Container, Container, Container -유재석 (AWS 솔루션즈 아키텍트)
2 likes2,053 views
The document outlines an agenda for a workshop on containers and container orchestration using Amazon ECS and EKS. It includes hands-on lab sessions on launching an EKS cluster, deploying services, logging, and game server operations. There are also sessions on Amazon ECS, AWS Fargate, and comparisons of Docker vs VMs.
![© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Dockerfile
# our base image
FROM alpine:3.5
# Install python and pip
RUN apk add --update py2-pip
# install Python modules needed by the Python app
COPY requirements.txt /usr/src/app/
RUN pip install --no-cache-dir -r
/usr/src/app/requirements.txt
# copy files required for the app to run
COPY app.py /usr/src/app/
COPY templates/index.html /usr/src/app/templates/
# tell the port number the container should expose
EXPOSE 5000
# run the application
CMD ["python", "/usr/src/app/app.py"]
$ docker build -t <YOUR_USERNAME>/myfirstapp .
Sending build context to Docker daemon 9.728 kB
Step 1 : FROM alpine:latest
---> 0d81fc72e790
Step 2 : RUN apk add --update py-pip
---> 976a232ac4ad
Removing intermediate container 8abd4091b5f5
Step 3 : COPY requirements.txt /usr/src/app/
---> 65b4be05340c
Step 4 : RUN pip install --no-cache-dir -r
/usr/src/app/requirements.txt
---> 8de73b0730c2
Step 5 : COPY app.py /usr/src/app/
…
Dockerfile은 컨테이너 내부 이미지 환경 및 구성 정의](https://image.slidesharecdn.com/container-workshop-0827-ecsfargate-190830072303/85/Container-Container-Container-AWS-9-320.jpg)
![© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Tasks are defined via Task Definitions
{
"containerDefinitions": [
{
"name": "simple-app",
"image": "httpd:2.4",
"cpu": 10,
"memory": 300,
"portMappings": [
{
"hostPort": 80,
"containerPort": 80,
"protocol": "tcp"
}
],
"essential": true,
"mountPoints": [
{
"containerPath": "/usr/local/apache2/htdocs",
"sourceVolume": "my-vol"
}
]
},
{
"name": "busybox",
"image": "busybox",
"cpu": 10,
"memory": 200,
"volumesFrom": [
{
"sourceContainer": "simple-app"
}
],
"command": [
"/bin/sh -c "...""
],
"essential": false
}
],
"volumes": [
{
"name": “my-vol"
}
]
}](https://image.slidesharecdn.com/container-workshop-0827-ecsfargate-190830072303/85/Container-Container-Container-AWS-32-320.jpg)
![© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Tasks are defined via Task Definitions
{
"containerDefinitions": [
{
"name": "simple-app",
"image": "httpd:2.4",
"cpu": 10,
"memory": 300,
"portMappings": [
{
"hostPort": 80,
"containerPort": 80,
"protocol": "tcp"
}
],
"essential": true,
"mountPoints": [
{
"containerPath": "/usr/local/apache2/htdocs",
"sourceVolume": "my-vol"
}
]
},
10 CPU units (1024 is a full CPU)
300 MB of memory
Expose port 80 in container
to port 80 on host
Create and mount volumes
Essential to our task](https://image.slidesharecdn.com/container-workshop-0827-ecsfargate-190830072303/85/Container-Container-Container-AWS-33-320.jpg)
![© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Tasks are defined via Task Definitions
{
"name": "busybox",
"image": "busybox",
"cpu": 10,
"memory": 200,
"volumesFrom": [
{
"sourceContainer": "simple-app"
}
],
"command": [
"/bin/sh -c "...""
