The Basics
Amazon ECS, the Elastic Container Service, is an Amazon alternative to Docker Swarm, Kubernetes, and HashiCorp Nomad. Amazon aims to make ECS as simple as possible to reduce the complexity of deploying container-based workloads. Under the hood, ECS runs docker on EC2 instances.
Primary Use Cases
- Maximize EC2 compute resource usage
- Scalable deployment of container workloads
- Scalable batch processing
Less Suitable Use Cases
- Simple web application or website hosting.
- Consider Amazon S3 or AWS Amplify instead.
Amazon ECS contains these core layers.
Review Amazon Elastic Container Service template snippets for a big-picture view of CloudFormation YAML resources.
Dependencies
ECS components optionally depend on EC2, Auto Scaling, Load Balancers, and CloudWatch to operate depending on your overall deployment strategy. Using Fargate simplifies deployment further by removing components from your software architecture.
I will now summarize each ECS component. Where applicable, a link to CloudFormation resource documentation is present.
Cluster
A Cluster is a logical grouping of Tasks or Services running on an EC2 instance, otherwise known as a Container Instance.
Example: fancy-web-application-cluster
The primary responsibility of an Amazon ECS Cluster is managing infrastructure for your Tasks.
Describe a cluster with this command.
aws ecs describe-clusters --cluster fancy-web-application-cluster
Container Instance
An Amazon ECS container instance is an EC2 instance running an Amazon ECS container agent registered into an Amazon ECS cluster.
The primary responsibility of an Amazon ECS container instance is computing resources for your ECS cluster.
Describe container instances with this command.
aws ecs describe-container-instances --cluster fancy-web-application-cluster
Service
Manages the desired state of your tasks. It defines the number of Tasks to run, autoscaling, and load-balancing strategies. It can optionally work with an Amazon load balancer.
Example: fancy-web-application-service
The primary responsibility of an Amazon ECS Service is keeping your Cluster healthy.
Describe an ECS Service with this command.
aws ecs describe-services --services fancy-web-application-service
Container Agent
Allows container instances to connect to your Cluster.
The Amazon ECS container agent is primarily responsible for managing containers on Amazon ECS.
The ECS container agent runs on each Container instance within a cluster and sends telemetry data about that instance’s tasks and resource utilization to the ECS service.
The Amazon ECS container agent ships with ECS-optimized AMIs, but you can also install it on any Amazon EC2 instance that supports the Amazon ECS specification.
Task Definition
I’m using an example webserver task definition provided by AWS for reference. The Task Definition parameters documentation provides a more comprehensive overview.
A Task Definition is a core ECS concept. Describe a Task Definition using a JSON file.
A Task Definition is a collection of container configurations. The Task Definition allows you to specify which Docker image to use, which ports to expose, how much CPU and memory to allocate, how to collect logs, and define environment variables. A task may need one container, while others may require two or more containers.
A Task Definition includes these properties.
Family
A Task Definition family is a name for a group of versioned containers.
Examples: fancy-web-api, fancy-web-server
Launch types
A Task Definition’s Launch types tell Amazon which environment to deploy containers.
Possible values are EC2, Fargate, and External.
Example: EC2
CPU
A Task Definition’s hard limit of CPU units allocated to a task.
A value of 1024 represents one vCPU.
Example: 1024
Memory
A hard limit of memory (in MiB) allocated to the task.
Example: 1024 ( 1 GB )
Container Definition
An array of up to ten container definitions. A Container Definition is the core component of a Task Definition.
The container definition’s CPU and memory allocations are separate from the Task Definition’s properties.
Name
A name for a container.
The Name property has a maximum length of 255 characters. Use the name of the container to form links between containers.
Example: Nginx
Image
Defines the container that starts with the task definition using a docker repository and tag name.
Images in the Docker Hub registry are available by default. Use the repository-url/image:tag or repository-url/image@digest format for container registries outside Docker Hub.
Example: debian:latest, aws_account_id.dkr.ecr.region.amazonaws.com/my-web-app:latest
Memory
The amount (in MiB) of memory allocated to the container. Use the memoryReservation property to set the minimum required memory for your container. Leave the memory property blank unless you need your container to terminate when memory consumption exceeds the defined limit.
Example: memory: 1024, memoryReservation: 128
Port Mappings
Optional port mappings allow containers to access ports on the host instance to send or receive traffic.
Example: 8080
Describe a task definition with this AWS CLI command.
aws ecs describe-task-definition
LaunchTypes
I introduced Task Definition LaunchTypes previously. A choice of LaunchType fundamentally changes your architecture. Fargate simplifies your architecture and, depending on requirements, can be cheaper than an ECS LaunchType architecture. Fargate controls the underlying infrastructure, while ECS LaunchType requires you to manage the underlying infrastructure.
Per Amazon’s comparison of Fargate VS. EC2 cost optimization.
Fargate has an 87% saving over an EC2 equivalent when the EC2 memory and vCPU reservation rate are at 6.25% and 12.5%, respectively.
Best Practices
- Use each task definition family for only one business purpose
- Match each application version with a task definition revision within a task definition family
- Use different IAM roles for each task definition family
- Use awsvpc network mode and give each service its security group
Learn ECS - Beyond The Basics
Books
Videos
Related Content
Amazon
- Amazon Elastic Container Service (Amazon ECS)
- What is Amazon Elastic Container Service?
- Building Blocks of Amazon ECS
- Best Practices Guide
- Common use cases in Amazon ECS
- Deploy applications on Amazon ECS using Docker Compose
- Amazon ECS container agent configuration — ECS Container Instance Options
- Amazon Elastic Container Service identity-based policy examples
- Introducing AWS Copilot | Containers - Amazon AWS
- Setting up with Amazon ECS — Manually create the resources required for an ECS Cluster
- Tutorial: Using cluster auto scaling with the AWS Management Console
Beginner
Code
- ECS + Terraform
- terraform-aws-modules/terraform-aws-ecs — Git Repository that includes an example ECS cluster in Terraform.
- AWS/amazon-ecs-agent — Deployable ECS agent installed on ECS enabled AMIs by default
Tools
- Installing or updating the latest version of the AWS CLI
- TL;DR; if on mac: brew install amazon-ecs-cli
- Installing or updating the latest version of the AWS CLI
Troubleshooting
Miscellaneous
Other Learning
- How Do I Learn Effectively?
- Learn 3D Graphics
- Learn Amazon Athena
- Learn Asymptotic Notations
- Learn AWS Amplify
- Learn Color Theory
- Learn Data Visualization
- Learn Design Systems
- Learn ECS
- Learn GitHub
- Learn How To Prioritize
- Learn Java
- Learn Java Coding Challenges
- Learn JavaScript
- Learn jq
- Learn Kubernetes
- Learn Python
- Learn Rendanheyi
- Learn SignalFx
- Learn Software Architecture
- Learn Software Design Patterns
- Learn Structurizr
- Learn systemd
- Learn Terraform