ECS & EKS
๐ฅ Vibe Prompt
"Deploy a containerized API on ECS Fargate with CI/CD. Compare with EKS."
ECS Fargate (Serverless)
resource "aws_ecs_cluster" "main" {
name = "app-cluster"
}
resource "aws_ecs_task_definition" "api" {
family = "api"
network_mode = "awsvpc"
requires_compatibilities = ["FARGATE"]
cpu = "256"
memory = "512"
container_definitions = jsonencode([{
name = "api"
image = "${aws_ecr_repository.api.repository_url}:latest"
portMappings = [{ containerPort = 8000 }]
environment = [{ name = "DB_HOST", value = aws_db_instance.postgres.address }]
logConfiguration = {
logDriver = "awslogs"
options = { "awslogs-group" = "/ecs/api", "awslogs-region" = "us-west-2" }
}
}])
}
resource "aws_ecs_service" "api" {
name = "api-service"
cluster = aws_ecs_cluster.main.id
task_definition = aws_ecs_task_definition.api.arn
desired_count = 3
launch_type = "FARGATE"
network_configuration {
subnets = aws_subnet.private[*].id
security_groups = [aws_security_group.app.id]
}
load_balancer {
target_group_arn = aws_lb_target_group.api.arn
container_name = "api"
container_port = 8000
}
}
ECS vs EKS
| Aspect | ECS | EKS | |--------|-----|-----| | Complexity | Low | High | | Flexibility | AWS-native | Multi-cloud | | Ecosystem | Limited | Rich (Helm, Istio) | | Cost | No control plane fee | $0.10/hr control plane | | Best for | AWS-only, simpler apps | Complex, multi-cloud K8s |
CI/CD Pipeline
# Build & push to ECR, then update ECS service
- name: Deploy to ECS
run: |
aws ecr get-login-password | docker login --username AWS --password-stdin $ECR
docker build -t $ECR/api:latest .
docker push $ECR/api:latest
aws ecs update-service --cluster app-cluster --service api-service --force-new-deployment
Best Practices
- Use Fargate (no server management)
- Set task memory/cpu appropriately
- Use CloudWatch Logs for logging
- Enable ECS Exec for debugging
Chapter Summary
- Understand core concepts and principles
- Master implementation methods and techniques
- Familiar with common issues and solutions
- Able to apply in real projects
Further Reading
- Official documentation and API references
- Open source examples on GitHub
- Technical books and online courses
- Community discussions and tech blogs
Implementation Example
Basic Example
# This section provides a complete implementation example
Steps
- Setup: Configure development environment
- Data: Prepare required data
- Implementation: Build core functionality
- Testing: Verify correctness
- Optimization: Improve performance
Common Errors
| Error Type | Cause | Solution | |------------|-------|----------| | Compilation | Syntax | Check code syntax | | Runtime | Environment | Verify dependencies installed | | Logic | Algorithm | Step-by-step debugging | | Performance | Efficiency | Use profilers |
Code Example
import sys
def main():
print("Hello, World!")
if __name__ == "__main__":
main()
References
- Official documentation
- API reference
- Open source examples
- Community discussions
ECS (Elastic Container Service)
ECS is AWS's container orchestration service. It runs Docker containers on a managed cluster of EC2 instances or on AWS Fargate (serverless).
ECS Launch Types
| Launch Type | Server Management | Use Case | |-------------|------------------|----------| | Fargate | Serverless โ AWS manages servers | Simple, no ops overhead | | EC2 | You manage the EC2 instances | Large workloads, GPU, custom |
ECS vs EKS
| Feature | ECS | EKS | |---------|-----|-----| | Kubernetes API | No (AWS-native) | Yes (standard K8s) | | Complexity | Simpler | More complex | | Portability | AWS-specific | Portable (standard K8s) | | Community | AWS-focused | Large K8s community | | Learning curve | Lower | Higher | | Managed add-ons | Fewer | Many (Helm, Istio, etc.) |
ECS Task Definition
{
"family": "my-app",
"networkMode": "awsvpc",
"requiresCompatibilities": ["FARGATE"],
"cpu": "256",
"memory": "512",
"containerDefinitions": [{
"name": "app",
"image": "nginx:alpine",
"portMappings": [{
"containerPort": 80,
"protocol": "tcp"
}],
"environment": [{
"name": "NODE_ENV",
"value": "production"
}],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "/ecs/my-app",
"awslogs-region": "us-east-1",
"awslogs-stream-prefix": "ecs"
}
}
}]
}
EKS (Elastic Kubernetes Service)
EKS is AWS's managed Kubernetes service. It handles the control plane (master nodes) while you manage worker nodes.
EKS Components
| Component | Managed by AWS | Managed by You | |-----------|--------------|---------------| | Control plane | โ (API server, etcd, scheduler) | โ | | Worker nodes | โ | โ (EC2 instances or Fargate) | | Networking | โ | โ (VPC, subnets, security groups) | | Add-ons | โ | โ (CoreDNS, kube-proxy, metrics-server) |
EKS Cluster with eksctl
# Create cluster
eksctl create cluster \
--name my-cluster \
--region us-east-1 \
--nodegroup-name standard \
--node-type t3.medium \
--nodes 3 \
--nodes-min 1 \
--nodes-max 5 \
--managed
# Update kubeconfig
aws eks update-kubeconfig --region us-east-1 --name my-cluster
# Verify
kubectl get nodes
kubectl get pods -A
Summary
ECS and EKS are AWS's container orchestration services. ECS is simpler and AWS-native. EKS uses standard Kubernetes, offering portability. Choose ECS for simplicity, EKS for portability and ecosystem.
Key takeaways:
- ECS: AWS-native container orchestration, simpler than EKS |
- Fargate: serverless container execution (no EC2 management) |
- EKS: managed Kubernetes, portable across clouds |
- EKS control plane is managed by AWS, worker nodes by you |
- Task definitions (ECS) define containers, resources, networking |
- eksctl: CLI tool for creating and managing EKS clusters |
- Choose ECS for simplicity, EKS for portability |
- Both integrate with VPC, IAM, CloudWatch, ALB |
What's Next: CloudFront & WAF
The next chapter covers CloudFront (CDN) and WAF (Web Application Firewall).