我的 Amazon Elastic Container Service (Amazon ECS) 學習筆記

(圖說：巴西第一大港，Port of Santos，提供裝卸貨櫃服務。圖片來源: Photo by sergio souza on Unsplash。)

概覽摘要 Briefing

(Command/Ctrl + 點圖放大)

歷史考古 History

古往今來，縱橫脈絡。

• 2014-11-13: AWS launches a preview of EC2 Container Service (ECS) – Container Management for the AWS Cloud. 原名 EC2 Container Service (ECS)。
• 2016-05-18: AWS announces Automatic Auto Scaling for Amazon EC2 Container Service (ECS) services.
• 2017-11-21: Amazon Elastic Container Service 改名 (之前名稱是 Amazon EC2 Container Service).
• 2019-12-03: AWS announces Amazon ECS Capacity Providers.
• 2020-04-08: AWS Fargate launches platform version 1.4.0 | Containers
• 2020-06-16: AWS announces Amazon EC2 Auto Scaling now supports Instance Refresh within Auto Scaling Groups
• 2020-06-20: AWS::ECS::CapacityProvider resource 被加入 CloudFormation.
• 2020-11-30: Announcing Amazon ECS deployment circuit breaker
• 2020-12-01: Introducing Amazon ECS Anywhere
• 2020-12-30: Amazon Elastic Container Service 全新管理介面上線
• 2021-03-16: 使用 Amazon ECS Exec 直接穿越存取你在 AWS Fargate 和 Amazon EC2 上頭的容器
• 2021-05-27: Getting Started with Amazon ECS Anywhere – Now Generally Available

名詞定義 Terms

這裡整理有出場的名詞清單，並註記原文全名、名詞定義與來源。

• Amazon ECS:
  • Amazon Elastic Container Service is a highly scalable, fast, container management service that makes it easy to run, stop, and manage Docker containers on a cluster.
• Amazon ECS Launch Types:
  • Amazon ECS Launch Types determines the type of infrastructure on which your tasks and services are hosted.
    • Fargate Launch Type
    • EC2 Launch Type
• Features of Amazon ECS
  • Containers:
    • To deploy applications on Amazon ECS, your application components must be architected to run in containers. For more information about container technology, see Docker Basics for Amazon ECS.
  • Container Images:
    • Containers are created from a read-only template called an image.
  • Task Definitions:
    • A blueprint for your application. To prepare your application to run on Amazon ECS, you create a task definition. The task definition is a text file, in JSON format, that describes one or more containers, up to a maximum of ten, that form your application.
  • Tasks:
    • A task is the instantiation of a task definition within a cluster.
  • Task Scheduling:
    • The Amazon ECS task scheduler is responsible for placing tasks within your cluster. There are several different scheduling options available. For example, you can define a service that runs and maintains a specified number of tasks simultaneously.
  • Clusters:
    • When you run tasks using Amazon ECS, you place them on a cluster, which is a logical grouping of resources.
  • Amazon ECS Container Instances:
    • When using the EC2 launch type, then your clusters are a group of container instances you manage. An Amazon ECS container instance is an Amazon EC2 instance that is running the Amazon ECS container agent.
  • Container Agent:
    • The container agent runs on each infrastructure resource within an Amazon ECS cluster. It sends information about the resource’s current running tasks and resource utilization to Amazon ECS, and starts and stops tasks whenever it receives a request from Amazon ECS.

使用情境 Use Cases

• 適用：文武百業。
• 適用：數位轉型初階段。
  • 封裝、隔離、上雲，擺脫固定資產折舊。
• 適用：以分鐘為粒度做 auto scaling 的場景。
• 不適合：以秒為粒度做 auto scaling 的場景。

(2020) 案例: rt.live

rt.live, a measure of how COVID-19 is spreading for each state in the United States. 每天計算全美各州 COVID-19 Rt 散播速度值的網站服務，是前 Instagram co-founders Mike Krieger 與 Kevin Systrom 離開 Facebook 後的新作品。

