Containers on AWS Overview: ECS | EKS | Fargate | ECR

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in this video i will give you a high level overview of all the different container services you can use on aws so if you want to run a containerized application on aws you have multiple options to choose from depending on your application requirements so we'll go through all of these options one by one we will see what ecs elastic container service is and what it's used for then we'll compare it and talk about eks which is elastic kubernetes service we will also see different ways of running containers with ec2 or aws far gate and finally we will see the ecr service which stands for elastic container registry now think about a micro service application scenario if you're developing microservices you would need containers for each and containers scale pretty quickly maybe you create replicas you have different third-party services and applications for your micro service application this could be messaging systems authentication services etc so you end up with a bunch of containers that you need to deploy on some environment in this case we're talking about aws virtual service so let's say we have created 10 containers for each our 10 micro services plus we have five other containers that our micro services use which run different applications and let's say we deploy all of those on our ec2 instances which have docker installed on them now once you have deployed them how do you manage them so you have an infrastructure of all these virtual servers that are running all your docker containers how do you know how much resources you still have remaining on these machines how do you know where to schedule the next container how do you know by looking across your infrastructure whether some of your docker containers are not running anymore whether servers ran out of resources and when you see that some containers have died do you manually restart each container if you have maybe five replicas of one application container you don't need any more how do you get rid of all those containers do you stop them and remove them one by one and these are all things that you need to manage when you have tens of containers maybe hundreds of containers that you need to manage on your infrastructure so obviously you need some kind of automation some kind of tool that can help you with all these issues and all these things that i just mentioned are features of a container orchestration tool so you probably already know one of them which is the most popular orchestration tool kubernetes but of course there are multiple orchestration tools out there docker swarm is one of them which is for less complex a bit smaller containerized applications you also have mesos apache mesos you also have hashicorp nomad and you also have an aws service called amazon elastic container service ecs so ecs is one of the container services that aws offers and it is essentially a container orchestration service so ecs being an orchestrator for containers will manage the whole life cycle of a container when you start the container if it needs to get rescheduled somewhere if it needs to get restarted load balanced etc so how does this service actually work on aws if you wanted to create a cluster a container cluster basically that is managed by aws ecs service you would create an ecs cluster and that ecs cluster will basically contain all the services that are necessary for managing the individual containers so ecs cluster basically represents a control plane for all your virtual machines that are running containers and that control plane and the services the managing services in that control plane then can manage these individual containers and essentially managing the whole life cycle of a container from being started scheduled to being removed when you create ecs cluster as i said you have the control plane but the containers need to run somewhere right so containers need to run on actual machines on virtual machines so where do these virtual machines come from these virtual machines will be the ec2 instances we would create an ec2 instance that will basically host the containers the ec2 will not be isolated and managed by us completely but ec2 instance will be connected to this ecs cluster that we created and on those ec2 instances you will have the docker runtime or container runtime generally so that containers can run and also you're going to have ecs agents installed and this way the control plane or ecs processes can communicate with each individual ec2 instance and manage them so at the end it means that you have a control plane that helps you manage all your containers and automate some of these complex things that you don't want to do manually and repeatedly so you have delegated the management of your containers to an aws service so you don't have to worry about that however you still have to manage the actual virtual machines the ec2 instances meaning you have to create the ec2 instances you have to join them to the ecs cluster and when you schedule a new container you have to make sure that you have enough ec2 instances and resources to schedule the next container you also have to manage the server operating system and you also have docker runtime and the ecs agent as i mentioned so all these are basically part of a virtual machine that you have to still manage on the upside of course you have full access to your infrastructure which is an advantage if you need full configuration access and power of the infrastructure that's running your containers so now you have delegated the management of your containerized application or your containers basically to the aws service which of course makes your operations easier however you still have the infrastructure to manage the virtual servers now what if you wanted to delegate management of the infrastructure also to aws so you want the container lifecycle to be managed by aws and you want the hosting infrastructure to also be managed by aws now there is an option for that and it is called aws far gate so far gate is basically an alternative to ec2 instances so instead of creating a provisioning ec2 instances and connecting that to the ecs cluster you don't need to provision any virtual machines you use fargate interface and fargate will take care of spinning up the vm to run your container so how does fargate work fargate is a serverless way to launch containers so you take a container that you want to deploy on aws and you tell aws here's my container please