Amazon Elastic Container Service (ECS)

Amazon Elastic Container Service (ECS) is a fully managed service that enables users to run Docker-based applications in containers across a cluster of EC2 instances. ECS simplifies container orchestration, allowing you to deploy, manage, and scale containerized applications efficiently.

The service supports multiple launch types, including the AWS Fargate launch type, which abstracts the underlying EC2 infrastructure, enabling you to run containers without needing to manage or provision the EC2 instances. This allows developers to focus on building and deploying applications while AWS handles the cluster management and resource provisioning.

The Core Components

To understand ECS, you must first understand its four fundamental building blocks.

1. Task Definition

A Task Definition is the blueprint for your application. It's a JSON file that describes how to run a Docker container. It specifies crucial parameters like:

• The Docker image to use (e.g., nginx:latest from Docker Hub or your own image in Amazon ECR).
• The CPU and memory to allocate to the container.
• The ports to open on the container.
• Environment variables, logging configurations, and the IAM Role the task will use.

2. Task

A Task is a single, running instance of a Task Definition. If the Task Definition is the blueprint, the Task is the actual house built from that blueprint.

3. Service

While you can run individual Tasks, for any long-running application, you'll use a Service. The ECS Service is responsible for maintaining a specified number of Tasks running continuously. Its key responsibilities include:

• Maintaining the "Desired Count": If a Task fails or stops for any reason, the Service scheduler will automatically launch a new one to replace it, ensuring your application is self-healing.
• Load Balancing: It can integrate with an Application Load Balancer (ALB) to distribute traffic evenly across all the Tasks in the Service.
• Auto Scaling: It can automatically increase or decrease the number of Tasks based on metrics like CPU usage or the number of requests.

4. Cluster

A Cluster is a logical grouping of resources where your Tasks are run. It's the underlying infrastructure that provides the CPU, memory, and networking for your containers.

How Elastic Container Service Works?

Amazon elastic container service is a fully managed service which is provided by AWS it is mainly used to deploy containers that are docker based by which you scale up and down depending on the traffic you're going to get. The containers will run inside the Amazon elastic cloud (EC2) instance.

1. Container: A container is a package that holds an application and everything dependencies, libraries, etc.) the application requires to run. Containers are independent of the underlying operating system and hence container applications are fairly portable, flexible, and scalable. This ensures the application will run always as expected irrespective of the system and environment in which a container is run.
2. Docker: Docker is software that facilitates and automates the installation and deployment of applications inside Linux containers.
3. Cluster: A logic group of EC2 instances running as a single application.
4. Container Instance: Each EC2 in an ECS Cluster is called a container instance.

The Most Important Choice: Fargate vs. EC2 Launch Types

When you run a task, you must decide where it will run. ECS offers two powerful options, known as "launch types."

1. AWS Fargate (Serverless)

• What it is: Fargate is a serverless compute engine for containers. You simply define your application in a Task Definition, and Fargate launches and manages the containers for you without you ever having to think about the underlying servers.
• How it works: You pay for the CPU and memory resources your application requests, billed per second.
• Best for: The vast majority of modern applications. It's perfect for microservices, web applications, and batch jobs where you want to focus on your code, not on managing infrastructure. It provides the fastest path to running containers on AWS.

2. EC2 Launch Type

• What it is: With the EC2 launch type, you are responsible for managing the cluster of EC2 instances that your containers will run on. You add these EC2 instances to your ECS Cluster, and the ECS agent on each instance registers it with the control plane.
• How it works: The ECS scheduler places your Tasks onto the EC2 instances in your cluster. You have full control over the type of EC2 instance, the operating system, and any custom configurations.
• Best for: Applications with specific compliance requirements, those needing more control over the host environment, or for workloads that require GPUs or other specialized hardware not available on Fargate.

Amazon ECS Terminologies and Components

Amazon Elastic Container Service (ECS) is a managed service for deploying, managing and scaling containers. Here’s a quick look at its key components:

1. Provisioning

Provisioning tools help set up and manage ECS resources:

• AWS CLI: Command-line interface for direct control.
• Copilot: Simplifies ECS workflows.
• Management Console: Graphical interface for ECS management.
• AWS CDK & SDK: Enables infrastructure as code and custom integrations.

2. Controller

The ECS Scheduler manages and distributes tasks, balancing workloads and ensuring availability across clusters.

3. Capacity Options

Amazon ECS supports different capacity options:

• Amazon EC2 Instances: Customizable virtual machine hosting.
• Fargate: Serverless container hosting without infrastructure management.
• On-Premises Compute: Extends ECS to on-premises servers for hybrid solutions.

This structure offers flexibility and control for containerized applications in AWS and beyond.

How ECS Auto Scaling Works

ECS provides powerful auto-scaling capabilities at two levels:

1. Task-level Scaling (Service Auto Scaling): This is the most common type. You can configure your ECS Service to automatically add or remove Tasks based on demand. For example, you can set a rule like: "If the average CPU utilization of all my tasks goes above 75%, add two more tasks." This is perfect for handling traffic spikes.
2. Infrastructure-level Scaling (Cluster Auto Scaling): This applies only to the EC2 launch type. Cluster Auto Scaling automatically adds or removes EC2 instances from your cluster based on the resources required by your tasks. This ensures you are only paying for the EC2 instances you actually need.

