06.10.21

Containers on AWS: Which Service Is Right for Your Workload

By Mathias Phoyu
Containers on AWS - Which Service Is Right for Your Workload

Due to their lightweight, portable nature, using containers allows optimal cloud-native application builds. Now, running ten containers is relatively straightforward, but when you consider running containers at scale, i.e., hundreds and thousands of containers comprising hundreds of services, this can get out of hand quickly. 

At this point, enterprises reach for a service or tool that can handle this challenge, which is where container orchestration tools come into the picture. Since 2014, AWS has launched more than 50 new features and multiple services to help engineers run containers in the cloud. At first, these tools aimed at optimizing how to run containers. The evolution of that tech has moved towards granular management and orchestration of container workloads. 

Today, AWS is one of the best places to run any containerized application because it removes the heavy lifting of underlying infrastructure management and container orchestration. The reason for this popularity is the comprehensive suite of services available to users, check out a top three platform comparison for these services here: Cloud Services Comparison: AWS vs. Google vs. Azure.

The Cloud-Native Computing Foundation completed a study, and determined that 63% of companies are running their container workloads on AWS. These organizations range from optimizing container services for super small-scale dev and test environments right up to enterprise-scale mission-critical applications demonstrating how AWS still remains the most popular platform for such business critical applications. In this article, we’ll discuss the most popular AWS container services to see which best suits your requirements.

So, let’s get started.

Amazon Elastic Container Service (Amazon ECS)

Amazon ECS is a container management service that can quickly launch, exit, and manage docker containers on a cluster. It is a management service to run Docker containers in the AWS environment. ECS helps to schedule the placement of containers across your cluster at scale. For example, if you have two physical hosts in a cluster and ECS helps us in deciding where your container should be placed, should it be placed in host one or host two. ECS allows for the configuration of that logic, or you can also let the service take control and define it natively.

You can easily launch Amazon ECS from the AWS management console or access it through software development kits (SDKs) provided by AWS. ECS helps to migrate the application to the cloud without changing the code. So anytime you think of migration, the first thing that comes to your mind is how that environment will be, and based on that, I will have to alter my code. With container services like ECS, these kinds of issues do not arise because we can create the same exact environment that we had on-premises.

The diagram below shows the working of Amazon ECS:

How Amazon Elastic Container Service works
Ref: https://aws.amazon.com/ecs/
  • ECS starts with the Amazon Elastic Container registry to store docker images.
  • ECS then creates the task definition for the application where it selects the container images and necessary resources to run the application.
  • And then, it deploys the container on any compute services such as AWS Fargate or AWS EC2.
  • Finally, ECS manages and scales the containers and applications as per the requirement.

Amazon Elastic Kubernetes Service (Amazon EKS)

Next up Amazon EKS, which allows you to optimize a managed control plane. EKS makes it easy to get started with Kubernetes on AWS cloud or on-premises. From day one, the first focus of EKS was to deliver a production-ready control plane that is highly available and highly scalable. AWS promises a  99.95% SLA with EKS, and the control plane is automatically scaled. So, if your application receives a traffic spike and you need to add more pods or nodes to your cluster, EKS will automatically scale the control plane in order to handle that increased load. EKS is native Kubernetes, and AWS teams run multiple integration tests with different community tooling to achieve seamless integrations that can work with EKS out of the box. So, logging integrations with tools like CloudWatch, ingress integrations with application load balancers, security integrations with IAM, etc., are few standard integrations with AWS EKS.

AWS Fargate

Managing multiple containers using ECS, an entire operating system, and the system-level libraries/packages for a single instance is a fairly straightforward task. But suppose you have to do this for hundreds of instances, then the complexity of the work increases dramatically. As a user, you just want to build the application, but first you need to manage all the containers and underlying instances on which the containers run. As a solution to this problem, Amazon introduced AWS Fargate. AWS Fargate is a compute engine that allows you to run containers without having to provision, configure or manage and scale clusters of virtual machines first.

With AWS Fargate, you no longer have to deal with EC2 instances, in fact, you do not have to use EC2 instances at all because AWS Fargate acts as the sole compute engine for your workload. Instead, your engineers can now focus on building and operating your application because Fargate will launch, host, and scale the containers for you. 

From a  financial perspective, you also do not have to worry if you have provided enough compute or memory resources for your application. You just have to specify the application requirements, and AWS Fargate will manage all the scaling and the infrastructure necessary to run the application in a highly available environment. The service makes strong business sense in this cost-saving capacity. Fargate can seamlessly integrate with Amazon Elastic Container Service (ECS) and Amazon Elastic Container Service for Kubernetes (EKS). You can launch containers on the Amazon Elastic container service using AWS Fargate launchpad with just a few simple steps.

This diagram shows the working of AWS Fargate:

How Amazon Fargate works
Ref: https://aws.amazon.com/fargate/
  • AWS Fargate builds the container image to deploy the application.
  • Depending on the application requirements, it defines compute and memory resources.
  • Runs and manages the applications for you.
  • You pay only for the resources you use. There is no extra cost for using Aws Fargate.

Last year, AWS launched Amazon EKS on AWS Fargate. Read more about this in our article: AWS Serverless Kubernetes Infrastructure with Amazon EKS on AWS Fargate. All that is required to get started is to add a resource, set the CPU memory request in your pod spec, submit it to your cluster, and then Fargate handles all the capacity provisioning. The tool provides a seamless workflow with your existing Kubernetes deployments, and you can let Fargate handle all of the patching, the scaling, it is not something you have to worry about. The other nice benefit of Fargate is that each pod runs in its own isolated compute environment, not shared with any other pods. So, if you are considering an enterprise container service from a security-conscious perspective, Fargate may be a good candidate.

Below diagram shows the working on Amazon EKS:

How Amazon EKS works
Ref: https://aws.amazon.com/eks/
  • Amazon EKS deploys a Kubernetes cluster with a master and worker nodes.
  • You can deploy the containers on EC2 instances yourself, or you can let AWS Fargate take care of it.
  • The tool then deploys the Kubernetes applications on the EKS cluster.
  • Provides you Amazon EKS dashboard to view and explore the Kubernetes applications running on the cluster.

Conclusion

Given it’s vast suite of services, comprehensive security and compliance controls,  and adaptable pay as you use model, AWS remains the leading cloud provider in the container orchestration landscape. AWS container services are heavily integrated across the breadth of the platform by design. This allows your container applications to leverage the entire AWS cloud from security, networking, all the way through to scaling and monitoring. AWS combines container agility with cloud security and elasticity and security.


Caylent provides a critical DevOps-as-a-Service function to high growth companies looking for expert support with Kubernetes, cloud security, cloud infrastructure, and CI/CD pipelines. Our managed and consulting services are a more cost-effective option than hiring in-house, and we scale as your team and company grow. Check out some of the use cases, learn how we work with clients, and read more about our DevOps-as-a-Service offering.