Containers State of the Union - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/DevDays 2018... · 9:30-10:30: Containers State of the Union (Ric Harvey) 10:30-11:00: Break

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Ric Harvey, Technical Developer Evangelist

@ric__harvey

Containers State of the Union

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Agenda

Great container sessions planned for today:

9:30-10:30: Containers State of the Union (Ric Harvey)10:30-11:00: Break11:00-12:00: Deep Dive on ECS (Ric Harvey)12:00-13:00: Amazon Elastic Container Service for Kubernetes (Amazon EKS) (Christoph Kassen)13:00-14:00: Lunch14:00-15:00: Deep Dive on Fargate (Ric Harvey)15:00-15:30: Break15:30-16:30: Building Efficient Containers (Christoph Kassen)16:30: Drinks and Networking

@ric__harvey

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

What are containers and why are customers using them?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

What are containers?

A container is an atomic, self-contained package of software that includes everything it needs to run (code, runtime, libraries, packages, etc.).

A popular, widely-used container platform is Docker. More on that here: https://www.docker.com

https://www.docker.com/

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Why not VM’s?

ServerHost OS

Hypervisor

Guest OS

Guest OS

Guest OS

Bins/libs Bins/libs Bins/libs

App A App A App B

ServerHost OS

Docker Engine

Bins/libs Bins/libs

App A

App A

App B

App B

App B

App B

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Why are containers so popular?

• Portable• Lightweight• Standardized• Easy to deploy• Along with containers, comes the “monolith to microservices”

story: containers and microservices go hand in hand.

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

First customers ran docker on EC2

+

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

“Make this easier for us!”

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Elastic Container Service

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Containers made it easy to build and scale appsBut management of thes systems where hardAmazon Elastic Container ServiceCluster management as a hosted service

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

We removed the pain points and heavy lifting

• Scheduling• Placement• Task management (health checks)• Management control plane updates

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

ECS

H i g h l y s c a l a b l e , h i g h p e r f o r m a n c e c o n t a i n e r

m a n a g e m e n t s y s t e m

A m a n a g e d p l a t f o r m

ECSCluster

managementContainer

orchestrationDeep AWS integration

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Broad range of customers

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

“By taking advantage of Amazon ECS, we have the power to understand, manipulate, and manage our environment

easily.”Zaven Boni

DevOps Engineering Lead, GoPro

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

70%Reduction in Compute Footprint

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

What we did with ECS in 2018

Route 53 Auto Naming

Service Discovery

Daemon SchedulingCLI Supports Docker Compose V3

ECS Agent Signed for Security

Faster Launch Times

SSM Parameter Support

Configure shm-size and tmpfs

Docker Container Health ChecksTask metric & metadata endpoint

Docker17.09

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Registry

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Amazon ECR

Container Registry• Fully Managed• Secure• Highly Available• Simplified Workflow

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Kubernetes – now GA

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Kubernetes

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

57% of Kubernetes workloads run on AWS today — Cloud Native Computing Foundation

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

“Make this easier for us!”

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

“Nat ive AWS Integrat ions . ”

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

”An Open Source Kubernetes Exper ience. ”

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

E L A S T I C C O N TA I N E R S E R V I C E F O R K U B E R N E T E S(EKS)

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

EKS is Kubernetes Certified

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

EKS

P l a t f o r m f o r e n t e r p r i s e s t o r u n p r o d u c t i o n - g r a d e K u b e r n e t e s - g r a d e

i n s t a l l a t i o n s

EKSManaged

and upstream

experience

Seamless, native

integration with AWS services

Contributes back to

open source

community

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

mycluster.eks.amazonaws.com

EKS Workers

kubectl

Amazon EKS

AZ 1 AZ 2 AZ 3

Your AWS account

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Semantic Versioning (semver)

v1.10.0Major Minor Patch

Breaking Changes

New Features

Bug fixesSecurity

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

1.9.11.9.2Version

1.9Version 1.10

Kubernetes Upgrades

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Still managing workers/nodes is hard!

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

“Make this easier for us!”

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Fargate

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Fargate

No cluster or infrastructure to manage or scale

Everything is handled at the container level

Scale seamlessly on demand

Underlying technology for container management

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

What does Fargate mean?