Mike Krieger 於 Medium 發表了一篇文章：「Automating daily runs for rt.live’s COVID-19 data using Airflow & ECS」。

rt.live 的目標有：

1. 每日排程執行
2. 如果過程中遇到失敗可自動重新嘗試再執行一次
3. 可以平行處理美國各州資料，因為各州的 ML 模型不相依存於其他州
4. 有時需要訂正某幾州的資料，可以手動重新執行某幾州，不用整個重跑

使用的工具主要有 Apache Airflow 與 Amazon’s Elastic Constiner Service (ECS)，特別是 Fargate 模式。使用 Fargate 模式，可以建立 Docker container 做為其 Airflow worker，且可以擴展成 N 個副本而不需要建立及擔心 EC2 instances。而且每天只需要 30 分鐘，得以控制支出。

(圖片來源: 原文)

• 要開始運算前，將 ECS service desiredCount 修改成 25，待命。
• 各個 ECS Task on Fargate 共用存放在 Elastic File System (EFS) 的 model code。
• 使用 S3 儲存來自於 COVIDTracking 的原始資料。
• 一個州一個 Airflow task 放進 queue 讓 ECS task (Airflow worker) 拿去執行。運算結果同樣儲存於 S3。
• 當天運算完成後，將 ECS service desiredCount 修改回 0。

其他延伸參考資料，可以建立類似的 pipelines：How to deploy Apache Airflow with Celery on AWS 與 Lessons learned deploying Apache Airflow to ECS。

限制條件 Limits

• Amazon ECS service quotas
• Memo: 2021/01 Amazon ECS 調高服務限制條件: tasks per service 和 services per cluster

可調限制條件

不可調限制條件

收費結構 Pricing

請參考最新官方文件。這裡僅為速記。

• 依照 Amazon ECS Launch Types 區分兩大類。
  • Fargate Launch Type Model
    • 依照對應所使用的 Fargate 資源收費，參照 AWS Fargate pricing page。Amazon ECS 不另外收費。
  • EC2 Launch Type Model
    • 依照對應所使用的 EC2 資源收費，參照 Amazon EC2 pricing page。Amazon ECS 不另外收費。
• Amazon ECS on AWS Outposts 比照上述 EC2 Launch Type Model。

深入討論 Deep Dive

大方向是為圭臬，但小心地上有坑。

• Scaling
  • Deep Dive on Amazon ECS Cluster Auto Scaling, by Nick Coult, on 03 JAN 2020.
    • CapacityProviderReservation = M / N * 100
      • M = desired count
      • N = current count
      • if N = M, scaling out is not required, and scaling in isn’t possible.
      • if N < M, scale out is required because you don’t have enough instances.
      • if N > M, scale in is possible (but not necessarily required).
• Availability
  • Amazon ECS availability best practices, by Malcolm Featonby, on 08 NOV 2019.
• Containers
  • Deploy applications on Amazon ECS using Docker Compose (可以用 Docker Compose 直接部署到 Amazon ECS 囉!), by Massimo Re Ferre, on 19 NOV 2020.
  • How Amazon ECS manages CPU and memory resources, by Massimo Re Ferre and Samuel Karp, on 21 OCT 2019.
• Deployment
  • Speeding up Amazon ECS container deployments (加速 Amazon ECS 容器部署), by Nathan Peck, on 19 OCT 2020.
    • Load balancer healthchecks
      • Default settings (Target group health check settings):
        • HealthCheckIntervalSeconds: 30 seconds
        • HealthyThresholdCount: 5
      • Recommended settings (Target group health check settings):
        • HealthCheckIntervalSeconds: 5 seconds
        • HealthyThresholdCount: 2
    • Load balancer connection draining
      • Default settings (Target group attributes):
        • deregistration_delay.timeout_seconds: 300 seconds
      • Recommended settings (Target group attributes):
        • deregistration_delay.timeout_seconds: 5 seconds
    • SIGTERM responsiveness
      • Default setting (ECS agent setting):
        • ECS_CONTAINER_STOP_TIMEOUT: 30 seconds
      • Recommended setting (ECS agent setting):
        • ECS_CONTAINER_STOP_TIMEOUT: 2 seconds
    • Container image pull behavior
      • Default setting (ECS agent setting):
        • ECS_IMAGE_PULL_BEHAVIOR: default
      • Recommended setting (ECS agent setting):
        • ECS_IMAGE_PULL_BEHAVIOR: once or alternatively prefer-cached
    • Deploy “steps”
      • Default settings (ECS Service Deployment setting):
        • minimumHealthyPercent: 100%
        • maximumPercent: 200%
      • Recommended setting (ECS Service Deployment setting):
        • minimumHealthyPercent: 50%
        • maximumPercent: 200%
• ECS Tasks
  • Deep dive on load balanced ECS Service deployments with CloudFormation, by Philipp Garbe (AWS Hero), on 04 MAR 2020.
    • 整理得很清楚簡要的 ECS Task 生命週期圖表，點這裡放大查看。疏理了 ECS Service、ECS Task、ALB 之間的狀態關係。

