Introducing Amazon Fargate

Introduction
To Amazon Fargate
KC Liang
Business Development
Time: 40 min
Level: 200

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
OUR JOURNEY!

BUILDING AN ECOSYSTEM

WHY DO WE LOVE CONTAINERS?
Packaging Distribution Immutable
infrastructure

HELPING CUSTOMERS SCALE
CONTAINERS
450+%
growth
Hundreds of millions
of containers started each week
millions
of container instances

PRODUCTION WORKLOADS ON AWS
AWS VPC
networking mode
Advanced task
placement
Deep integration
with AWS services
ECS CLI…{ }
Global footprint
Powerful scheduling
engines
Auto scaling
CloudWatch metrics
Load balancers

CUSTOMERS ARE OUR KEY!
50+
releases
since 2015
Customers
Release
Feedback /
New Use
Cases
Learn
Experiment,
Innovate,
& Build
Features

ENABLE FOCUS ON APPLICATIONS

INTRODUCING FARGATE!

CHANGING COMPUTE CONSUMPTION
MODEL
No instances
to manage
Task
native API
Resource
based pricing
Simple, easy to use,
powerful – and new
consumption model
=

PRODUCTION WORKLOADS ON AWS
AWS VPC
networking mode
Advanced task
placement
Deep integration
with AWS services
ECS CLI…{ }
Global footprint (in 2018)
Powerful scheduling
engines
Auto scaling
CloudWatch metrics
Load balancers

EKS SUPPORT FOR FARGATE IN 2018

MICROSERVICES

BATCH JOBS

MIGRATION TO THE CLOUD

HOW DO I RUN CONTAINERS
ON FARGATE?

RUNNING CONTAINER

EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
EC2 Instance
TaskTask
Task Task
RUNNING CONTAINERS

Scheduling and Orchestration
Cluster Manager Placement Engine
RUNNING CONTAINERS AT SCALE WITH ECS
Availability Zone #1 Availability Zone #2 Availability Zone #3

ECS
AMI
Docker
agent
ECS
agent
ECSTaskECSTask
ECSTaskECSTask
EC2 Instance

Scheduling and Orchestration
Cluster Manager Placement Engine
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance
ECS
AMI
Docker
agent
ECS
agent
EC2 Instance

RUNNING FARGATE CONTAINERS WITH
ECS

Define application containers: Image
URL, CPU & Memory requirements,
etc.
register
Task Definition
create
Cluster
• Infrastructure Isolation boundary
• IAM Permissions boundary
run
Task
• A running instantiation of a
task definition
• Use FARGATE launch type
create
Service
Elastic Load
Balancer
• Maintain n running copies
• Integrated with ELB
• Unhealthy tasks automatically
replaced
ECS CONSTRUCTS

TASK DEFINITION
{
"family": “scorekeep",
"containerDefinitions": [
{
"name":“scorekeep-frontend",
"image":"xxx.dkr.ecr.us-east-1.amazonaws.com/fe"
},
{
"name":“scorekeep-api",
"image":"xxx.dkr.ecr.us-east-1.amazonaws.com/api"
}
]
}
Immutable, versioned document
Identified by family:version
Contains a list of up to 10 container definitions
All containers are co-located on the same host
Each container definition has:
• A name
• Image URL (Amazon ECR or Public
Images)
• And more…stay tuned!
Task Definition Snippet

RUNNING FARGATE CONTAINERS WITH
ECS
Use ECS APIs to launch Fargate Containers
Easy migration – Run Fargate and EC2 launch
type tasks in the same cluster
Same Task Definition schema

NETWORKING

VPC INTEGRATION 172.31.0.0/16
Subnet
172.31.1.0/24
Internet
Other Entities in VPC
EC2 LB DB etc.
Private IP
172.31.1.164
• AWS VPC Networking Mode – each task gets
its own interface
• All Fargate Tasks run in customer VPC and
subnets
• Configure security groups to control inbound &
outbound traffic
• Public IP support
• Spread your application across subnets in
multiple Availability Zones (AZs) for resiliency
us-east-1a
us-east-1b
us-east-1c
ENI Fargate
TaskPublic /
208.57.73.13 /

LOAD BALANCING
APPLICATION LOAD BALANCER
NETWORK LOAD BALANCER

SECURITY

CLUSTER LEVEL ISOLATION
PROD Cluster Infrastructure
DEV Cluster Infrastructure
BETA Cluster Infrastructure
QA Cluster Infrastructure
Web Web
Shopping
Cart
Shopping
Cart
Notifications NotificationsWeb
Shopping
Cart NotificationsWeb
Shopping
Cart
Shopping
Cart
Notifications NotificationsWeb Web
PROD CLUSTER BETA CLUSTER
DEV CLUSTER QA CLUSTER

PERMISSION TIERS
Cluster
Permissions
Application
Permissions
Task
Housekeeping
Permissions
Cluster
Fargate Task
Cluster Permissions:
Who can run/see tasks in the cluster?
Application (Task) Permissions:
Which of my AWS resources can this application access?
Housekeeping Permissions:
What permissions do I want to grant ECS to perform?
e.g.
• ECR Image Pull
• CloudWatch Logs pushing
• ENI creation
• Register/Deregister targets into ELB

CONTAINER REGISTRIES

REGISTRY SUPPORT
3rd Party Private Repositories (coming soon!)
Public Repositories supported (DockHub)
Amazon Elastic Container Registry (ECR)

VISIBILITY AND MONITORING
Service-level metrics available
CloudWatch Logs
CloudWatch Events supported

STORAGE
Container Storage Space – 10GB
Ephemeral storage backed by EBS
Shared volume space for containers within the
task – 4GB