No worrying about scaling, service mesh, underlying infrastructure, cluster resources, capacity, setup.

Just give it a task definition or pod (in 2018), set some resource limits, and away you go.

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

With Fargate: focus on your workload (job, container, function, task) first. Full stop.

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

How does this work in practice?

Two launch types for ECS and EKS:• EC2 (traditional, manage your cluster infrastructure)• Fargate

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

TASK CPU MEMORY CONFIGURATIONS

50 different CPU/Memory configurations to choose from

CPU Memory256 (.25 vCPU) 512MB, 1GB, 2GB

512 (.5 vCPU) 1GB, 2GB, 3GB, 4GB

1024 (1 vCPU) 2GB, 3GB, 4GB, 5GB, 6GB, 7GB, 8GB

2048 (2 vCPU) Between 4GB and 16GB in 1GB increments

4096 (4 vCPU) Between 8GB and 30GB in 1GB increments

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

PRICING

Per-second billing. 1 minute minimum

Pay for what you provision

Billed for Task level CPU and Memory

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

This is changing compute!

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Treat containers as a fundamental, compute primitive.

TASKS

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

• IAM Roles for Tasks

• Task Auto Scaling

• Task Load Balancers

• Task Networking

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Focus!

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Summary

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Container landscape

Amazon ECS Amazon EKS Fargate mode for ECS

Fargate mode for EKS

(available 2018)

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

ECS

H i g h l y s c a l a b l e , h i g h p e r f o r m a n c e c o n t a i n e r

m a n a g e m e n t s y s t e m

A m a n a g e d p l a t f o r m

ECSCluster

managementContainer

orchestrationDeep AWS integration

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

EKS

Managed Kubernetes on AWSHighly available Automated

version upgradesIntegration with

other AWS services

Etcd

Master

Managed Kubernetes

control planeCloudTrail, CloudWatch,

ELB, NLB, VPC, PrivateLink

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Fargate

Launch quicklyScale easily

No infrastructure Resource based pricing

Containers on demand

Manage everything at container level

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Need help choosing an option?

https://medium.com/containers-on-aws/choosing-your-container-environment-on-aws-with-ecs-eks-and-fargate-cfbe416ab1a

@nathanpeck

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Getting started

• To join the EKS preview: https://aws.amazon.com/eks/• To get started with Fargate: https://aws.amazon.com/fargate/• Blogs: https://aws.amazon.com/blogs/aws/aws-fargate/• https://aws.amazon.com/blogs/aws/amazon-elastic-container-service-for-kubernetes/• Liz Rice from Aquasec on Fargate: https://blog.aquasec.com/securing-struts-in-aws-fargate• Nathan Peck from AWS: https://medium.com/containers-on-aws/choosing-your-container-

environment-on-aws-with-ecs-eks-and-fargate-cfbe416ab1a• Deepak Singh (containers GM at AWS):

https://www.slideshare.net/AmazonWebServices/containers-on-aws-state-of-the-union-con201-reinvent-2017

https://aws.amazon.com/eks/https://aws.amazon.com/fargate/https://aws.amazon.com/blogs/aws/aws-fargate/https://aws.amazon.com/blogs/aws/amazon-elastic-container-service-for-kubernetes/https://blog.aquasec.com/securing-struts-in-aws-fargatehttps://medium.com/containers-on-aws/choosing-your-container-environment-on-aws-with-ecs-eks-and-fargate-cfbe416ab1ahttps://www.slideshare.net/AmazonWebServices/containers-on-aws-state-of-the-union-con201-reinvent-2017

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Agenda

Great container sessions planned for today:

9:30-10:30: Containers State of the Union (Ric Harvey)10:30-11:00: Break11:00-12:00: Deep Dive on ECS (Ric Harvey)12:00-13:00: Amazon Elastic Container Service for Kubernetes (Amazon EKS) (Christoph Kassen)13:00-14:00: Lunch14:00-15:00: Deep Dive on Fargate (Ric Harvey)15:00-15:30: Break15:30-16:30: Building Efficient Containers (Christoph Kassen)16:30: Drinks and Networking

@ric__harvey

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Thank [email protected]__harvey