Join me here :
CONTAINERS on AWS
-
INTRODUCTION
-
AWS NATIVE STACK
-
Kubernetes on AWS
-
AWS NATIVE STACK V2
-
Demo
-
WRAP-UP
Mohamed BOUCHENAFA
DevOps/Cloud Lead Consultant
Docker Geneva Community Leader
THE TEAM
7 consultants
- Support to DevOps transition
- Support to container transition
- CI/CD expertise
- Deployment expertise
- Release management expertise
- Provisioning automation
- Monitoring
- Cloud migration
- Cloud audit & optimization
Join me here :
EC2
VPC
S3
EBS
EFS
IAM
CLOUDFORMATION
ELB
CERTIFICATE MANAGER
REGIONS AND AVAILABILITY ZONES
High Availability
an open-source system for packaging software into standardized units (called containers) for development, shipment and deployment
> ssh -i my-ec2-key-pair.pem ec2-user@<EC2-INSTANCE-PUBLIC-IP-ADDRESS>
[ec2-user]$ sudo yum update -y
[ec2-user]$ sudo yum install -y docker
[ec2-user]$ sudo service docker start
[ec2-user]$ sudo usermod -a -G docker ec2-user
[ec2-user]$ docker run -d -p 80:5000 training/webapp:latest python app.py
[ec2-user]$ curl http://localhost
Hello world!
AT THE BEGINNING
THIS MEANS
THEN
MUST BE A BETTER SOLUTION ?
Container definition
Task definition
Service
Cluster
ECS OBJECTS
{"ipcMode": null,
"executionRoleArn": null,
"containerDefinitions": [
{
******
"portMappings": [
{
"hostPort": 8081,
"protocol": "tcp",
"containerPort": 8081
}
],
******
"mountPoints": [
{
"readOnly": null,
"containerPath": "/var/opt/jfrog/artifactory/data",
"sourceVolume": "data"
}
],
"cpu": 744,
"memory": 812,
"memoryReservation": null,
"volumesFrom": [],
"image": "************.dkr.ecr.eu-west-1.amazonaws.com/sw_artifactory",
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": null,
"hostname": null,
"extraHosts": null,
"pseudoTerminal": null,
"user": null,
"readonlyRootFilesystem": null,
"dockerLabels": null,
"systemControls": null,
"privileged": true,
"name": "artifactory"
}
],
"placementConstraints": [],
"memory": null,
"taskRoleArn": null,
"compatibilities": [
"EC2"
],
"taskDefinitionArn": "arn:aws:ecs:eu-west-1:************:task-definition/artifactory:6",
"family": "artifactory",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.privileged-container"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.ecr-auth"
}
],
"pidMode": null,
"requiresCompatibilities": [],
"networkMode": "bridge",
"cpu": null,
"revision": 6,
"status": "ACTIVE",
"volumes": [
{
"name": "data",
"host": {
"sourcePath": "/mnt/data/artifactory/data"
},
"dockerVolumeConfiguration": null
},
{
"name": "logs",
"host": {
"sourcePath": "/mnt/data/artifactory/logs"
},
"dockerVolumeConfiguration": null
},
{
"name": "etc",
"host": {
"sourcePath": "/mnt/data/artifactory/etc"
},
"dockerVolumeConfiguration": null
}
]
}
"placementConstraints": [],
"memory": null,
"taskRoleArn": null,
"compatibilities": [
"EC2"
],
"taskDefinitionArn": "arn:aws:ecs:eu-west-1:************:task-definition/artifactory:6",
"family": "artifactory",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.privileged-container"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.ecr-auth"
}
],
"pidMode": null,
"requiresCompatibilities": [],
"networkMode": "bridge",
"cpu": null,
"revision": 6,
"status": "ACTIVE",
"volumes": [
{
"name": "data",
"host": {
"sourcePath": "/mnt/data/artifactory/data"
},
"dockerVolumeConfiguration": null
}
]
}
Container Registry
- Fully Managed
- Secure
- Highly Available
- Simplified Workflow
$(aws ecr get-login --no-include-email --region us-east-1)
an open-source system for automating deployment, scaling, and management of containerized applications across clusters of machines
of Kubernetes workloads
run on AWS today
— Cloud Native Computing Foundation
57%
+
USER
CONTROL PLANE
No instances to manage
Task native API
Resource based price
Simple, easy to use, powerful and new consumption model
-
IAM Roles for Tasks
-
Task Auto Scaling
-
Task Load Balancers
-
Task Networking
- Applications invoked by name
- Automatically resolved to IP or port
- Native to Amazon ECS services
- No infrastructure to manage
SERVICE DISCOVERY
WRAP UP
Large workload, optimized for price
Large workload, optimized for low overhead
Small workload, with occasional bursts
Tiny workload
Batch workloads
Fargate mode for EKS : coming soon
follow @AWSreInvent or join the recap
CREDITS
- aws.amazon.com
- @nathankpeck
- @ric__harvey
- @tiffanyfayj
Containers on AWS
By Mohamed BOUCHENAFA
Containers on AWS
- 1,618