Common Use Cases for ECS

• Microservices Architecture: ECS is a natural fit for breaking down a monolithic application into smaller, independently deployable microservices. Each service can be managed by its own ECS Service, with its own scaling rules and deployment pipeline.
• Web Applications: Run scalable, highly available web applications by placing an Application Load Balancer in front of an ECS Service.
• Batch Processing: Run short-lived, data-intensive jobs for tasks like financial modeling, scientific simulations, or ETL (Extract, Transform, Load) processes. You can schedule these as individual Tasks.
• CI/CD Pipelines: Use ECS to run your build, test, and deployment jobs as containerized tasks, creating a consistent and repeatable pipeline.

Advantages of ECS

Here are some advantages of ECS:

1. Scalability: ECS automatically scales your applications based on demand, allowing you to easily handle changes in traffic or workload.
2. High availability: ECS provides built-in availability and fault tolerance, ensuring that your applications are always up and running.
3. Cost-effective: ECS enables you to optimize your infrastructure costs by scaling resources based on demand and only paying for what you use.
4. Integration: ECS integrates with other AWS services such as Amazon ECR, AWS Fargate, Amazon CloudWatch, and AWS IAM.
5. Security: ECS provides a secure environment to run your applications, with features such as IAM roles for tasks, VPC isolation, and encryption at rest.

ECS has some limitations to consider. For example, it requires a certain level of expertise to set up and configure the service. Additionally, it may not be suitable for applications that require a high level of customization or specialized networking requirements.

Ways to Provision and Manage ECS

You can interact with ECS using a variety of tools, catering to different workflows:

• AWS Management Console: A graphical web interface, perfect for getting started and for visual monitoring.
• AWS Copilot CLI: A modern, developer-friendly command-line tool designed to make it extremely easy to build, release, and operate containerized applications on ECS.
• AWS CDK (Cloud Development Kit): Define your ECS infrastructure as code using familiar programming languages like Python, TypeScript, or Go.
• AWS CLI: The standard command-line interface for direct, low-level control over all ECS resources.

AWS Command Line Interface(AWS CLI)

AWS provides a set of commands that can be run on AWS-CLI (AWS Command Line Interface) to manage your services. Much like you'd manage from your AWS Console. Following is a list of commands that can be used for managing the AWS ECS service.

• create-capacity-provider:  Used to create a new capacity provider. Capacity providers comprise a name, an Auto Scaling group along with termination and scaling settings.
• create-cluster: Creates a new AWS ECS Cluster.
• create-service: Runs and maintains a desired number of tasks as specified by the given task definition.
• create-task-set: Create a the task-set in AWS ECS cluster or a Service.
• delete-account-setting: Disables an account setting for an IAM user, role, the or the root user of the account.
• delete-attributes: Deletes one or more custom attributeof thehe a ECS cluster.
• delete-cluster: Deletes an entire specified cluster.
• delete-service: Deletes the specified service.
• delete-task-set: Deletes the specified task-set.
• deploy: Deploys new task definition to the specified ECS service.
• deregister-container-instance: Deregisters the specified container instance from its ECS cluster.
• deregister-task-definition: Deregistersa task definition from ECS Service.
• describe-capacity-providers: Describes one or more capacity providers.
• describe-clusters: Describes one or more of ECS Clusters.
• describe-container-instances: Describes ECS container instances. Gives metadata about remaining resources on each of these instances.
• describe-services: Describes Services runningin aa resources specified cluster.
• describe-task-definition: Describe task definition.
• describe-task-sets: Describes task sets of the specified ECS service or cluster.
• describe-tasks: Describes specified task(s).
• discover-poll-endpoint: Gives endpoint of AWS ECS agent to poll for updates.
• list-account-settings: Gives account settings for the specified principal.
• list-attributes: List attributes for specified ECSresourcesa e.
• list-clusters: Gives a list of existing clusters.
• list-container-instances: Gives a list of container instances in a a specified cluster.
• list-services: Gives a list of services runningina the resources specified cluster.
• list-tags-for-resource: Gives tags associated with specifiedresourcestask-definitione.
• list-task-definition-families: List all the task-definition, families registered to your account.
• list-task-definitions: List task definitions registered to your account.
• list-tasks: Gives tasks running in the specified cluster.
• put-account-setting: attributesattributes,attributes resources or the root user.
• put-account-setting-default: Used to modify an account setting for all IAM users on an account for whom no individual account setting has been specified.
• put-attributes: Create/Update attributes resourcesresources for specified ECS resources.
• put-cluster-capacity-providers: Modify capacity providers for a cluster.
• register-container-instance: Registers container instances into the specified cluster.
• register-task-definition: Registers task definition from the specified family and container definitions.
• run-task: Starts a new task from a task definition.
• start-task: Starts a new task from the task definition on the specified container instance or instances.
• stop-task:  Stop specified task. (Note that any tags associated with the task are deleted.)
• submit-attachment-state-changes: Sent to acknowledge that a container changed states.
• submit-container-state-change: Sent to acknowledge that an attachment changed states.
• submit-task-state-change: Sent to acknowledge that a task changed states.
• tag-resource:  Adds specified tags to the resource whose RN is supplied.
• untag-resource: Removes specified tags from a resource.
• update-cluster-settings: Modify the cluster settings.
• update-container-agent: Updates the Amazon ECS container agent on a specified container instance.
• update-container-instances-state: Modifies the status of an Amazon ECS container instance.
• update-service: Modifies the parameters of a service.
• update-service-primary-task-set: Modifies which task-set in service is the primary task-set. Any parameters that are updated on the primary task set in a service will transition to the service.
• update-task-set: Modifies a task set.
• wait: Wait until a particular condition is satisfied. Each sub-command polls an API until the listed requirement is met.