Going Ahead With Amazon ECS Anywhere

The general availability of Amazon Elastic Container Service (ECS) Anywhere has been announced by Amazon.com, Inc. (NASDAQ:AMZN). It’s a new Amazon ECS feature that lets clients execute and manage container-based applications on their own servers.

Using the same APIs, cluster management, workload scheduling, monitoring, and deployment pipelines they use with Amazon ECS in AWS is possible. This article will help you know more about Amazon ECS Anywhere and its utility in the current scenario.

What is Amazon ECS?

AWS has introduced alternative methods for performing Amazon ECS tasks outside of an AWS Region, such as AWS Wavelength, since the launch of Amazon Elastic Container Service (Amazon ECS) in 2014. It is also a service for mobile edge devices and AWS Outposts.
AWS provides a service that extends to clients’ environments using AWS-owned and managed hardware. However, certain clients’ applications must run on-premises due to regulatory, latency, and data residency restrictions, as well as the need to capitalise on current infrastructure investments.
Customers must install, run, and manage separate container orchestration software in these cases, as well as employ different tooling across their AWS and on-premises infrastructures. Customers called for a simpler and less expensive approach to manage their on-premises containers.

What is Amazon ECS Anywhere?

Amazon ECS Anywhere is a new capability in Amazon ECS that enables customers to efficiently run and manage container-based applications on-premises, including virtual machines (VMs), bare-metal servers, and other customer-managed infrastructure.

You may use the same cloud-based, fully managed ECS Anywhere to run and control containers on any customer-managed infrastructure. You’re using AWS’s highly scalable container orchestration technology right now. On-premises preparation, execution, updating, and maintenance of container orchestrators are no longer required.

Installing simple agents will make it easy to manage your hybrid environment and leverage the cloud for your infrastructure. For all container-based applications, Amazon ECS Anywhere provides standardised tooling and APIs.

It offers the same Amazon ECS experience in the cloud and on customer-managed infrastructure for cluster administration, workload scheduling, and monitoring. Reduced cost and complexity are now available to you.

It can be done by running container workloads at edge locations on your hardware, maintaining reduced latency, and in the cloud using a single, consistent container orchestrator. Let’s understand it in depth.

Amazon ECS Anywhere–Getting Started

To get started with ECS Anywhere, register your on-premises servers or virtual machines (also known as External instances) in the ECS cluster. The AWS Systems Manager Agent, Amazon ECS container agent, and Docker must all be installed on these external instances.

Your external instances will need an IAM role that allows them to interact with AWS APIs. Choose the Networking Only template on the Create Cluster page in the ECS interface to create an ECS Anywhere cluster.

This option can be used with AWS Fargate or external instance capacity. We recommend that you register your on-premises servers in the AWS Region that is closest to you. To register foreign instances, it generates an empty cluster.

Choose Register External Instances from the ECS Instances tab to acquire activation codes and an installation script. Now, follow the given steps –

Step 1: External instances activation details page

● Enter the number of days the activation key should be active in the Activation key duration (in days) field. Up to 1,000 activations are possible with the activation key.
● Enter the number of external instances you want to add to your Cluster in the number of instances field.
● To associate with your external instances, enter the IAM role in the Instance role.
● To acquire a registration command, select Next step.

Step 2: Registration and further process

● Copy the registration command from the Register External Instances page.
● You should run this command on any external instances you want to add to your Cluster.
● In your on-premise servers or virtual machines, paste the registration command.

Step 3: Create a task definition

Each external instance is subsequently registered to your Amazon ECS clusters as an AWS Systems Manager managed instance. Your external instance will appear on the ECS Instances tab once the ECS agent has started and completed the registration process.

You can also join an existing Cluster with your external instances. You’re ready to build a task specification now that the external instances have been added to your Cluster.

When launching a service or running a solo task, Amazon ECS includes the requiresCompatibilities argument to ensure that the task description is compatible with the EXTERNAL launch type.

● In the ECS console, you can create a task definition.
● Choose EXTERNAL as the launch type, and then set the task and container definitions to use external instances.
● Select Run new task from the Tasks tab.
● For the Cluster, choose the Cluster to run your task definition on the Run Task page.
● Enter the number of copies of that job to run with the EXTERNAL launch type in the number of tasks field.

Choose Create from the Services tab. You can specify copies of your task definition to execute and maintain in a cluster using the Configure service. Choose EXTERNAL as the Launch type to launch your task in the registered external instance.

Load balancers, tag propagation, and service discovery integration are not supported while using this launch type. You can now run your tasks and associate a combination of EXTERNAL, FARGATE, and EC2 capacity provider types with the same ECS service, as well as specify how your tasks should be split between them.

Here are a few pointers to remember:

Connectivity:

Existing ECS tasks will continue to operate as usual if network communication between the ECS agent operating on on-premises computers and the ECS management panel in the AWS Region is lost.

If tasks are still connected to other AWS services, they will keep communicating with them as long as the task role credentials are active. ECS cannot replace a task launched as part of a service that crashes or leaves on its own until connectivity is restored.

Monitoring:

You can access Amazon CloudWatch metrics for your clusters and services using ECS Anywhere. To acquire your containers’ logs and access the ECS CloudWatch event stream to monitor your clusters’ events, use the CloudWatch Logs driver (awslogs).

Networking:

External instances of ECS are designed to run applications that produce or process outgoing traffic. Assume your application, such as a web service, requires inbound traffic. In such situation, you’ll have to use a workaround by putting certain workloads behind a load balancer until the feature is fully supported.

Data Security:

To help customers maintain data security, ECS Anywhere only sends back to the AWS Region metadata related to the state of the tasks or the state of the containers (if they are running, performance counters, and so on). Furthermore, this communication is authenticated and encrypted in transit through Transport Layer Security (TLS).

Conclusion

Except for AWS China Regions, where ECS is enabled, ECS Anywhere is now available in all commercial regions. There are no minimum costs or commitments with ECS Anywhere.

Instead, each managed ECS Anywhere task is charged per instance hour. See ECS Anywhere in the Amazon ECS Developer Guide for further information. Alternatively, you can contact Perimattic’s ECS experts, who will personally assist you.

Posted in