參考資料 Reference

Awesome Lists

• nathanpeck/awesome-ecs, 2021-01-01, by Nathan Peck (Developer Advocate, AWS)

快速上手

• AWS Elastic Container Service 101, 2020-07-08, by Matt Gowie, at AWS Meetup Group in Denver
  • GitHub repo: ecs-101-demo

範例

• Disney+ is sharing some awesome stats about their usage of Amazon ECS, 2021-01-14, by Nathan Peck (Developer Advocate, AWS)
  • Over 330k deployments since 2017; 700 unique applications; 40k ECS tasks deployed across clusters.

文章與分享

• How to use Multiple load balancer Target Group Support for Amazon ECS to access internal and external service endpoint using the same DNS name, 2019-12-12, by Vijay Menon
• The role of AWS Fargate in the container world, 2020-02-25, by Massimo Re Ferre (Principal Technologist at AWS)
• New look for Amazon ECS in the AWS Management Console, 2021-01-25, by Adam Keller (Developer Advocate on the AWS Container Services)
• 拆解五步驟: 使用 Amazon ECS Exec 穿越直達 Fargate/ECS 上的容器, 2021-03-16, by Ernest Chiang (AWS Community Hero)
• AWS ECS Exec to access your containers, 2021-05-15, by MR. 沙先生 (shazi)
  • Tool: aws-containers/amazon-ecs-exec-checker
• Building an Amazon ECS Anywhere home lab with Amazon VPC network connectivity, 2021-05-27, by Nathan Peck (Developer Advocate, AWS) (Amazon ECS GA)
• Under the hood: Amazon Elastic Container Service and AWS Fargate increase task launch rates, 2022-04-13, by Nathan Peck (Developer Advocate, AWS)

比較

• Scaling containers on AWS in 2020, 2020-04-15, by Vlad Ionescu (AWS Container Hero) (Reading time: about 20 minutes)
• 技術選型: Amazon ECS Launch Types: EC2 vs. Fargate, 2020-12-04, by Ernest Chiang (AWS Community Hero), at AWS DEV DAY TAIPEI 2020
• Scaling containers on AWS in 2021, 2021-02-15, by Vlad Ionescu (AWS Container Hero) (Watching time: about 30 minutes)
• No Kubernetes Needed: Amazon ECS Anywhere, 2021-09-10, by Janakiram MSV
  • Amazon ECS was launched in 2014 — a year before Kubernetes became available — as a managed container orchestration platform for AWS customers. It was modeled after Docker Compose, the tool that enabled multiple containers to run as a single workload. At re:Invent 2020, Amazon announced ECS Anywhere, the service that extends ECS to on-prem and other cloud environments. What this means is that ECS got an additional execution environment beyond EC2 and Fargate.
• Scaling containers on AWS in 2022, 2022-04-15, by Vlad Ionescu (AWS Container Hero) (Reading time: about 45 minutes. 6-month research.)