Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Amazon EC2 Container Service (Amazon ECS)

  1. Home
  3. Amazon EC2 Container Service (Amazon ECS)

Amazon EC2 Container Service also referred as Amazon ECS is a highly scalable container management service. Amazon EC2 Container Service makes it easy to run, stop, and manage Docker containers on Amazon EC2 instances. With Amazon ECS, we can launch and place containers across cluster using API calls.

Amazon EC2 Container Service is a regionally-based service that can be used to run application containers in a highly available manner across all Availability Zones within an AWS Region.

Implementation

To implement Amazon ECS, we need to install an Amazon ECS agent on Amazon EC2 Container Service instances. If we use Amazon ECS-optimized AMIs, that agent is already installed. Additionally, the container instance needs to have an IAM role that authenticates to our account and will need external network access to communicate with the Amazon EC2 Container Service service endpoint.

Amazon ECS obtains a Docker image for repository. This repository can be on AWS or on other infrastructure.

Deploying a Container

To deploy a container, we need to do the following:

  1. Define a task. This is where we assign the name, provide the image name (important for locating the correct image), and decide on the amount of memory and CPU needed.
  2. Define the service. In this step, we decide how many instances of the task we want to run in the cluster and any Elastic Load Balancing load balancers that we want to register the instances with.
  3. Create the Amazon EC2 Container Service cluster. This is where the cluster is created and also where we specify the number of instances to run. The cluster can run across multiple Availability Zones.
  4. Create the stack. A stack of instances is created based on the configuration information provided. We can monitor the creation of the stack in the AWS Management Console. Creation of the stack is usually completed in less than five minutes

Management

Amazon ECS can be configured using the AWS Management Console, the AWS CLI, or the Amazon ECS CLI.

Monitoring Amazon EC2 Container Service

The primary tool used for monitoring our Amazon ECS clusters is Amazon CloudWatch. Amazon CloudWatch collects Amazon ECS metric data in one-minute periods and sends them to Amazon CloudWatch. Amazon CloudWatch stores these metrics for a period of two weeks. We can monitor the CPU and memory reservation and utilization across our cluster as a whole and the CPU and memory utilization on the services in our cluster. We can use Amazon CloudWatch to trigger alarms, set notifications, and create dashboards to monitor the services.

Security

With Amazon EC2 Container Service, we requireto do the following:

  1. Control who can create task definitions.
  2. Control who can deploy clusters.
  3. Control who can access the Amazon EC2 instances.

IAM is the tool used for the first two necessities. For controlling access to Amazon EC2 instances, the tools described in the Amazon EC2 section still apply.

Menu