? Micro-service = Docker image + task definition + service definition •  Can multiple copies of a micro-service run on the same server? Let Docker assign a random port •  Can micro-services register name & port automatically? Use Registrator to inspect containers and register them in Consul •  Can micro-services discover each other? Use local Consul agent for DNS lookups •  Can traffic be load-balanced across multiple copies of a micro-service? User-facing service: ELB (80) à Fabio (fixed port) à service (random port) Internal service: DNS lookup (53) à service (random port)
Internet Gateway Elastic Load Balancer Consul server EC2 instance R R RC C C F F F:9999 :9999 :9999 :80 ECS agent R Registrator C Consul agent F Fabio P Portal S Stock W Weather P P P PP P S :random S :random S :random W :random W :random :random :random :random:random :random ECS instance ECS instance ECS instance IP and port number of service returned by local DNS lookup Consul traffic omitted for brevity and sanity J ECS cluster Load balancing services on random ports :53:53:53 :random J. Simon
DEMO #2Demo gods, I know I’m pushing it, but please don’t let me down now Run an application built from 3 micro-services (portal, stock, weather) running on random ports Use a combination of ELB, Fabio and Consul (DNS lookups) for load-balancing Scale & break stuff, see what happens J
Thank you. Let’s keep in touch! @aws_actus @julsimon facebook.com/groups/AWSFrance/ AWS User Groups in Paris, Lyon, Nantes, Lille & Rennes (meetup.com) March 7-8 AWS Summit May 31st April 20-22 March 23-24 April 6-7 (Lyon) April 25 March 16
BONUS SLIDES
Using Amazon ECS AWS Console https://console.aws.amazon.com/ecs/ AWS CLI https://github.com/aws/aws-cli https://github.com/awslabs/aws-shell NEW! AWS SDK (Java, .NET, Node.js, PHP, Python, Ruby, Go, C++) https://github.com/aws/aws-sdk-* Amazon ECS CLI https://github.com/aws/amazon-ecs-cli https://www.youtube.com/watch?v=MMr78xAiZpQ https://docs.aws.amazon.com/fr_fr/AmazonECS/latest/developerguide/ECS_GetStarted.html
Amazon ECS resources Building demos #1 & #2 https://docs.aws.amazon.com/fr_fr/AmazonECS/latest/developerguide/docker-basics.html https://github.com/awslabs/ecs-demo-php-simple-app https://aws.amazon.com/blogs/compute/service-discovery-via-consul-with-amazon-ecs/ https://github.com/awslabs/service-discovery-ecs-consul https://www.consul.io/ - https://github.com/gliderlabs/registrator - https://github.com/eBay/fabio Tech articles by Werner Vogels, CTO of Amazon http://www.allthingsdistributed.com/2014/11/amazon-ec2-container-service.html http://www.allthingsdistributed.com/2015/04/state-management-and-scheduling-with-ecs.html http://www.allthingsdistributed.com/2015/07/under-the-hood-of-the-amazon-ec2-container-service.html Amazon ECS video @ AWS re:Invent 2015 Amazon ECS: Distributed Applications at Scale https://www.youtube.com/watch?v=eun8CqGqdk8 Turbocharge Your Deployment Pipeline with Containers https://www.youtube.com/watch?v=o4w8opVCI-Q From Local Docker Development to Production Deployments https://www.youtube.com/watch?v=7CZFpHUPqXw
Managing Amazon ECR repositories $ aws ecr create-repository --repository-name REPO_NAME --region us-east-1 $ aws ecr describe-repositories --region us-east-1 $ aws ecr delete-repository --repository-name REPO_NAME --region us-east-1
Managing Docker images with ECR $ aws ecr get-login --region us-east-1 <run docker login command provided as output> $ docker build -t REPO_NAME . $ docker tag REPO_NAME:latest ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/REPO_NAME:latest $ docker push ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com REPO_NAME:latest
Creating, scaling and deleting an ECS cluster $ ecs-cli configure -c CLUSTER_NAME -r eu-west-1 $ ecs-cli up --keypair KEY_PAIR_ID --capability-iam --size 1 --instance-type t2.micro $ ecs-cli scale --size 3 --capability-iam $ ecs-cli ps $ ecs-cli down CLUSTER_NAME --force Reminder: •  ‘ecs-cli up’ launches a CloudFormation template •  By default, the cluster is created in a new VPC •  By default, only port 80 is open on ECS instances •  See ‘ecs-cli up –help’ for advanced networking options