],
"essential": false
}
],
"volumes": [
{
"name": “my-vol"
}
]
}
From Docker Hub
Mount volume from other container
Command to exec
Volumes](https://image.slidesharecdn.com/container-workshop-0827-ecsfargate-190830072303/85/Container-Container-Container-AWS-34-320.jpg)
![© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CPU & Memory specification
Task Level Resources:
• Total CPU/memory across all containers
• Required fields
• Billing dimensions
Units
• CPU: cpu-units. 1 vCPU = 1024 cpu-units
• Memory: MB
Container Level Resources:
• Defines sharing of task resources among
containers
• Optional fields
{
"family": "scorekeep",
"cpu": "1 vCpu",
"memory": "2 gb",
"containerDefinitions": [
{
"name":“scorekeep-frontend",
"image":"xxx.dkr.ecr.us-east-1.amazonaws.com/fe“,
"cpu": 256,
"memoryReservation": 512
},
{
"name":“scorekeep-api",
"image":"xxx.dkr.ecr.us-east-1.amazonaws.com/api",
"cpu": 768,
"memoryReservation": 512
}
]
}
Task
Level
Resources
Container
Level
Resources
Task Definition Snippet](https://image.slidesharecdn.com/container-workshop-0827-ecsfargate-190830072303/85/Container-Container-Container-AWS-50-320.jpg)
![© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPC Configuration
{
"family": "scorekeep",
"cpu": "1 vCpu",
"memory": "2 gb",
"networkMode": "awsvpc",
"containerDefinitions": [
{
"name":“scorekeep-frontend",
"image":"xxx.dkr.ecr.us-east-1.amazonaws.com/fe",
"cpu": 256,
"memoryReservation": 512
},
{
"name":“scorekeep-api",
"image":"xxx.dkr.ecr.us-east-1.amazonaws.com/api",
"cpu": 768,
"memoryReservation": 512
}
]
}
$ aws ecs run-task ...
-- task-definition scorekeep:1
-- network-configuration
“awsvpcConfiguration = {
subnets=[subnet1-id, subnet2-id],
securityGroups=[sg-id]
}”
Enables ENI
creation &
attachment
to Task
Run Task
Task Definition](https://image.slidesharecdn.com/container-workshop-0827-ecsfargate-190830072303/85/Container-Container-Container-AWS-52-320.jpg)
Container, Container, Container -유재석 (AWS 솔루션즈 아키텍트)
- 1. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Jaeseok Yoo Container, Container, Container …
- 2. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Time 9:30 - 11:00 Docker & Container Orchestration k8s, Amazon EKS HoL: Launch EKS Cluster 11:00 – 11:15 Beak 11:15 – 12:30 HoL: Deploy Dashboard, Microservices, Logging 12:30 – 14:00 Launch 14:00 – 15:00 Amazon ECS, AWS Fargate 15:00 – 16:45 HoL: Dedicated game server operation 16:45 – 17:00 Clean Up
- 3. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Docker
- 4. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 애플리케이션의 구성 런 타임 엔진 코드 디펜던시 구성
- 5. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. • 다른 애플리케이션 스택 • 다른 하드웨어 배포 환경 • 다른 환경에서 애플리케이션을 실행하는 효율적인 방법은? • 다른 환경으로 쉽게 마이그레이션하는 방법은? 문제점
- 6. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 솔루션 - 도커 이식성 : 이미지 기반 배포 유연성 : 마이크로 서비스 모듈화 신속성 : 가벼운 도커 이미지 효율성 : OS kernel 공유
- 7. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. VM과 컨테이너 비교 Server (Host) Host OS Hypervisor App 2 Guest OS Guest OS Guest OS Bins/Libs Bins/Libs Bins/Libs App 1 App 3 VM Server (Host) Host OS Docker Bins/Libs Bins/Libs Bins/Libs App 1 App 2 App 3 Container Hypervisor Guest OS
- 8. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Docker 이미지 구성 bootfs kernel Base image Image Image W ritable Container add nginx add nodejs U buntu References parent image Base Image : 템플릿으로 사용되는 읽기 전용 이미지 Base Image에서 시작해서 커스텀 Image 추가하는 방식 Dockerfile 활용하여 손쉽게 배포 관련 구성 설정 및 재배포에 용이함
- 9. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Dockerfile # our base image FROM alpine:3.5 # Install python and pip RUN apk add --update py2-pip # install Python modules needed by the Python app COPY requirements.txt /usr/src/app/ RUN pip install --no-cache-dir -r /usr/src/app/requirements.txt # copy files required for the app to run COPY app.py /usr/src/app/ COPY templates/index.html /usr/src/app/templates/ # tell the port number the container should expose EXPOSE 5000 # run the application CMD ["python", "/usr/src/app/app.py"] $ docker build -t <YOUR_USERNAME>/myfirstapp . Sending build context to Docker daemon 9.728 kB Step 1 : FROM alpine:latest ---> 0d81fc72e790 Step 2 : RUN apk add --update py-pip ---> 976a232ac4ad Removing intermediate container 8abd4091b5f5 Step 3 : COPY requirements.txt /usr/src/app/ ---> 65b4be05340c Step 4 : RUN pip install --no-cache-dir -r /usr/src/app/requirements.txt ---> 8de73b0730c2 Step 5 : COPY app.py /usr/src/app/ … Dockerfile은 컨테이너 내부 이미지 환경 및 구성 정의