run it and you hand it over to fargate now at this point you don't have any virtual machine that will run your container you haven't provisioned anything or any server yet you just have the control plane of ecs and you have the far gate interface so you give your container to fargate and you say please schedule this fargate will then take your container it will analyze by looking at your container how much resources your container needs to run how much cpu how much ram how much storage it needs to be deployed and to run and then fargate will itself automatically provision a server resources for that specific container and then it will deploy and run that container on the provisioned server resources so this happens automatically and every time you add or you hand over a new container to deploy to fargate fargate will do the same you go and provision server resources to run that specific container so advantages are obviously you don't need to worry about having enough ec2 instances and resources to schedule a new container because you don't have to provision anything beforehand and because you don't have to provision the infrastructure before you deploy containers you always have only the amount of infrastructure resources needed to run your containers and that means you pay only for the resources that your containers are actually consuming and also it really easily scales without fixed set of ec2 resources defined beforehand since every new container gets new resources the pricing is based on how long the container runs and how much cpu and memory was requested for that container so for comparison for ec2 you obviously pay for the whole server even though you might not be running any containers on it or just a few maybe and for fargate you only pay for the resources that container is consuming so now you have your infrastructure managed by aws using the fargate service and the containers that are running that were scheduled through fargate are now also managed by ecs so you have multiple levels of your infrastructure and the application on it being managed by aws services now the only thing that you have to worry about and manage is the actual application itself so you develop the application you create containers and that's it and then you just deploy the containers on aws infrastructure which obviously is a great thing however again if you need more access to the underlying infrastructure you need access to the actual infrastructure running your containers then you have the flexibility and access with ec2 instances and of course when you run your containerized application on aws infrastructure using the aws services you have advantage of using any other aws services from the aws ecosystem right so both ec2 and fargate and ecs and all these services obviously fully integrate with the whole aws ecosystem right so this could be cloud watch for monitoring elastic load balancer for load balancing iam for permissions and users vpc for networking and so on now this is how you can let aws manage your containerized applications using ecs now what if you want to use kubernetes as you know kubernetes is the most popular container orchestration tool currently so a lot of projects a lot of companies actually use kubernetes so can you still use aws infrastructure if you want to use kubernetes and how can you use that aws actually has another service which is for managing kubernetes cluster on aws infrastructure so alternative to ecs you have a service called eks which stands for elastic kubernetes service that lets you manage kubernetes cluster so the difference or advantage of using eks is the first thing that i just mentioned which is if you're using kubernetes already and your project wants to deploy their kubernetes cluster on aws infrastructure obviously you want to be able to keep your kubernetes tool and not use a proprietary container orchestration of aws you have an option of doing that using eks so that's the first obvious reason another reason if you do not necessarily think about using kubernetes or you don't already use kubernetes in your project making decision between ecs and eks is basically ecs is specific to aws right so if you decide at some later point to migrate to another platform you will not be able to move that cluster to another platform because it is really integrated and based on aws with eks though because it's managing the kubernetes cluster you can easily migrate kubernetes because it's not specific to aws right it's an independent tool which you can use anywhere so you can migrate or much easily migrate kubernetes cluster on another platform or maybe even on premise right if you have your own infrastructure in your company then you can use the same configuration same tools across multiple platforms so that's a major advantage of using eks versus ecs now i have to mention here that even though kubernetes is an independent tool if you're using it on aws and you use a lot of additional tools and services from the aws ecosystem in your kubernetes cluster then of course when you migrate your kubernetes cluster you'll have to replace those services with some other tools because they will not be available on another platform right because these services are again specific to aws so just know that it's not 100 easily migratable especially if you're using aws specific services in your cluster so that's maybe one thing to consider another also important reason for using eks versus ecs is that if you use kubernetes which is again a much more popular orchestration tool than ecs you also have access to all the kubernetes tools and plugins and things are developing in the kubernetes ecosystem like helm and some other tools that integrate well with kubernetes now on the side of ecs a more suitable use case for ecs is if you have less complex containerized applications that maybe don't need this full-fledged kubernetes cluster to run in in this case you can actually deploy it on ecs cluster and also you don't pay for the ecs control plane compared to eks cluster control plane but generally i think eks is much better choice for managing and orchestrating your cluster on aws infrastructure now how does eks work it's actually pretty similar to how ecs works with eks you create a cluster which represents the control plane in kubernetes world these are going to be the masternodes so when you create an eks service or eks cluster aws will provision in the background kubernetes masternodes that already have all the kubernetes master services installed on them so all of