Basic ECS commands $ aws ecs list-clusters $ aws ecs describe-clusters --cluster CLUSTER_NAME $ aws ecs list-container-instances --cluster CLUSTER_NAME $ aws ecs describe-container-instances --cluster CLUSTER_NAME --container-instances ECS_INSTANCE_ID
Updating the Amazon ECS agent $ aws ecs update-container-agent --cluster CLUSTER_NAME --container-instance ECS_INSTANCE_ID #!/bin/bash for i in `aws ecs list-container-instances --cluster CLUSTER_NAME | grep arn | cut -b 64-99` do aws ecs update-container-agent --cluster CLUSTER_NAME--container-instance $i done
Allowing SSH access on an ECS cluster $ aws ecs describe-container-instances --cluster CLUSTER_NAME --container-instances ECS_INSTANCE_ID --query 'containerInstances[*].ec2InstanceId’ $ aws ec2 describe-instances --instance-ids EC2_INSTANCE_ID --query "Reservations[*].Instances[*].SecurityGroups[*].GroupId" $ aws ec2 authorize-security-group-ingress --group-id SECURITY_GROUP_ID --protocol tcp --port 22 --cidr 0.0.0.0/0
Amazon ECS metadata Log into the ECS instance Instance information $ curl http://localhost:51678/v1/metadata Task information $ curl http://localhost:51678/v1/tasks
Creating and scaling an Amazon ECS service Write a docker-compose.yml file $ ecs-cli compose service start $ ecs-cli compose service up $ ecs-cli compose service scale 3
Stopping and deleting an Amazon ECS service $ ecs-cli compose service stop $ ecs-cli compose service delete

More Related Content

Amazon ECS (March 2016)

  • 1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Docker Grenoble, 13/01/2016 Docker Lyon, 14/01/2016 Docker Nantes, 18/01/2016 Docker Rennes, 01/03/2016 Clustering Docker on AWS with Amazon ECR & ECS Julien Simon, Principal Technical Evangelist @julsimon
  • 2. The problem Given a certain amount of processing power and memory, how can we best manage an arbitrary number of apps running in Docker containers? http://tidalseven.com
  • 3. Requirements for modern cluster orchestration Distributed state management Scalable scheduling Built-in high availability Amazon EC2 Container Service (ECS) Launched in 04/2015 https://aws.amazon.com/ecs/ No additional charge J Amazon EC2 Container Registry (ECR) Launched in 12/2015 https://aws.amazon.com/ecr/ Free tier: 500MB / month for a year $0.10 / GB / month + outgoing traffic
  • 5. Case study: Coursera https://www.youtube.com/watch?v=a45J6xAGUvA “Amazon ECS enabled Coursera to focus on releasing new software rather than spending time managing clusters” Frank Chen, Software Engineer
  • 6. Case study: Meteor https://www.youtube.com/watch?v=xIc3WT6kAVw “Can we scale the amount of compute resources necessary to run all our customers’ apps? Can we scale the mechanics of coordinating all those pieces? Using AWS, we can answer ‘yes’ to both” - Matt DeBergalis, Cofounder & VP Product
  • 7. Case study: Remind “Moving to Amazon ECS significantly improved our service performance” Jason Fischl, VP of Engineering https://www.youtube.com/watch?v=8zbbQkszP04
  • 8. DEMO #1 Demo gods, I’m your humble servant, please be good to me Using the ‘aws’ and ‘ecs-cli’ command lines: Create and scale an Amazon ECS cluster Pull an image from an Amazon ECR registry Run, scale and load-balance a simple PHP app … and look at EC2 Instances, Security Groups, Auto-Scaling Groups, Elastic Load Balancers and Cloud Formation
  • 9. Load balancing services on fixed ports Amazon EC2 Container Service Developer Guide
  • 10. Micro-services: it gets worse J Micro-services run in an ever-moving production environment: continuous deployment, multiple versions running in parallel, servers coming and going, etc. •  Can micro-services be deployed and scaled independently? •  Can multiple copies of a micro-service run on the same server? •  Can micro-services register their name & port automatically? •  Can micro-services discover each other? •  Can traffic be load-balanced across multiple copies of a micro-service?