- 10. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 고객사례 - Nextdoor Base OS version Apt packages: OpenSSL libpq syslog-ng Datadog Python runtime PyPI packages: Boto Django Mapnik SendGrid Source code Static assets Images JS CSS
- 11. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Layer 별 각기 다른 업데이트 주기 Quarterly Weekly/ monthly Continuous
- 12. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AMI에서 Docker Container로 변경 Base OS layer System packages Python packages Nextdoor source
- 13. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Docker 이전에는 빌드 20분 소요 chroot sudo apt-get install sudo pip install git clone make install dpkg create
- 14. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Base image , system deps 추가 FROM hub.corp.nextdoor.com/nextdoor/nd_base:precise ADD app/docker/scripts/apt-fast app/docker/scripts/system-deps.sh /deps/ RUN /deps/system-deps.sh
- 15. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Python virtualenv 설정 업데이트 ADD app/docker/scripts/venv-deps.sh app/apps/nextdoor/etc/requirements*.txt app/apps/nextdoor/etc/nextdoor.yml app/services/scheduler/etc/scheduler.yml app/services/supervisor/etc/supervisor.yml /deps/ RUN /deps/venv-deps.sh
- 16. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. App 소스 업데이트 ADD app/static/nextdoorv2/images /app/static/nextdoorv2/images ADD app/thrift /deps/thrift ADD app/nd /deps/nd ADD app /app
- 17. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 빌드 시간 20분 -> 평균 2분 ECS에 최종 배포까지 평균 5분
- 18. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Common Questions • How do I deploy my containers to hosts? • How do I do zero downtime or blue green deployments? • How do I keep my containers alive? • How can my containers talk to each other? • Linking? Service Discovery? • How can I configure my containers at runtime? • What about secrets? • How do I best optimize my "pool of compute”?
- 19. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we make this work at scale?
- 20. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. We need to • start, stop, and monitor lots of containers running on lots of hosts • decide when and where to start or stop containers • control our hosts and monitor their status • manage rollouts of new code (containers) to our hosts • manage how traffic flows to containers and how requests are routed
- 21. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Container Orchestration Instance Instance Instance OS OS OS Container Runtime Container Runtime Container Runtime App Service App App Service Service Container Orchestration
- 22. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Container Orchestration myJob: { Cpu: 10 Mem: 256 } Orchestrator Schedule Run “myJob”
- 23. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Container Orchestration Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management OrchestrationService Management §Availability §Lifecycle §Discovery
- 24. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Container Orchestration Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Scheduling §Placement §Scaling §Upgrades §Rollbacks
- 25. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Container Orchestration Instance/OS Instance/OS Instance/OS App Service App App Service Service Service Management Scheduling Resource Management Orchestration Resource Management § Memory § CPU § Ports
- 26. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What are container orchestration tools?
