Day48 : NGINX deployment by ECS/ECR

Today will be a great learning for sure. I know many of you may not know about the term "ECS". As you know, 90 Days Of DevOps Challange is mostly about 'learning new' , let's learn then ;)

What is ECS ?

ECS (Elastic Container Service) is a fully-managed container orchestration service provided by Amazon Web Services (AWS). It allows you to run and manage Docker containers on a cluster of virtual machines (EC2 instances) without having to manage the underlying infrastructure.

With ECS, you can easily deploy, manage, and scale your containerized applications using the AWS Management Console, the AWS CLI, or the API. ECS supports both "Fargate" and "EC2 launch types", which means you can run your containers on AWS-managed infrastructure or your own EC2 instances.

ECS also integrates with other AWS services, such as Elastic Load Balancing, Auto Scaling, and Amazon VPC, allowing you to build scalable and highly available applications. Additionally, ECS has support for Docker Compose and Kubernetes, making it easy to adopt existing container workflows.

Overall, ECS is a powerful and flexible container orchestration service that can help simplify the deployment and management of containerized applications in AWS.

An Amazon ECS cluster groups together tasks, and services, and allows for shared capacity and common configurations. An Amazon ECS cluster is a logical grouping of tasks or services. Your tasks and services are run on infrastructure that is registered to a cluster.

What is AWS ECS?

Amazon Elastic Container Service (ECS) is a cloud-based and fully-managed container orchestration service. It lets you run your applications in the cloud without having to configure and maintain the infrastructure.

To ensure capacity demands are optimally met and maintain peak performance, you can set ECS to continuously evaluate and monitor memory and CPU processes. This data can help you determine an optimal deployment strategy for each container. Additionally, you can leverage ECS to scale containers and release updates as needed.

ECS supports integration with several useful AWS services and features, including Identity and Access Management (AWS IAM) roles, Elastic Block Store (AWS EBS) volumes, and AWS Elastic Load Balancing (AWS ELB).

ECS Benefits and Use Cases:

ECS enables you to easily leverage containers for various use cases. You can leverage ECS to host simple websites as well as manage a distributed microservices architecture. ECS simplifies the management of containers, but it does not automate the entire process. You can still fine-tune and customize the process.

Here are several key benefits of Amazon ECS:

Easy and simple deployment—ECS eliminates the need to set up and maintain the infrastructure of Kubernetes clusters by taking responsibility over these tasks.
Scheduling capabilities—that enable you to schedule services, applications, and batch processes.
Managed availability—ECS is responsible for maintaining application availability and helps you scale up or down as needed to ensure capacity demands are met.
Native integration—with a wide range of features like AWS ELB, Amazon Virtual Private Cloud (Amazon VPC), IAM, and AWS EBS.
Integration with existing tools—ECS provides simple APIs that let you integrate with your CI/CD pipeline and your existing tools.
ECS_CLUSTER: The cluster that will be used by the ECS Agent to bootstrap against and connect. Must match a name of an ECS Cluster.
ECS_CONTAINER_STOP_TIMEOUT: Time to wait from when a task is stopped before its containers are forcefully stopped if they do not exit normally on their own
ECS_ENABLE_SPOT_INSTANCE_DRAINING: Whether to enable Spot Instance draining for the container instance. When true, if the container instance receives a Spot interruption notice, then the agent sets the instance status to DRAINING, which gracefully shuts down and replaces all tasks running on the instance that are part of a service.
ECS_ENABLE_CONTAINER_METADATA: When true, the agent creates a file describing the container’s metadata. The file can be located and consumed by using the container environment variable $ECS_CONTAINER_METADATA_FILE4
Use ECS with EC2 when:
- Your entire infrastructure runs in AWS
- You have already defined VPC and subnets
- You have existing processes for provisioning and managing EC2 instances
- Applications require directly-attached persistent storage

Use ECS Fargate when:

You do not have an existing VPC
You have some resources running on Amazon and some on other cloud environments
Applications are stateless or do not require directly-attached storage volumes

AWS ECS Deployment Options: EC2 vs Fargate

ECS can use Elastic Compute Cloud (EC2) instances to run containers. EC2 instances are deployed as part of the Amazon EC2 service, and “registered” in a defined ECS cluster, meaning that EC2 can use those instances to deploy containers. You can run an ECS cluster within an existing VPC, making it accessible to existing AWS resources running in that VPC.

An alternative way to deploy ECS containers is with Amazon Fargate. Fargate removes responsibility for provisioning, configuring, and managing EC2 instances, allowing AWS to manage EC2 instances for you.

With Fargate you don’t need to manage servers, but you must ensure that task definitions are stateless. Currently, you cannot attach a storage volume (such as an Elastic Block Storage volume) to the container defined in the job.

This means that if you use Fargate with persistent storage, you will need to use external storage services like S3 or Relational Data Service (RDS).

Difference between EKS and ECS ?

EKS (Elastic Kubernetes Service) and ECS (Elastic Container Service) are both container orchestration platforms provided by Amazon Web Services (AWS). While both platforms allow you to run containerized applications in the AWS cloud, there are some differences between the two.

Architecture: ECS is based on a centralized architecture, where there is a control plane that manages the scheduling of containers on EC2 instances. On the other hand, EKS is based on a distributed architecture, where the Kubernetes control plane is distributed across multiple EC2 instances.

Kubernetes Support: EKS is a fully managed Kubernetes service, meaning that it supports Kubernetes natively and allows you to run your Kubernetes workloads on AWS without having to manage the Kubernetes control plane. ECS, on the other hand, has its own orchestration engine and does not support Kubernetes natively.

Scaling: EKS is designed to automatically scale your Kubernetes cluster based on demand, whereas ECS requires you to configure scaling policies for your tasks and services.

Flexibility: EKS provides more flexibility than ECS in terms of container orchestration, as it allows you to customize and configure Kubernetes to meet your specific requirements. ECS is more restrictive in terms of the options available for container orchestration.

Community: Kubernetes has a large and active open-source community, which means that EKS benefits from a wide range of community-driven development and support. ECS, on the other hand, has a smaller community and is largely driven by AWS itself.

In summary, EKS is a good choice if you want to use Kubernetes to manage your containerized workloads on AWS, while ECS is a good choice if you want a simpler, more managed platform for running your containerized applications.

Task :

NGINX Cluster creation by ECS:

Set up ECS (Elastic Container Service) by setting up Nginx on ECS.

Amazon Elastic Container Registry (Amazon ECR) is an AWS managed container image registry service that is secure, scalable, and reliable. Amazon ECR supports private repositories with resource-based permissions using AWS IAM.

Take image from ECR public gallery.(ECR)

Task Definitions:

A task definition is required to run Docker containers in Amazon ECS. The following are some of the parameters that you can specify in a task definition: The Docker image to use with each container in your task. How much CPU and memory to use with each task or each container within a task.

Service Creation:

You can use an Amazon ECS service to run and maintain a specified number of instances of a task definition simultaneously in an Amazon ECS cluster. If one of your tasks fails or stops, the Amazon ECS service scheduler launches another instance of your task definition to replace it.