TipsandtricksforrunningcontainerworkloadsonAWS

AbbyFuller,Sr TechnicalEvangelist,AWS@abbyfuller

Agenda

• Let’stalkmicroservices• OrchestrationchoicesonAWS• AmazonEC2ContainerService• Kubernetes• Deployments• Communitybuilders!

Let’stalkmicroservices

Whataremicroservices?

“Service-oriented architecturecomposed ofloosely coupled elementsthat havebounded contexts”

-AdrianCockcroft(VPofCloudArchitecture@AWS,formerCloudArchitectatNetflix)

Acoupleofgeneralbestpractices

• Rely on the public API• Use the right tool for the job• Secure your services• Be a good microservices citizen• Organizational changes matters• Automate where plausible

How do I deploy my containers to hosts?

How do I do zero downtime or blue green deployments?

How do I keep my containers alive?

How can my containers talk to each other?

How do I do service discovery?What about secrets?

How do I best optimize my "pool of compute”?

Containers are awesome

….but they’re more work

Howcanyou(butmostlyme)dolesswork?#thoughtleadership

Answer! Tools. More specifically, orchestration tools.

OrchestrationchoicesonAWS

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Amazon EC2 Container Service

• Highly scaleable, high performance container management system. • Eliminates the need to install,

operate and scale your own container management system.

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Amazon ECS• ECS provides a managed platform for:

Clustermanagement Containerorchestration DeepAWSintegration

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Kubernetes

• Container orchestration platform that manages containers across your infrastructure in logical groups• Rich API to integrate 3rd parties• Open Source

Whouseswhat?AmazonECS KubernetesonAWS

Bottom line: we want to be the best place to run your containers, however you want to do it.

Tipsandtricksforgettingthemostoutofyourdeployments

Beware points of failure

• Source/version control all the things• e.g. git and AWS CodeCommit, registries• Smart image tagging

• Shared dependencies• Deploy fast and often (and small!)• For Kubernetes: fault tolerance requires an extra step! Make

sure you have tolerance for failure, and use autoscalinggroups.

Smaller images mean faster builds and deploys• Go smaller• Private image repository• e.g. Amazon ECR

• Shared where possible• Avoid unnecessary add-ons CACHE

Alerts are (mostly) good

• Alert responsibly• Take advantage of the built-in AWS alert systems• e.g. aws-log driver or CloudWatch

• Put checks or limits on services or clusters scaling• Log sorting for severity is important to avoid unnecessarily

sending an alert

Monitoring and logging are key

• Utilize tools• e.g. AWS CloudWatch, Datadog

• Logging for both containers and hosts• Avoid unnecessary noise here too:• Log levels!• Meaningful log messages (don’t just log the default)• Logs should actually help

Automation where plausible

• Scripts!• Utilize built-in AWS features• e.g. CodeCommit, CodePipeline, CodeDeploy

• …but add checks by a human• Templates and tools are your friends!• CloudFormation, etc: use tools to help setup and

create repeatable infrastructure

Maximize your resources

• Set sensible resource limits• Use a scaling policy to scale up or down and preclude

resources from running idle• Utilize TaskPlacement policies

The right tools for the job

• ALB vs ELB• Not all languages need to build the same• Set Service level scaling policies, plus cluster scaling policies• Regardless of orchestration tool, use a VPC!• Multi AZ• Bottom line: use what works for you!

Checking for issues

• Debugging• Monitor performance with tools like X-Ray• Connection draining settings• Health checks• Check for actual health• Look for number of failed checks before declaring

unhealthy

Helpisoutthere

Buzzfeed andRig

The Hitchhiker’s Guide

coldbrew-cli

AWSome ECS

kubernetes/kops

Kris Nova’s kubicorn

Heptio andKubernetesquickstartforAWS