- 27. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Container Services Landscape MANAGEMENT Deployment, Scheduling, Scaling & Management of containerized applications HOSTING Where the containers run Amazon Elastic Container Service Amazon Elastic Container Service for Kubernetes Amazon EC2 AWS Fargate IMAGE REGISTRY Container Image Repository GA : June 6, 2018 Seoul : Jan 11, 2019 Amazon Elastic Container Registry
- 28. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
- 29. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon ECS EC2 INSTANCES LOAD BALANCER Internet ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER
- 30. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon ECS : Cluster EC2 INSTANCES LOAD BALANCER Internet ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER
- 31. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon ECS : Task EC2 INSTANCES LOAD BALANCER Internet ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER
- 32. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tasks are defined via Task Definitions { "containerDefinitions": [ { "name": "simple-app", "image": "httpd:2.4", "cpu": 10, "memory": 300, "portMappings": [ { "hostPort": 80, "containerPort": 80, "protocol": "tcp" } ], "essential": true, "mountPoints": [ { "containerPath": "/usr/local/apache2/htdocs", "sourceVolume": "my-vol" } ] }, { "name": "busybox", "image": "busybox", "cpu": 10, "memory": 200, "volumesFrom": [ { "sourceContainer": "simple-app" } ], "command": [ "/bin/sh -c "..."" ], "essential": false } ], "volumes": [ { "name": “my-vol" } ] }
- 33. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tasks are defined via Task Definitions { "containerDefinitions": [ { "name": "simple-app", "image": "httpd:2.4", "cpu": 10, "memory": 300, "portMappings": [ { "hostPort": 80, "containerPort": 80, "protocol": "tcp" } ], "essential": true, "mountPoints": [ { "containerPath": "/usr/local/apache2/htdocs", "sourceVolume": "my-vol" } ] }, 10 CPU units (1024 is a full CPU) 300 MB of memory Expose port 80 in container to port 80 on host Create and mount volumes Essential to our task
- 34. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tasks are defined via Task Definitions { "name": "busybox", "image": "busybox", "cpu": 10, "memory": 200, "volumesFrom": [ { "sourceContainer": "simple-app" } ], "command": [ "/bin/sh -c "..."" ], "essential": false } ], "volumes": [ { "name": “my-vol" } ] } From Docker Hub Mount volume from other container Command to exec Volumes
- 35. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Task log to CloudWatch Logs CloudWatch Logs Amazon S3 Amazon Kinesis AWS Lambda Amazon ElasticSearch Amazon ECS Store Stream Process Search CloudWatch Logs CloudWatch Logs CloudWatch Logs
- 36. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IAM Task Role AWS IAM Amazon DynamoDB S3 AWS IAM DynamoDBRole S3Role Amazon ECS IAM Task Role Identity Access Management (IAM) ECS Task
- 37. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Task Placement Constraints Name Example AMI ID attribute:ecs.ami-id == ami- eca289fb Availability Zone attribute:ecs.availability- zone == us-east-1a Instance Type attribute:ecs.instance-type == t2.small Distinct Instances type=“distinctInstance” Custom attribute:stack == prod Cluster Constraints Custom Constraints Placement Strategies Apply Filter CPU, memory, port requirements AZ, EC2 type, AMI, or custom constraints Spread or Binpack placement strategy Select final instances for task deployment
- 38. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Task Placement Strategies Binpacking Spread Affinity Distinct Instance
- 39. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon ECS : Service EC2 INSTANCES LOAD BALANCER Internet ECS AGENT TASK Container TASK Container ECS AGENT TASK Container TASK Container AGENT COMMUNICATION SERVICE Amazon ECS API CLUSTER MANAGEMENT ENGINE KEY/VALUE STORE ECS AGENT TASK Container TASK Container LOAD BALANCER
- 40. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudWatch ECS Metric 2 Dimensions • ClusterName • ServiceName 4 metrics • CPUReservation • MemoryReservation • CPUUtilization • MemoryUtilization Container Instance … Cluster Task definition Task Service CloudWatch ECS Metrics CloudWatch EC2 Metrics Container Instance Container Instance
- 41. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS Cluster (EC2 Instance) Auto Scale out Event: Per cluster CPU, memory reservation, or usage New services ECS ECS cluster CloudWatch Developers CloudWatch event
- 42. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS Cluster (EC2 Instance) Auto Scale in Draining ECS ECS cluster CloudWatch Event: Per cluster CPU, memory reservation, or usage
