O'Reilly logo
live online training icon Live Online training

Hands On Containerization with AWS ECS

Ready Platform for Collaboration using light-weight cloud-ready containers for deployment

Marko Sluga

The containerization craze is now a cloud norm. Users are increasingly turning to containers to boost the portability of their cloud applications and improve efficiency, with Docker being the leader. Container-based virtualization allows users to run multiple applications on the same operating system, while sharing its resources. In that sense, a container is different from a VM, which operates on an individual OS. Linux-based Docker containers can respond more quickly to spikes in computing demand, booting up in fractions of seconds by using the kernel of the host OS. This capability is of particular interest to development teams looking to activate and test code.

AWS has over a million customers, some of which are the most popular websites in the world. Amazon Web Services (AWS) users can opt to run instances within Elastic Compute Cloud (EC2) or look into using containers. Amazon EC2 Container Service (ECS) manages Docker containers within AWS, allowing users to easily scale up or down and evaluate and monitor CPU usage. These AWS containers run on a managed cluster of EC2 instances, with ECS automating installation and operation of the cluster infrastructure. AWS brings its common functionality -- load balancing, auto scaling, Identity and Access Management and familiarity with other AWS products -- to containers through ECS.

In this live course, you'll first learn about how to get started with ECS learn about various ECS features, setting up Docker & AWS ECS , learn about two types of ECS Launch Type-Fargate & EC2 , creating clusters and working with Task Definitions, Tasks and Services. Moving on you will also learn how to manage access control using AWS IAM, using AWS image repositories and monitoring ECS Events and Metrics using AWS CloudWatch.

This training will provide deep dive into what is AWS ECS, how to get started and working with ECS and other services related to ECS.ECS has built-in support for many Amazon EC2 services and also allows you to customize parts of the infrastructure to meet your application-specific needs. This course will also provide a brief overview of the rich ecosystem that is developing around EC2 including scheduling and monitoring. All of the knowledge you gain from this course can be used to apply for DevOps or cloud computing positions.

What you'll learn-and how you can apply it

  • Introduction & Features of ECS
  • Docker basics for ECS
  • Using Fargate & EC2 Launch types
  • Creating Clusters
  • Creating Task Definitions,Tasks and Services
  • Using Amazon ECR Images with Amazon ECS
  • Monitoring & Scaling ECS using CloudWatch

This training course is for you because...

  • You are a developer or operation engineer looking to deploy containerized applications on Amazon EC2. Experience with container technology (e.g. Docker) or Amazon EC2 would be helpful, but is not required.

Prerequisites

Recommended preparation:

Materials, downloads, or Supplemental Content needed in advance:

  • Valid Debit / Credit card and Mobile number (For creating Free AWS Cloud account)
  • Putty & Puttygen tools on Laptops (Windows OS Users)
  • ssh-client must be working (Linux & Mac OS Users)
  • Internet Access
  • Admin access on laptops
  • Ports like 22, 80, 443 must be open
  • Install Docker or install Terraform

About your instructor

  • Marko has over 18 years of technical hands-on experience with IT. Before coming in to teaching and consulting full time, in his previous roles he was in charge of infrastructure team dealing with redesign from managed services to a cloud based solution model in an ideological, technical and commercial aspect. Marko is an AWS Authorized Instructor and certified AWS Solutions Architect and Developer. His expertise lies in cloud computing technologies such as Amazon Web Services, OpenStack, Virtualization, VMware, vSphere, Windows Server, Linux Servers, Citrx Xen Server, Palo Alto Netwoks, PFSense, Vyatta and other routers and firewalls. He also speaks at conferences/events and deliver on-site and virtual trainings.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

DAY 1

Overview of the Course (10 Mins Lecture)

Section 1: What is Amazon ECS? (40 mins Instructor Lecture + 10 min Q & A)

  • Features of Amazon ECS
  • Containers and Images
  • Task Definitions
  • Tasks and Scheduling
  • Clusters
  • Container Agent

Break 10 mins

Section 2: How to Get Started with Amazon ECS (30 Mins Lecture + 70 Min Hands-On / Demo + 10 Min Q & A)

  • Related Services
  • Accessing Amazon ECS
  • Setting Up
    • Sign Up for AWS
    • Create an IAM User
    • Create an IAM Role for your Container Instances and Services
    • Create a Key Pair
    • Create a Virtual Private Cloud
    • Create a Security Group
    • Install the AWS CLI
  • Docker Basics for Amazon ECS
    • Installing Docker
    • Create a Docker Image
    • Push your image to Amazon Elastic Container Registry

Section 3: Working with AWS Fargate (20 Mins Lecture + 30 Min Hands-On / Demo + 10 Min Q & A)

  • Task Definitions
  • Network Mode
  • Task CPU and Memory
  • Logging
  • Amazon ECS Task Execution IAM Role
    • Example Task Definition
    • AWS Fargate Platform Versions
    • Platform Version Considerations
    • Available Platform Versions

