Discover how Amazon Elastic Container Service (ECS) streamlines the deployment and management of Docker containers in the cloud, offering scalability and automation for your applications.
Amazon is undoubtedly assuming a pioneering role in cloud computing. Under the name Amazon Web Services (AWS), the IT giant has been providing various IT services for paying customers since 2002. Amazon was adept at renting idle hardware capacity flexibly and at attractive prices. Application Programming Interfaces (APIs), command-line tools, and a web interface make managing services convenient.
Two main pillars in the multitude of services offered by Amazon are Elastic Compute Cloud (EC2) and Simple Storage Service (S3). In EC2, customers can start and stop virtual machines at will, dynamically adjusting computing power. S3 is a quasi-unlimited storage location with high availability. Unlike traditional computers, the system isn’t designed with files and folders but consists of buckets, which are containers, and objects contained there, which represent the actual data.
An easy way to launch a Docker container in the Amazon cloud is to launch a virtual Linux machine in EC2 and install Docker there. This will run your Docker host, and you can run any Docker containers on it. You’ll then have a setup like the one we described in the previous section. However, the cloud computing part is limited to the underlying virtual machine. For this reason, it’s necessary to update the operating system components of this machine and, of course, the Docker daemon itself. Using docker swarm, you could build your own container cloud on this basis and scale it via the command line.
But it would be much nicer if the cloud infrastructure took care of the underpinnings itself, was highly available, and still scaled automatically to meet the needs of your application. Amazon is trying to do exactly this work for you with the Elastic Container Service (ECS). This post provides an introduction to using this service.
Quick Start: Launching a Container in the AWS Cloud
For the first example, you need an Amazon AWS account. When registering, a cell phone number is currently mandatory, as Amazon has interposed an automatic control call with PIN entry here. Once this hurdle has been cleared, you can access the ECS from the Service menu in the AWS console (https://console.aws.amazon.com). Use the Get Started button, which guides you through a simple ECS configuration in three steps.
A very helpful tool for understanding Amazon terminology is the superimposed graphic that illustrates the current configuration level in each step.
The required components are as follows:
- Container and task definition
- Service
- Cluster
When defining a container, you can choose from three preconfigured web servers or specify an image yourself from which to launch a container. For example, you can use a Grafana image. Explore the Grafana-Docker setup here.
ECS resolves to the familiar Docker naming convention for images here. The grafana/grafana image can be downloaded from the official Docker Hub. In the container settings, you can specify port mapping for the Grafana Image 3000. Unlike docker run, where the container port and the host port can be different, only one port must be specified here.
Advanced settings for networking and logging are correctly preset for our purposes in the Getting Started configuration.
The second step is to create a service with a task (the Grafana container). A Security Group gets created so that the service can be accessed from the internet. The Load Balancer can remain disabled for this test.
The third and final step is to set up the cluster on which the service will run. The default setting for VPC ID and Subnets is Automatically Create New, which should work correctly for the test. This completes the definition, and you can start the container via Create.
After creating the components (a process that takes several minutes), you can find the cluster on the Amazon ECS home page. If you then click on the current job in the Tasks tab, you’ll find the Public IP address of your cluster under Network (see figure below). As expected, the Grafana login page appears when you enter this IP address with port 3000 in your browser.
The useful wizard has done a few things for you. Via the command-line tool ecs-cli, you can configure these steps in detail and execute them manually. In the next section, we’ll show you exactly what was done in these steps and how you can even use them to launch a slightly modified docker compose configuration.
Amazon Elastic Container Service with “docker compose”
A key difference between the old docker-compose and the new compose subcommand is that the new version can launch existing compose setups in an Amazon or Microsoft cloud infrastructure. Starting a Docker Compose setup in ECS has really become a walk in the park. With just two commands, your existing setup will run in the cloud.
First, you need to create a Docker Context of type ecs named ecsgrafana:
docker context create ecs ecsgrafana
? Create a Docker context using: AWS secret and token credentials
Retrieve or create AWS Access Key and Secret on
https://console.aws.amazon.com/iam/home?#security_credential
? AWS Access Key ID: BCDAKKDJSKDJ8BBNAWQR
? Enter AWS Secret Access Key *********************************
? Region eu-west-1
Successfully created ecs context "ecsgrafana"
If you’ve used Amazon’s aws-cli command-line tool before, you can select an existing profile when creating the context; if not, you should enter the Access Key ID and Secret Access Key as in the preceding listing. Then you can start the Docker Compose setup with the reference to the context:
docker --context ecsgrafana compose up
x grafana CreateInProgress User Initiated
x Cluster CreateComplete
x LogGroup CreateComplete
x GrafanaTCP3000TargetGroup CreateComplete
x CloudMap CreateComplete
x TelegrafTaskExecutionRole CreateComplete
x InfluxTaskExecutionRole CreateComplete
x GrafanaTaskExecutionRole CreateComplete
x LoadBalancer CreateComplete
[...]
If you’re used to docker compose from your local machine or a server, you’ll now have to wait a little longer. Here, a cluster is created first; followed by roles, services, and listeners; and finally the three containers get started.
In our test, it took about 10 minutes until it was really time and we could access the Grafana instance. The quickest way to find out the public IP address is to use docker compose:
docker --context ecsgrafana compose ps
NAME SERVICE STATUS PORTS
task/grafana-amazon-compose/1d... influx Running
task/grafana-amazon-compose/24... grafana Running gr...
task/grafana-amazon-compose/78... telegraf Running
We had to shorten the somewhat overlong container names and ports for better readability. In our case, the PORTS output at the grafana service was grafa-LoadB-A9J00IWMO4TJ-89ac444864fad7b9.elb.eu-west-1.amazonaws.com:3000, which we could enter directly as the address in the browser. There, to our great joy, the working Grafana setup presented itself.
We were a bit surprised by the very successful integration of ECS with Docker. The compose subcommand is still in an early phase of development, so you should be cautious about running such services on production systems currently. It’s also questionable whether the automatic scaling measures in the cluster will work well for your application. In any case, it will be exciting to continue to observe the development. More information about the integration of ECS and also Microsoft Azure Container Instances (ACI) can be found here:
Editor’s note: This post has been adapted from a section of the book Docker: Practical Guide for Developers and DevOps Teams by Bernd Öggl and Michael Kofler.
Comments