  • 11. Yes we can! •  Can micro-services be deployed and scaled independently? Micro-service = Docker image + task definition + service definition •  Can multiple copies of a micro-service run on the same server? Let Docker assign a random port •  Can micro-services register name & port automatically? Use Registrator to inspect containers and register them in Consul •  Can micro-services discover each other? Use local Consul agent for DNS lookups •  Can traffic be load-balanced across multiple copies of a micro-service? User-facing service: ELB (80) à Fabio (fixed port) à service (random port) Internal service: DNS lookup (53) à service (random port)
  • 12. Internet Gateway Elastic Load Balancer Consul server EC2 instance R R RC C C F F F:9999 :9999 :9999 :80 ECS agent R Registrator C Consul agent F Fabio P Portal S Stock W Weather P P P PP P S :random S :random S :random W :random W :random :random :random :random:random :random ECS instance ECS instance ECS instance IP and port number of service returned by local DNS lookup Consul traffic omitted for brevity and sanity J ECS cluster Load balancing services on random ports :53:53:53 :random J. Simon
  • 13. DEMO #2Demo gods, I know I’m pushing it, but please don’t let me down now Run an application built from 3 micro-services (portal, stock, weather) running on random ports Use a combination of ELB, Fabio and Consul (DNS lookups) for load-balancing Scale & break stuff, see what happens J
  • 14. Thank you. Let’s keep in touch! @aws_actus @julsimon facebook.com/groups/AWSFrance/ AWS User Groups in Paris, Lyon, Nantes, Lille & Rennes (meetup.com) March 7-8 AWS Summit May 31st April 20-22 March 23-24 April 6-7 (Lyon) April 25 March 16
  • 16. Using Amazon ECS AWS Console https://console.aws.amazon.com/ecs/ AWS CLI https://github.com/aws/aws-cli https://github.com/awslabs/aws-shell NEW! AWS SDK (Java, .NET, Node.js, PHP, Python, Ruby, Go, C++) https://github.com/aws/aws-sdk-* Amazon ECS CLI https://github.com/aws/amazon-ecs-cli https://www.youtube.com/watch?v=MMr78xAiZpQ https://docs.aws.amazon.com/fr_fr/AmazonECS/latest/developerguide/ECS_GetStarted.html
  • 17. Amazon ECS resources Building demos #1 & #2 https://docs.aws.amazon.com/fr_fr/AmazonECS/latest/developerguide/docker-basics.html https://github.com/awslabs/ecs-demo-php-simple-app https://aws.amazon.com/blogs/compute/service-discovery-via-consul-with-amazon-ecs/ https://github.com/awslabs/service-discovery-ecs-consul https://www.consul.io/ - https://github.com/gliderlabs/registrator - https://github.com/eBay/fabio Tech articles by Werner Vogels, CTO of Amazon http://www.allthingsdistributed.com/2014/11/amazon-ec2-container-service.html http://www.allthingsdistributed.com/2015/04/state-management-and-scheduling-with-ecs.html http://www.allthingsdistributed.com/2015/07/under-the-hood-of-the-amazon-ec2-container-service.html Amazon ECS video @ AWS re:Invent 2015 Amazon ECS: Distributed Applications at Scale https://www.youtube.com/watch?v=eun8CqGqdk8 Turbocharge Your Deployment Pipeline with Containers https://www.youtube.com/watch?v=o4w8opVCI-Q From Local Docker Development to Production Deployments https://www.youtube.com/watch?v=7CZFpHUPqXw
  • 18. Managing Amazon ECR repositories $ aws ecr create-repository --repository-name REPO_NAME --region us-east-1 $ aws ecr describe-repositories --region us-east-1 $ aws ecr delete-repository --repository-name REPO_NAME --region us-east-1
  • 19. Managing Docker images with ECR $ aws ecr get-login --region us-east-1 <run docker login command provided as output> $ docker build -t REPO_NAME . $ docker tag REPO_NAME:latest ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/REPO_NAME:latest $ docker push ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com REPO_NAME:latest
  • 20. Creating, scaling and deleting an ECS cluster $ ecs-cli configure -c CLUSTER_NAME -r eu-west-1 $ ecs-cli up --keypair KEY_PAIR_ID --capability-iam --size 1 --instance-type t2.micro $ ecs-cli scale --size 3 --capability-iam $ ecs-cli ps $ ecs-cli down CLUSTER_NAME --force Reminder: •  ‘ecs-cli up’ launches a CloudFormation template •  By default, the cluster is created in a new VPC •  By default, only port 80 is open on ECS instances •  See ‘ecs-cli up –help’ for advanced networking options
  • 21. Basic ECS commands $ aws ecs list-clusters $ aws ecs describe-clusters --cluster CLUSTER_NAME $ aws ecs list-container-instances --cluster CLUSTER_NAME $ aws ecs describe-container-instances --cluster CLUSTER_NAME --container-instances ECS_INSTANCE_ID
  • 22. Updating the Amazon ECS agent $ aws ecs update-container-agent --cluster CLUSTER_NAME --container-instance ECS_INSTANCE_ID #!/bin/bash for i in `aws ecs list-container-instances --cluster CLUSTER_NAME | grep arn | cut -b 64-99` do aws ecs update-container-agent --cluster CLUSTER_NAME--container-instance $i done
  • 23. Allowing SSH access on an ECS cluster $ aws ecs describe-container-instances --cluster CLUSTER_NAME --container-instances ECS_INSTANCE_ID --query 'containerInstances[*].ec2InstanceId’ $ aws ec2 describe-instances --instance-ids EC2_INSTANCE_ID --query "Reservations[*].Instances[*].SecurityGroups[*].GroupId" $ aws ec2 authorize-security-group-ingress --group-id SECURITY_GROUP_ID --protocol tcp --port 22 --cidr 0.0.0.0/0
  • 24. Amazon ECS metadata Log into the ECS instance Instance information $ curl http://localhost:51678/v1/metadata Task information $ curl http://localhost:51678/v1/tasks
  • 25. Creating and scaling an Amazon ECS service Write a docker-compose.yml file $ ecs-cli compose service start $ ecs-cli compose service up $ ecs-cli compose service scale 3
  • 26. Stopping and deleting an Amazon ECS service $ ecs-cli compose service stop $ ecs-cli compose service delete