- 43. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Service Auto Scaling Amazon EC2 Service Resource buffer (+~15%)
- 44. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Auto Scaling Target Tracking Only need to set the target value for the metric (ex: CPU utilization 50%) Auto Scaling automatically adjusts the Task DesiredCount in Service CloudWatch metric ECSServiceAverageCPUUtilization ECSServiceAverageMemoryUtilization ALBRequestCountPerTarget CPUTraffic DesiredCount Time 100% 0% 50% 10% 20% 30% 40% 60% 70% 80% 90% 5 30 10 15 20 25 Target CPU Utilization DesiredCount
- 45. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
- 46. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Fargate : Only focus on tasks! Simple, Easy, efficient Serverless Container! =No EC2 Instances to provision, scale or manage ECS Native API , Integrated with VPC, ELB, IAM, CloudWatch and more Pay for CPU, Memory Usage
- 47. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Fargate Scheduling and Orchestration Cluster Manager Placement Engine ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance
- 48. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon EC2 and AWS Fargate Hybrid cluster ECS Instance ECS Instance ECS Instance ECS InstanceECS Instance ECS Instance EC2 FARGATE Notifications Amazon ECS CLUSTER Availability Zone #1 Availability Zone #2 Availability Zone #3 Subnet 2 172.31.2.0/24 Subnet 1 172.31.1.0/24 Subnet 3 172.31.3.0/24 Web Shopping Cart
- 49. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fargate Define application containers: Image URL, CPU & Memory requirements, etc. register Task Definition create Cluster • Infrastructure Isolation boundary • IAM Permissions boundary run Task • A running instantiation of a task definition • Use Fargate launch type create Service Elastic Load Balancing
- 50. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CPU & Memory specification Task Level Resources: • Total CPU/memory across all containers • Required fields • Billing dimensions Units • CPU: cpu-units. 1 vCPU = 1024 cpu-units • Memory: MB Container Level Resources: • Defines sharing of task resources among containers • Optional fields { "family": "scorekeep", "cpu": "1 vCpu", "memory": "2 gb", "containerDefinitions": [ { "name":“scorekeep-frontend", "image":"xxx.dkr.ecr.us-east-1.amazonaws.com/fe“, "cpu": 256, "memoryReservation": 512 }, { "name":“scorekeep-api", "image":"xxx.dkr.ecr.us-east-1.amazonaws.com/api", "cpu": 768, "memoryReservation": 512 } ] } Task Level Resources Container Level Resources Task Definition Snippet
- 51. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. VPC Integration Launch your Fargate Tasks into subnets Under the hood : • We create an Elastic Network Interface (ENI) • The ENI is allocated a private IP from your subnet • The ENI is attached to your task • Your task now has a private IP from your subnet! You can assign public IPs to your tasks Configure security groups to control inbound & outbound traffic 172.31.0.0/16 Subnet 172.31.1.0/24 Other Entities in VPC EC2 LB DB etc. Private IP 172.31.1.164 ENI Fargate TaskPublic / 208.57.73.13 /
- 52. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. VPC Configuration { "family": "scorekeep", "cpu": "1 vCpu", "memory": "2 gb", "networkMode": "awsvpc", "containerDefinitions": [ { "name":“scorekeep-frontend", "image":"xxx.dkr.ecr.us-east-1.amazonaws.com/fe", "cpu": 256, "memoryReservation": 512 }, { "name":“scorekeep-api", "image":"xxx.dkr.ecr.us-east-1.amazonaws.com/api", "cpu": 768, "memoryReservation": 512 } ] } $ aws ecs run-task ... -- task-definition scorekeep:1 -- network-configuration “awsvpcConfiguration = { subnets=[subnet1-id, subnet2-id], securityGroups=[sg-id] }” Enables ENI creation & attachment to Task Run Task Task Definition
- 53. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fargate Storage Layer Storage Space : • 10 GB layer storage available per task across all containers in a single task • Includes image layers Ephemeral storage backed by Amazon EBS Fargate volume Storage : • 4 GB volume space per task • Visible across containers • Configure via task definitions Image Layers Writable Layer Image Layers Writable Layer Container 1 Container 2 10 GB per Task Container 1 Container 2 4 GB Volume Storage mount /var/container1/data /var/container2/data
- 54. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fargate pricing CPU Memory 256 (.25 vCPU) 512MB, 1GB, 2GB 512 (.5 vCPU) 1GB to 4GB 1024 (1 vCPU) 2GB to 8GB 2048 (2 vCPU) 4GB to 16GB 4096 (4 vCPU) 8GB to 30GB 1 vCPU = $0.04656/hour 1 GB Mem = $0.00511/hour 50 different CPU/memory configurations
- 55. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!