Experiment 3

Introduction to Amazon Elastic

Container Service
Overview
This guide introduces you to the Introduction to Amazon Elastic Container
Service self-paced lab.

The lab will give you the basic understanding of Amazon Elastic Container
Service. It will demonstrate the basic steps required to get started with Elastic
Container Service, creating an AWS Identity and Access Management (IAM) user,
IAM group, Key Pair and a non-default Virtual Private Cloud (VPC).

Lab Pre-requisites
Some familiarity with IAM Roles and Amazon EC2 Instances is useful. Previous
knowledge of Docker container technology or other Linux container technologies
is desirable.

Amazon Elastic Container Service (Amazon ECS)

Amazon Elastic Container Service (Amazon ECS) is a highly scalable, fast,

container management service that makes it easy to run, stop, and manage Docker
containers on a cluster of Amazon EC2 instances. Amazon ECS lets you launch
and stop container-enabled applications with simple API calls, allows you to get
the state of your cluster from a centralized service, and gives you access to many
familiar Amazon EC2 features.

You can use Amazon ECS to schedule the placement of containers across your
cluster based on your resource needs, isolation policies, and availability
requirements. Amazon ECS eliminates the need for you to operate your own
cluster management and configuration management systems or worry about
scaling your management infrastructure.

Scheduling Amazon ECS tasks

Amazon Elastic Container Service (Amazon ECS) is a shared state, optimistic

concurrency system that provides flexible scheduling capabilities for your tasks
and containers. The Amazon ECS schedulers leverage cluster state information
provided by the Amazon ECS API to make an appropriate placement decision.
Amazon ECS provides the service scheduler for long running stateless services and
applications. The service scheduler ensures that the specified number of tasks are
constantly running and reschedules tasks when a task fails (for example, if the
underlying container instance fails for some reason). The service scheduler
optionally also makes sure that tasks are registered against an Elastic Load
Balancing load balancer. You can update your services that are maintained
by the services scheduler, such as deploying a new task definition, or changing the
running number of desired tasks.

Start Lab
Notice the lab properties below the lab title:

If you are prompted for a token, use the one distributed to you (or credits you have
purchased).

A status bar shows the progress of the lab environment creation process. The AWS
Management Console is accessible during lab resource creation, but your AWS
resources may not be fully available until the process is complete.

This will automatically log you into the AWS Management Console.

Please do not change the Region unless instructed.

Common login errors

Error : Federated login credentials

If you see this message:

You should now be able to access the AWS Management Console.

Error: You must first log out

If you see the message, You must first log out before logging into a different
AWS account:

Task 1: Register a Task Definition with the

amazon-ecssample image
To prepare your application to run on Amazon ECS, you create a task definition.
The task definition is a text file, in JSON format, that describes one or more
containers, up to a maximum of ten, that form your application. It can be thought
of as a blueprint for your application. Task definitions specify various parameters
for your application. Examples of task definition parameters are which containers
to use, which launch type to use, which ports should be opened for your
application, and what data volumes should be used with the containers in the task.
The specific parameters available for the task definition depend on which launch
type you are using.

For this lab, you will use a sample template provided to display a simple web
page. You can modify the parameters in the Task Definition (for example, to
provide more CPU resources or change the port mappings) to suit your particular
applications.

The Image parameter is the image to use for a container. This string is passed
directly to the Docker daemon. Images in the Docker Hub registry are available
by default. You can also specify other repositories with repository-url/image:tag.

The following task definition JSON file specifies two containers that are
pulled from the Docker Hub repository.

{
"family": "myContainer",
"containerDefinitions": [
{
"volumesFrom": [],
"portMappings": [
{
"hostPort": 80,
"containerPort": 80
}
],
"command": null,
"environment": [], "essential":
true, "entryPoint": null, "links":
[], "mountPoints": [
{
"containerPath": "/usr/local/apache2/htdocs", "sourceVolume": "my-vol",
"readOnly": null
}
],
"memory": 300, "name":
"simple-app", "cpu": 10,
"image": "httpd:2.4"
},
{
"volumesFrom": [
{
"readOnly": null, "sourceContainer": "simple-app"
}
],
"portMappings": [],
"command": [
"/bin/sh -c \"while true; do echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body
{margin-top: 40px; background-color: #333;}
</style> </head><body> <div style=color:white;text-align:center>
<h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running
on a container in Amazon ECS.</p>' > top;
/bin/date > date ; echo '</div></body></html>' > bottom; cat top date bottom >
/usr/local/apache2/htdocs/index.html ; sleep 1; done\""
],
"environment": [], "essential":
false, "entryPoint": [
"sh",
"-c"
],
"links": [],
"mountPoints": [],
"memory": 200, "name":
"busybox", "cpu": 10,
"image": "busybox"
}
],
"volumes": [
{
"host": { "sourcePath": null
},
"name": "my-vol"
}
]
}

The task definition is now parsed. If you copied the JSON correctly, the
Task Definition Name will display myContainer.

Task 2: Create a Service

When you create an Amazon ECS service, you specify several parameters that
define what makes up your service and how it should behave. These parameters
create a service definition.

A cluster is a logical grouping of container instances that you can place tasks on.

The ECSCluster was created using CloudFormation when you launched the lab. You
may need to wait a few minutes for it to appear. In the
ECSCluster cluster, there are 5 container instances.

A container instances is an Amazon EC2 Instance that is running the Amazon ECS
agent and has been registered into a cluster.
Within a cluster, you can create Amazon ECS services.

An Amazon ECS service allows you to run and maintain a specified number of
instances of a task definition simultaneously.

This is the number of tasks you will launch and maintain on your cluster.

Your Amazon ECS service can optionally be configured to use Elastic Load
Balancing to manage traffic.

This role allows Amazon ECS to register and deregister container instances from the
load balancer as tasks are placed on them.

You will keep the default auto scaling policy which is Do not adjust the service’s
desired count

A task is the instantiation of a task definition within a cluster. The Amazon ECS
task scheduler is responsible for placing tasks within your cluster.
There are several different scheduling options available

You may need to click the Refresh button for this to update. These tasks are
running on the EC2 instances that were automatically provisioned into the ECS
cluster by the CloudFormation template used to set up your lab environment.

This shows the progress of the various tasks associated with your service creation
request.

This may take anywhere from 3-5 minutes.

Your target group should be selected.

In the Targets tab, you can see all of the registered targets. It

should be MyLoadBalancer.

If everything has been configured correctly you will see the sample app displayed as
shown here:

Task 3: Deploy a New Application Version to the

Service
If you update the Docker image of your application, you can create a new task
definition with that image and deploy it to your service, one task at a time. The
service scheduler creates a task with the new task definition (provided there is an
available container instance to place it on). After it reaches the Running state, a
task that is using the old task definition is drained and stopped. This process
continues until all of the desired tasks in your service are using the new task
definition.

This will open the JSON editor.

In a production environment, you would probably change other aspects of your Task
Definition. This is the cluster that your service resides in. This will deploy a new
version of the application. You might see a similar message to the following: service
myService was unable to place a task because no container instance met all of its
requirements. The closest matching container-instance d55cddc3-0cef- 461b-b916-
42e95d8fa70e is already using a port required by your task. For more information,
see the Troubleshooting section.

This is the expected behavior for this lab. Some of your container instances need to
drain their connections and stop their tasks before starting the new tasks.

You may need to click the Refresh button to see the new events. You

should have a running count