Day 2

Section 4: Clusters & Container Concepts (35 Min Lecture + 90 Min Hands-On / Demo + 10 Q&A)

  • ECS Cluster
    • Cluster Concepts
    • Creating a Cluster
    • Scaling a Cluster
    • Deleting a Cluster
  • Container Instances
    • Container Instance Concepts
    • Container Instance Lifecycle
    • Check the Instance Role for Your Account
    • Container Instance AMIs
    • Amazon ECS-Optimized AMI
    • Subscribing to Amazon ECS–Optimized AMI Update Notifications
    • Launching a Container Instance
    • Bootstrap Container Instances
    • Connect to Your Container Instance
    • Container Instance Draining
    • Starting a Task at Container Instance Launch Time
    • Deregister Container Instances
      Break 10 mins
  • Container Agent
    • Overview of Container Agents
    • Installing the Amazon ECS Container Agent
    • Installing the Amazon ECS Container Agent on an Amazon Linux EC2 Instance
    • Installing the Amazon ECS Container Agent on a non-Amazon Linux EC2 Instance
    • Container Agent Versions
    • Amazon ECS-Optimized AMI Container Agent Versions
    • Updating the Amazon ECS Container Agent
    • Checking Your Amazon ECS Container Agent Version
    • Updating the Amazon ECS Container Agent on the Amazon ECS-Optimized AMI
    • Manually Updating the Amazon ECS Container Agent (for Non-Amazon ECS-optimized AMIs)

Section 5: Task Definitions, Task Networking & ECS Launch Types (30 Min Lecture + 50 Min Hands-On / Demo + 10 Q&A)

Task Definitions:

  • Creating a Task Definition
  • Task Definition Template
  • Task Definition Parameters
  • Family
  • Task Role
  • Task Execution Role
  • Network Mode
  • Container Definitions
  • Volumes
  • Task Placement Constraints
  • Launch Types
  • Task Size

Task Networking

  • Enabling Task Networking
  • Task Networking Considerations

Launch Types

  • Fargate Launch Type
  • EC2 Launch Type

Day 3

Section 6: Deep Dive into Task Definitions, Tasks and Services (30 Mins Lecture + 65 Min Hands-On /Demo + 10 Min Q&A)

  • Example Task Definitions
  • Updating a Task Definition
  • Deregistering Task Definitions
  • Scheduling Tasks
  • Running Tasks
  • Task Placement
  • Task Placement Strategies
  • Task Placement Constraints
  • Scheduled Tasks (cron)
  • Task Lifecycle
  • Task Retirement
  • Services
  • Service Scheduler Concepts
  • Daemon
  • Replica
  • Service Definition Parameters
  • Service Load Balancing
  • Load Balancing Concepts
  • Load Balancer Types
  • Check the Service Role for Your Account
  • Creating a Load Balancer
  • Service Auto Scaling
  • Target Tracking Scaling Policies
  • Step Scaling Policies
  • Service Discovery
  • Service Discovery Concepts
  • Service Discovery Considerations
  • Service Discovery Pricing
  • Creating a Service
  • Configuring Basic Service Parameters
  • Review and Create Your Service
  • Updating & Deleting a Service

Break: 10 Min

Section 7: Working with AWS ECR (10 Mins Lecture + 10 Min Hands/On-Demo + 5 Min Q&A)

Repositories

  • Using Amazon ECR Images with Amazon ECS

Section 8: Monitoring, Logging and Access Management of AWS ECS (20 Min Lecture +60 Minutes Hands/On-Demo + 10 Min Q&A)

Monitoring

  • Automated Tools
  • Manual Tools

Monitoring & Scaling using CloudWatch

  • CloudWatch Metrics
  • Enabling CloudWatch Metrics
  • Available Metrics and Dimensions
  • Cluster Reservation
  • Cluster Utilization
  • Service Utilization
  • Service RUNNING Task Count
  • Viewing Amazon ECS Metrics

CloudWatch Events

  • Amazon ECS Events
  • Handling Events
  • Tutorial: Listening for Amazon ECS CloudWatch Events
  • Tutorial: Sending Amazon Simple Notification Service Alerts for Task Stopped Events

Using the awslogs Log Driver

  • Enabling the awslogs Log Driver for Your Containers
  • Creating Your Log Groups
  • Available awslogs Log Driver Options
  • Specifying a Log Configuration in your Task Definition
  • Viewing awslogs Container Logs in CloudWatch Logs

IAM Policies, Roles, and Permissions

  • Policy Structure
  • Policy Syntax
  • Actions for Amazon ECS
  • Amazon Resource Names for Amazon ECS
  • Condition Keys for Amazon ECS
  • Testing Permissions
  • Supported Resource-Level Permissions
  • Creating IAM Policies
  • Managed Policies and Trust Relationships
  • Amazon ECS Managed Policies and Trust Relationships
  • Amazon ECR Managed Policies
  • Amazon ECS Container Instance IAM Role

Section 9: Common Use Cases (15 Minutes Lecture)

Section 10: Wrap-up and remaining Q&A (10 min)