CONFIGURATIONS & PRICING

PRICING DIMENSIONS
{
”cpu": “1 vCPU”,
”memory": “2 gb”,
"networkMode": ”AWSVPC",
"compatibilities": [”FARGATE",
”EC2"],
"placementConstraints": [],
"containerDefinitions": [
{
<snip>…....
Task level resources
• Configurable independently (within a range)
Dimensions: Task level CPU and memory
Per-second billing
Task
Level
Resources

TASK CPU & MEMORY CONFIGURATIONS
Flexible configuration options –
50 CPU/memory configurations
CPU Memory
0.25 vCPU 512MB*, 1GB, 2GB
0.5 vCPU 1GB to 4GB (1GB increments)
1 vCPU 2GB to 8GB (1GB increments)

99.99%

ECS Instance ECS Instance ECS Instance ECS InstanceECS Instance ECS Instance
EC2
FARGATE
Notifications
Amazon ECS CLUSTER
Availability Zone #1 Availability Zone #2 Availability Zone #3
Subnet 2
172.31.2.0/24
Subnet 1
172.31.1.0/24
Subnet 3
172.31.3.0/24
Web
Shopping
Cart

EARLY ADOPTERS

PARTNER INTEGRATIONS

Amazon ECS
at iCHEF
Keith Yang
Senior Cloud Engineer

About Me
Keith Yang
Senior Cloud Engineer at iCHEF
Founder and co-organizer of Taipei.py
Web Lead of PyCon Taiwan 2018
Chairperson of PyCon APAC 2015

About iCHEF
• 成立於 2012
• 用科技讓開餐廳成為一門更好的生意

iCHEF POS：餐廳經營的解決方案
• 從來電預約與訂位，客人到餐
廳的侯位、外帶
• 點餐、出給廚房與吧台的單
• 顧客關係管理、折折管理與集
點集點方案到營運分析報表

iCHEF POS 的用量
• 3200 家餐廳採用
• 每月 340 萬筆交易
• 每月處理 14 億元交易

iCHEF 後端系統的用量
• 每日 250 萬 API request
• 尖峰期每分鐘 3500 API request
• Web server + API server
+ Background job worker + Cron tasks

Infrastructure as Code
• 需要許多不同的環境來進行測試、開發和實際的服
• 功能測試環境、整合測試環境、線上服務架構調
• 希望能讓每個環境都有一樣的系統架構
• 希望能夠對整個環境做版本控制

Infrastructure as Code (cont.)
• 用程式產生參數化的 CloudFormation
範本
• 建立 VPC、ASG、ALB 與 ECS Cluster

Before: Manual Deployment
• 每次得手動設定新的
ALB & Stack
• 難以掌握每個環境
不同的參數與設定
• 不易展開新的 Stack

Now with CloudFormation
使用 CloudFormation 來自動化部屬
ALB & Stack 的建立與更新

Now with CloudFormation (cont.)
• 編寫 CloudFormation 快速建立 ALB &
Stack
• 掌握每個環境不同的參數與設定

One Click Deploy
• 使用 Jenkins
build Docker image
• 使用 ECR 來儲存 image
• 在 ECS 上進行
rolling update

Before: Self-host & deploy Docker
• 需要應用程式開發者熟悉 Docker build 的細節
• 需要自行維護 Docker Registry 的機器
• 複雜而手動的設定增加溝通成本與設錯的機會

After: ECS & ECR
• 應用程式開發者無需分心於不同環境的部屬
• 不用自行維護 Docker Registry 的機器
• 簡單而自動的設定 ➡ 節省溝通成本並減少設錯
的機會

依流量來動態擴展服務
• 餐廳有很明顯的尖峰時刻
• 使用 Auto Scaling 做動態
服務修改
• 使用較多的 Cluster Status
來處理 EC2 Scaling

Before: Manual Scaling
• 需要猜好猜滿要用多少 instance，
對預期外的需求不易立即回應
（例如：平常週末的忽然高峰用量）
• 常需要手動調整並分配各個 ECS Task 的用
量

Now with Auto-scaling
• 不用怕猜錯餐廳服務的用量，用多少開多少
• 對預期外的需求可以立即回應
• 自動分配各個 ECS Task 的用量
• 還是要從大範圍的 EC2 設定（猜）基本用量與最大用
量

使用 ALB 來提高系統穩定度
• API 有快有慢，個別需要不同的設定；
傳統的 ELB 無法輕易配置出來
• 免去申請與設定 HTTPS（SSL 憑證）的苦痛
• 使用 ALB 的 path based routing 來讓不同的 ECS
Service 處理耗時不同的 API

不同的 API 反應
• 慢的 API：上傳、下
載報表或當日總結單
• 快的 API：一般的
request，如登入、點
餐、管理介面

定期排程工作
• 每天都有一些定期的排程工作，像是寄送每天
的營業狀況給客戶
• 使用 Scheduled task 來處理，降低系統複雜
• 需預留 EC2 的容量

Fargate 的繼往開來
• 提供以上 ECS、ECR、Auto-scaling 與
ALB 等優點
• Clicks to Deploy，直接幫忙建立
CloudFormation template

能用 Fargate 來大幅降低管理成本
• 創建環境時
不再手動處理 EC2 配置
• 流量增加時
只要 scale Task 即可
• 不再需要為 Scheduled Task 預留空間

Introducing Amazon Fargate

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Introducing Amazon Fargate

Similar to Introducing Amazon Fargate (20)

More from Amazon Web Services

More from Amazon Web Services (20)

Introducing Amazon Fargate