aws

Containers on AWS

ayleeee 2024. 4. 5. 01:43

Docker Containers Management on AWS

  • Amazon Elastic Container Service (Amazon ECS)
    • Amazon's own container platform
      • 컨테이너화된 애플리케이션을 더 효율적으로 배포하고 관리하고 규모를 조정하는 데 도움이 되는 완전관리형 컨테이너 오케스트레이션 서비스 
      • Amazon ECS Anywhere의 고급 보안 기능을 통해 클라우드와 온프레미스에서 컨테이너 워크로드를 손쉽게 실행할 수 있음
    • Launch Docker containers on AWS == Launch ECS tasks on ECS Clusters
    • EC2 Launch Type : you must provision & maintain the infrastructure
      • Each EC2 Instances must run the ECS Agent to register in the ECS Cluster
      • AWS takes care of starting / stopping containers
    • Fargate Launch Type 
      • do not provision the infrastructure (no EC2 instances to manage)
        • 서버를 관리하거나, 용량 계획을 처리하거나, 보안을 위해 컨테이너 워크로드를 격리할 필요가 없음
      • Serverless
        • 서버리스 컴퓨팅 엔진
      • just create task definitions
      • AWS just runs ECS Tasks for you based on the CPU/RAM you need
      • To scale, just increase the number of tasks
      • Fargate 시작 유형을 사용하여 태스크와 서비스를 실행할 때는 애플리케이션을 컨테이너에 패키징하고, CPU 및 메모리 요구 사항을 지정, 네트워킹 및 IAM 정책 정의, 애플리케이션을 시작
    • IAM Roles for ECS
      • EC2 Instance Profile(EC2 Launch Type)
        • Used by the ECS agent
        • Makes API calls to ECS service
        • Send container logs to CloudWatch Logs
        • Pull Docker image from ECR
        • Reference sensitive data in Secrets Manager or SSM Parameter Store
      • ECS Task Role
        • Allows each task to have a specific role
        • Use different roles for the different ECS Services you run
        • Task Role is defined in the task definition
    • Load Balancer Integrations
      • Application Load Balancer
        • supported and works for most use cases
      • Network Load Balancer 
        • recommended only for high throughput / high performance use cases, or to pair it with AWS Private Link
    • Data Volumes (EFS)
      • Mount EFS file systems onto ECS tasks
      • Works for both EC2 and Fargate launch types
      • Tasks running in any AZ will share the same data in the EFS file system
      • Fargate + EFS = Serverless
      • Use cases : 
        • persistent multi-AZ shared storage for your contianers
    • ECS Service Auto Scaling
      • Automatically increase/decrease the desired number of ECS tasks
      • Amazon ECS Auto Scaling uses AWS Application Auto Scaling
        • ECS Service Average CPU Utilizations
        • ECS Service Average Memory Utilization - Scale on RAM
        • ALB Request Count Per Target - metric coming from the ALB
      • Target Tracking - scale based on target value for a specific ClodudWatch metric
      • Step Scaling - scale based on a specified CloudWatch Alarm
      • Scheduled Scaling - scale based on a specified date/time
      • ECS Service Auto Scaling != EC2 Auto Scaling
      • Fargate Auto Scaling is much easier to setup (becuase of Serverless)
    • Auto Scaling EC2 Instances
      • Accommodate ECS Service Scaling by adding underlying EC2 Instances
      • Auto Scaling Group Scaling
        • Scale your ASG based on CPU Utilization
        • Add EC2 instances over time
      • ECS Cluster Capacity Provider
        • Used to automatically provision and scale the infrastructure for your ECS Tasks
        • Capacity Provider paired with an Auto Scaling Group
        • Add EC2 Instances when you are missing capacity 
  • Amazon Elastic Kubernetes Service (Amazon EKS)
    • Amazon's managed Kubernetes - open source
      • AWS에 Kubernetes 컨트롤 플레인을 설치, 운영 및 유지 관리할 필요가 없는 관리형 서비스
    • An alternative to ECS, similar goal but different API
    • Supports EC2 if you want to deploy worker nodes or Fargate to deploy serverless containers
    • For multiple regions, deploy one EKS cluster per region
    • Collect logs and metrics using CloudWatch Container Insights
    • Node Types
      • Managed Node Groups
        • Creates and manages Nodes (EC2 instances) for you
        • Nodes are part of an ASG managed by EKS
        • Supports On-Demand or Spot Instances
      • Self-Managed Nodes
        • Nodes created by you and registerd to the EKS cluster and managed by an ASG
        • You can use prebuilt AMI 
        • Supports On-Demand or Spot Instances
      • AWS Fargate
        • No maintenance required
        • No nodes managed
    • Data Volumes
      • Need to specify StorageClass manifest on your EKS cluster
      • Leverages a Container Storage Interface compliant driver
        • Amazon EBS, Amazon EFS, Amazon FSx for Lustre, Amazon FSx for NetApp ONTAP
  • AWS Fargate
    • Amazon's own Serverless container platform
    • Works with ECS and with EKS
  • Amazon ECR
    • Elastic Container Registry
    • Store and manage Docker images on AWS
    • Private Repository
      • AWS IAM을 사용하여 리소스 기반 권한을 가진 private repository 지원
    • Public Repository
    • 어디서나 애플리케이션 이미지 및 아티팩트를 안정적으로 배포할 수 있도록 함
    • Fully intergrated with ECS, backed by Amazon S3
    • Supports image vulnerability scanning, versioning, image tags, image lifecycle

'aws' 카테고리의 다른 글

Databases in AWS  (3) 2024.04.07
Serverless Overview  (0) 2024.04.06
AWS Integration & Messaging  (1) 2024.04.04
S3  (0) 2024.03.29
CloudFront & Global Accelerator  (3) 2024.03.29

'aws'의 다른글

  • 현재글Containers on AWS

관련글

티스토리툴바