In this session, we cover all the options for running containers on AWS. This will include an intro of container concepts, and an overview to different services like ECS, EKS, ECR and Fargate. We cover topics like: how to choose the right orchestration platform for your workload, some different tools that are out there to make the process easier, and how to find more information and support as you work.

1. An Introduction to running containers on AWS
Sasidhar Parvathaneni, Senior Cloud Architect - Kaskade.cloud

2. First things first…
What are containers and why are customers using them?

3. What are containers?
A container is an atomic, self-contained package of software that
includes everything it needs to run (code, runtime, libraries,
packages, etc.).
A popular, widely-used container platform is Docker. More on
that here: https://www.docker.com

5. Why are containers so popular?
Portable
Lightweight
Standardized
Easy to deploy
Along with containers, comes the “monolith to microservices” story:
containers and microservices go hand in hand (more on that in a
second)

6. Running one container is easy

7. But there are still moving pieces
Server
Guest OS
Bins/Libs Bins/Libs
App2App1

8. Managing many containers is hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS

9. Enter container orchestration tools

10. What are container orchestration tools?
Framework for managing, scaling, deploying containers.

11. So what’s the container landscape
look like on AWS?

12. © 2019, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
What’s it look like all together?
Amazon ECS Amazon EKS FargateAmazon ECR

13. Amazon ECS
Easiest way to deploy and
manage containers with Amazon
Elastic Container Service
Integration with entire AWS platform
ALB, Auto Scaling, Batch, Elastic Beanstalk,
CloudFormation, CloudTrail, CloudWatch Events,
CloudWatch Logs, CloudWatch Metrics, ECR, EC2 Spot,
IAM, NLB, Parameter Store, and VPC
Scales to support clusters of any size
Service integrations (like ALB and NLB) are at
container level
1
2
3

14. Amazon EKS
Managed Kubernetes on AWS
Highly available Automated
version upgrades
Integration with
other AWS
services
Etcd
Master
Managed
Kubernetes
control plane
CloudTrail, CloudWatch,
ELB, IAM, VPC,
PrivateLink

15. Amazon ECR
Easily store, manage and deploy
container images with Amazon
Elastic Container Registry
Just push your container images to Amazon ECR
and pull the images using any container
management tool when you need to deploy.
Transfers your container images over HTTPS
and automatically encrypts your images at rest
Integrates with Amazon ECS and the Docker
CLI, allowing you to simplify your
development and production workflows
1
2
3

16. AWS Fargate
Launch quickly
Scale easily
No infrastructure
Resource based pricing
Containers on demand
Manage everything at
container level

17. What does AWS Fargate mean?
No worrying about scaling, service mesh, underlying infrastructure,
cluster resources, capacity, setup.
Just give it a task definition or pod, set some resource limits, and
away you go.

18. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
“When someone asks you for a sandwich,
they aren’t asking you to put them in charge
of a global sandwich logistic chain. They just
want a sandwich”

19. © 2019, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
So you want to run a (managed) container on AWS
AMAZON CONTAINER SERVICES
Choose your orchestration tool1
Choose your launch type2
ECS EKS
EC2 Fargate EC2

20. How do I know when to use Fargate vs EC2 mode?
Depends on your workload.
For Fargate: if you have a Task Definition, and you’re ok with awsvpc
networking mode, try Fargate. Some caveats: can’t exec into the
container, or access the underlying host (this is also a good thing)
For EC2 mode: good if you need to customize!

21. © 2019, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
What are the differences between ec2 mode and Fargate?
• Change in networking mode: "networkMode": "awsvpc”
• Only specify container port, no host port:
• "portMappings":
[{"containerPort": ”8081"}]
• No links (only local loopback)
• No ELB Classic, only ALB or NLB. ALB needs to use target type IP,
not instance.
• Launch Type: Fargate

22. © 2019, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
New and important!
requiresCompatibilities parameter.
"requiresCompatibilities": ["FARGATE"]
You can have tasks that have multiple compatibilities:
"requiresCompatibilities": ["FARGATE”,
“EC2”]

