AWS ECS — The Cloud-Docker Confluence

What is AWS?

Amazon Web Services (AWS) is a cloud service provider with a vast array of services which cover functionalities such as compute power, database storage, content delivery networks, DNS services and plenty others to support and fulfill any kind of requirement, with a ‘Pay-As-You-Go’ model which means that the consumer will have to pay for the services which they consume.

And Docker?

Docker is a tool that helps us to ease the process of application development by encapsulating the whole environment, along with all the requisites and dependencies (code, frameworks, libraries) that the application requires, in an isolated light weight container image which can be moved to any system and as long as that system supports docker, your application will function in that system, just like it did in your own.

Why Docker?

1. If we had to launch multiple instances of the same application then we don’t need to focus on the hardware requirements, that is already fulfilled by the AWS, rather all we need to do is to specify the number of containers that are required. This provides high scalability and efficiency.
2. With AWS, we can replicate the data volumes as well, so if a particular container in the cluster is mapped to a particular data volume then on scaling and launching another instance, we can connect that instance with the same data volume too, providing the same set of data to this new instance.
3. By nature of the service, it is meant to stay isolated from other instances so every time we spin up a new instance, they are isolated from the other instances.

What is Amazon ECS?

Amazon Elastic Container Service (ECS) is a container management service which can launch, exit, expand or shrink docker containers inside a cluster. Earlier all the applications used to run on virtual machines, so if the number of users increased, one would have to purchase all the hardware requirements required to run those services at low latency, with AWS ECS, it is not really a thing to worry about since if and when the demand surges up, the ECS will automatically scale up the resources of the container in order to maintain low latency and provide quality services to the end users.

AWS ECS helps:

1. Schedule the placement of containers across our clusters.
2. Migrate our application to he cloud without changing the code.

These containers can be spun up using:
→ AWS Management Console
→ Software Development Kits (SDKs)

Advantages of Amazon ECS:

1. ECS is very secure. The images that we run in these containers are stored in “Container Registries” which are accessible only through HTTPs, but also encrypted and the access to these images is allowed under the permissions gives in the Identity and Access Management (IAM) Policies.
2. These lightweight instances are very cost efficient since we can crowd our instances with as many applications as we wish to. In comparison with EC2 instances, where we can launch a single application in the whole server, here we can have multiple containers in the same amount of resources, each consuming just about how much they require, isolated from each other. A complete win!
3. The container images are extensible, since they pack their requisites with them, all they require is a platform that supports docker and then its the same thing you were working on earlier.
4. This extensibility makes them easily scalable, all we need to mention is the requirement, and the AWS fulfills it.
5. All these features combine to make it the most compatible tool, to test, run or deploy our applications.

Architecture of Amazon ECS:

1. Container Image: At the broadest level, these are defined as the templates which define the properties of the image that is required for example, the OS that we require, the dependencies, any additional application/software and their version, every single detail is described in here.
2. Container Registry: This is the service which hosts (stores) and distributes docker images among others users or end consumers. The Amazons’ product is called Elastic Container Register (ECR) whereas Dockers’ product is referred to as Docker Hub.
3. VPC: The Amazon Virtual Private Cloud, is used to isolate the whole environment from rest of the services, or provide network isolation for any purpose, we may wish for. ECS integrates well with VPC. It enables us to launch a EC2 instance in a virtual private network that we specify.

Fargate:
All the clusters in AWS are managed by through ECS but if we please Amazon to look after and manage our clusters, that is where Fargate steps in. It is a compute engine in ECS that allows a user to launch containers without having to monitor clusters. Tasks are also launched using the fargate service.

Task: This has 2 components, namely — ECS Container Instance and the Container Agent.

→ ECS Container Instance is basically a special EC2 instance which is capable of running containers since not all containers are capable of running containers.
→ Container Agents are what binds different clusters together and are also responsible for communication between ECS and the instance.
→ A Cluster is a set of ECS container instances which handles process of scheduling, monitoring and scaling requests.

This image from Harshs’ blog depicts the arrangement in a very convenient manner.

At last, Elastic Network Interface is a virtual network interface which can also be responsible for how the containers interact with each other and the EC2 host and then with the internet.

Here is a visual representation of all of these services, by simplilearn:

Following is a series of pictures depicting exactly how a container is launched in Amazon ECS:

Conceptual Representation

Specifying Container Definitions

Specifying Task Definitions

Defining the service

Configuring the cluster

Launched Container Instance

Further References:
1. AWS Source
2. SimpliLearn Source