Elastic Container Service (ECS)

How ECS works

Amazon ECS is a fully managed and scalable service for managing containerized applications. ECS builds and deploys scalable containerized applications on AWS without managing servers. ECS is divided into three layers: provisioning, controller, and capacity.

Provisioning

Provisioning consists of the tools used as an interface with the scheduler to manage and deploy your applications and containers. ECS offers multiple ways to interact, such as AWS software developer kit, Copilot AWS CLI, etc.

Controller

The controller deploys and manages the containers running on the EC2 instances or AWS Fargate. Containers are configured using task definition. A Task definition specifies how a container should be configured, specifying image, CPU, and memory requirements. Then, the task definition is executed on the cluster as a task or a service.

A Cluster is a logical grouping of tasks or services configured to run on a capacity infrastructure. A cluster can have multiple services and tasks running at the same time. A task is just the instantiation of a task definition. The task can be simplified as a container running on a cluster, Whereas a service can be stated as a group of tasks running on a cluster. Formally, A service manages the desired number of tasks running. Services are used for applications that require continuous availability.

For example, if a task running in a service fails for any reason, the ECS service will automatically provision the task from the given task definition. It ensures that the specified number of tasks are always running. ECS uses a container agent to overlook the resource utilization of a container. A container agent reports resource utilization of different tasks running on the containers to Amazon ECS.

Capacity

Capacity is the infrastructure where containers run. ECS offers three types of infrastructure to run containers: On premisses, EC2 instances, and AWS FargateAWS Fargate is a compute engine that enables us to run containers without managing the underlying EC2 instances. It does away with infrastructure management and provides a serverless experience for running our containers.. ECS can use these infrastructures independently or in combination with each other.

Application lifecycle

Modern applications are built using a microservices architecture, where the application is composed of loosely coupled services that are independently deployable and scalable. ECS is well-suited for deploying and managing microservices-based applications.

Let’s consider a scenario where we deploy a microservices-based web application on ECS such that the frontend and backend are deployed on two different containers for security reasons. We will configure a task definition such that it launches two containers, one running the frontend of the application and the other having the backend.

After that, we want to ensure the availability of our application, we will deploy the task definition in the service, such that the service maintains two tasks at each time in different availability zones. The Application will be served through the application load balancer. The load on the application can vary based on the user. To adjust infrastructure automatically, we will use AWS Fargate as the underlying infrastructure for our service.

Similarly, to manage containers’ on-premises infrastructure, AWS offers ECS Anywhere.

ECS Anywhere

ECS Anywhere by Amazon ECS is container orchestration software to manage containers on-premises. ECS Anywhere eliminates the need for in-house container orchestration. It extends ECS to the on-premises servers or VMs, offering a unified way to run and manage containerized workloads across all your environments – cloud and on-premises – with a familiar ECS experience.

Best practices

Let’s take a look at some of the best practices for ECS.

• It’s important to note the price of Fargate; Fargate is usually more expensive than the EC2 instance for the application running 24/7, EC2 is a much better choice than the Fargate.

• It is important to understand the security concerns for the containers running applications in the case of EC2 as the underlying infrastructure; it’s important to keep an eye on the Security patches of the OS and update your images based on that.

• In the case of EC2 as an underlying infrastructure, different containers consume different resources, such as CPU or memory. Use CloudWatch events and tag the containers to efficiently monitor the resources.