that is managed and provisioned for you you don't have to worry about masternodes for your kubernetes cluster also because it's managed by aws these master nodes it will automatically replicate the master nodes across multiple availability zones so if you're creating eks in region eu west 3 that has three availability zones then you will get automatic replication of your masternodes on all those azs and of course then you have the storage which is the lcd part of the master processes which stores the whole configuration the current state basically of kubernetes cluster and that storage needs to be replicated and needs to be backed up because you shouldn't or you can't lose the data otherwise you lose all your cluster configuration and again because it's a managed service aws will also take care of storing the data replicating it and backing it up properly so basically masternodes of kubernetes is not your worry anymore so with eks you have the master nodes control plane configured now you need the worker nodes right you need infrastructure that actually runs your containers again same way as in the ecs you will create ec2 instances the so-called compute fleet of multiple virtual servers and then connect them to the eks and now you have the masternodes and worker node group connected and that gives you a complete kubernetes cluster and once that's done you can simply connect to the cluster using cubectl command and start deploying containers inside that cluster in the example of ecs we saw that these ec2 instances this compute fleet each server had the ecs agent installed this way the control plane could communicate with the individual nodes in this case we're in the kubernetes world so worker nodes will have kubernetes processes so this way control plane or kubernetes masternodes can communicate with worker nodes just like they do on any platform right it's not specific to aws in this case so you have the worker nodes made out of ec2 instances that are connected to the eks cluster however in this case also you need to manage the ec2 instances yourself you have to manage the operating system and the process is running on them in eks cluster however you have a possibility to choose a semi-managed ec2 instances for your cluster so basically you can group your worker nodes into node groups and that node group can actually handle some of the heavy lifting for you and basically make it easier for you to configure new worker nodes for your cluster for example worker nodes or ec2 instances manage my node group will get all the processes necessary installed on them so you don't have to worry about installing container runtime kubernetes worker processes etc for them to make it into worker nodes so that means you have an alternative between completely self-managed ec2 instances and semi-managed ec2 instances through node groups and when working with eks cluster it is actually a good practice to use node groups because they make a lot of things simpler and you can also create multiple node groups to group your worker nodes in different logical groups but as i said it is still semi-managed you still have to take care of some other stuff for example auto scaling right you don't have the auto scaling configuration out of the box you still need to configure things in kubernetes and on the aws side to make auto scaling possible so you have to take care of creating new ec2 instances removing them etc however if that's also something you want to delegate to aws if you don't want to worry about that you can also for eks cluster use fargate instead and in that case you would have fully managed worker nodes in addition to fully managed control plane so these are the three steps of worker node infrastructure management you have available in aws or you can even use both ec2 and fargate at the same time for the same eks cluster so basically from the hosting perspective of where your containers are running having ec2 and fargate as alternatives this part is pretty much the same whether you use ecs or eks and this basically gives you the combination of the services that you have as an option if you want to run a containerized application on aws using a container orchestration tool to manage them now we just saw two of the services on aws that are specifically for containers and there is one more container service on aws and that is amazon ecr which stands for elastic container registry so basically this is just a repository for container images alternative to docker hub or nexus docker repository where you can store your docker images for example advantage of using elastic container registry is of course because it's part of the whole aws ecosystem it integrates well with other services so for example if you use eks with ec2 instances for example then it will be easier to connect it and configure your cluster with ecr to fetch the instances but also to do some other stuff like automatically get notified when a new version of the image gets pushed to the registry and then automatically download that into your cluster and also some other additional features and of course you have all those abilities because these are all aws services so they are tightly integrated with each other and ecr is pretty easy and straightforward to use you basically create your private repositories for your different application images or docker images and you can start pushing different versions or different tags of that image to those registries and then of course use that endpoint to download the images from the cluster so to summarize on aws you have three container services first for storing container images in private container repository and the other two for orchestrating or managing your complex containerized application on aws infrastructure and in this part we're gonna look at ecr and ek services and use them in our ci cd pipeline to build and push images to ecr and deploy them to elastic kubernetes service [Music]

Info

Channel: TechWorld with Nana

Views: 339,534

Rating: undefined out of 5

Keywords: aws ecs, aws eks, eks aws, ecs aws, aws, aws ecr, elastic container service, elastic kubernetes service aws, ecs vs eks aws, aws fargate, container services aws, elastic container registry, ec2 vs fargate, amazon web services, cloud computing, container orchestration, aws ecs tutorial, aws eks tutorial, amazon fargate, amazon ecs, amazon eks, aws tutorial, introduction to container services, techworld with nana

Id: AYAh6YDXuho

Channel Id: undefined

Length: 25min 10sec (1510 seconds)

Published: Sun Nov 29 2020