23. © 2019, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
Hang on, what’s awsvpc?
New task level networking type.
Each Task is assigned an ENI (Elastic Network Interface), and a private
IP (and optionally a public IP, if you’re using Fargate) from your
subnet.
This allows for simplified container networking: containers that are
part of the same task (and thus on the same host) can use the local
loopback interface. Containers not on the same host use the
ENI/hostname/IP

24. © 2019, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
Need some more info on working with awsvpc?
https://aws.amazon.com/blogs/compute/task-
networking-in-aws-fargate/
https://aws.amazon.com/blogs/compute/introd
ucing-cloud-native-networking-for-ecs-
containers/

25. © 2019, Amazon Web Services, Inc. or Its Affiliates. All rights reserved.
Need help migrating between Fargate and EC2?
https://aws.amazon.com/blogs/compute/migr
ating-your-amazon-ecs-containers-to-aws-
fargate/

26. ECS: can be totally managed, or can customize resource usage, networking, task placement
etc. to fit your application needs. Shared responsibility with AWS (because managed service).
ecs-agent is open source. Easy integration with other AWS services.
EKS: managed, upstream Kubernetes. Can connect to clusters through kubectl and use
existing tooling. Can opt in to managed version upgrades. Add resources to your cluster
through EC2, or with Fargate mode.
Fargate: underlying technology for containers on demand. Pass a Task Definition or
Kubernetes Pod, set resource limits, and Fargate manages everything else. NO access to
underlying host, no managing of resources. Great if you don’t want to handle scaling,
orchestration, deployments, upgrades yourself. Not for those of you that are making changes
to your infrastructure (i.e., bringing custom AMIs, or installing things through EC2 user-data)
tl;dr

27. https://medium.com/containers-on-
aws/choosing-your-container-environment-
on-aws-with-ecs-eks-and-fargate-
cfbe416ab1a
Need more info on how to choose?

28. I get by with a little help from my friends

29. CLIs (that I know of) for Fargate/ECS:
aws-cli: the official OG. Open source, includes most AWS services.
• More info here: https://aws.amazon.com/cli/
• Github here: https://github.com/aws/aws-cli
ecs-cli: also official, but just for ECS. Supports docker compose files.
• More info here: https://github.com/aws/amazon-ecs-cli
Some good unofficial options:
Fargate cli: https://github.com/jpignata/fargate
Coldbrew cli: https://github.com/coldbrewcloud/coldbrew-cli

30. The awesome-ecs project:
https://github.com/nathanpeck/awesome-ecs

31. Workshops!
From @brentcontained
https://t.co/ba0usbZqHN

32. Kubernetes on AWS
From @nathanpeck
https://github.com/nathanpeck/aws-workshop-for-kubernetes

33. ECS two ways - resources
From @arungupta
https://github.com/arun-gupta/ecs-workshop
From @abbyfuller
https://github.com/abby-fuller/ecs-demo

34. We want to hear from all of you!
More focus on supporting Tasks as compute primitive, more focus on
removing undifferentiated heavy lifting.
Our roadmap is driven by feedback:

35. How can I get started?
• To get started with EKS :
https://aws.amazon.com/eks/
• To get started with Fargate:
https://aws.amazon.com/fargate/
• Blogs:
https://aws.amazon.com/blogs/aws/aws-fargate/
https://aws.amazon.com/blogs/aws/amazon-elastic-container-service-for-kubernetes/
• Liz Rice from Aquasec on Fargate:
https://blog.aquasec.com/securing-struts-in-aws-fargate
• Nathan Peck from AWS:
https://medium.com/containers-on-aws/choosing-your-container-environment-on-aws-with-ecs-eks-and-fargate-
cfbe416ab1a
• Deepak Singh (containers GM at AWS):
https://www.slideshare.net/AmazonWebServices/containers-on-aws-state-of-the-union-con201-reinvent-2017

36. Need a little help?
Community Slack channels:
awsdevelopers.slack.com
amazon-ecs.slack.com
Or reach out to one of our specialists:
@abbyfuller
@nathankpeck
@brentcontained
@paulmaddox

37. Thank you
Any questions?