Amazon ECS, Monitoring, and Sumo Logic
Many companies are moving their infrastructure and web applications to the cloud. Along with moving to the cloud, organizations are finding new ways to remain agile and nimble, especially when it comes to software. By utilizing Amazon AWS and Amazon ECS, companies are decoupling their monolithic applications and taking advantage of microservice architecture.
With all these containers being spun up and deployed, something needs to keep track of maintenance, monitoring, logging, and troubleshooting. Some organizations have several thousand containers running at any given moment. That produces hundreds of thousands of lines of logs and events. Organizations are turning to Sumo Logic to handle the load and manage the burden of digging through logs and finding key events so teams can make data driven decisions and feel confident in their choices.
What is Amazon Elastic Container Service (ECS)
Amazon Elastic Container Service is a fully managed container orchestration service offered by Amazon AWS. Amazon ECS is being adopted by many companies such as Dueling, Samsung, and Ubisoft because of its strengths in scalability, reliability, and security.
Why use Amazon ECS?
Many companies are adopting Amazon ECS for their container orchestration. Two common use cases organizations are adopting Amazon ECS involve managing microservices and handling batch jobs.
Common Use Case: Microservices
Many organizations who move to the cloud find themselves migrating monolithic applications and systems. In order to handle increasing loads and scalability, teams are experimenting with microservice architecture by decoupling their monolithic apps. Thankfully Amazon ECS streamlines this process by providing administrators and engineers container orchestration capabilities to manage and control containerized independent services.
Common Use Case: Batch Jobs
Another particular use case scenario for Amazon ECS includes batch jobs, and the management capabilities brought to the table with Amazon ECS and AWS Batch. AWS Batch uses the Amazon ECS Agent to execute and carry out containerized jobs that run specific tasks. AWS Batch enables engineers to easily manage, run, and scale batch operations from tens to hundreds and thousands of containerized compute jobs.
Components of Amazon ECS Works and How They Work?
Basic components of Amazon ECS are Docker containers running on EC2 instance or you could go serverless by lounging services and tasks using AWS Fargate. But before we go any further, to fully understand how Amazon ECS works and why it's so powerful, one must first have to understand Docker.
Docker is a client-server development application that containerized applications in a lightweight environment containing all necessary dependencies that specific applications may need to run. Multiple different containers can be run on a single machine, making Docker very popular with developers when it comes to decoupling applications of running specific job types in batch.
Benefits of Amazon ECS
Amazon ECS has been helping systems managers and administrators sleep at night by providing automated deployment and rollback solutions, on demand scalability, and disaster recovery simplified.
Many years ago, administrators and engineers relied on Perl and Bash scripts to automate their deployments, make configuration changes, and recover from failures, which happened often. Today, we have containers that can be individually isolated, easy to deploy, and lightweight, making them easily distributable across multiple endpoints.
Benefits of Amazon ECS - Cost Efficiency
Amazon ECS gets teams running from the start with features giving organizations out of the box deployment and management capabilities for their containers. With Amazon ECS, teams can schedule multiple containers on a single endpoint, achieving greater density on EC2 instances.
Benefits of Amazon ECS - Compatibility Improvements
Amazon AWS offers EC2 Container Registry (ECR) which is integrated with Amazon ECS. Organizations that adopt Amazon ECS and ECR can benefit by simplifying troubleshooting processes and reducing situations where development functions in various environments. ECR allows developers to pull instance images running in production, which then can be shared for faster debugging. This type of streamlined workflow for debugging brings parity across different working environments and improved compatibility overall.
Benefits of Amazon ECS - Security Enhancements
Parlaying Amazon ECR with the use of ECS also comes with added security benefits. With granular control levels and the automatic encryption of images, system administrators have the ability to restrict access to specific S3 buckets and other Amazon AWS resources. Using IAM roles with ECS provides a layer of security not always present with traditional environments.
Features of Amazon ECS
In truth, several blog posts could be made focusing on each individual feature that Amazon ECS offers, so I’ll list the core and most commonly used features.
AWS Fargate - AWS Fargate empowers teams with scaling and infrastructure management control allowing them to focus more on development and less on things such as EC2 instance types, provisioning, cluster configuration, and patch management.
Native Docker Support - Amazon ECS supports Docker out of the box, enabling teams to run and manage Docker containers. Teams can package applications locally and deploy them at scale with Amazon ECS without need for configuration changes.
Programmatic Control - Amazon ECS allows developers to integrate and extend their service through API calls. Create, delete, manage, register, and deploy clusters using simple API actions or CloudFormation for provisioning.
Container Auto-Recovery - Amazon ECS automatically recovers failed containers, keeping
availability and reliability of your application above 99.99% uptime.
Scheduling - Teams can employ multiple scheduling strategies. Whether you configure clusters based on resource needs such as CPU or RAM, or whether your team needs a specified number of tasks running, Amazon ECS can schedule clusters based on a variety of needs.
Monitoring and Logging
Amazon ECS comes with deep, built-in monitoring capabilities provide organizations with insight into clusters and containers using Amazon CloudWatch. Teams can monitor data points such as CPU and memory allocation. Alerts can be configured when containers or clusters need to scale according to demand as well.
With AWS CloudTrail, teams can record all Amazon ECS API calls and have the log files stored in an S3 bucket or parsed for specific events. The recorded API call includes information such as the user, time, source IP address, and more. More on monitoring and logging later..
Integrating ECS with Sumo Logic
Amazon ECS is great and all, but how do teams improve their deployment workflow and ensure resource efficiency if they don't record and log all their data? This is where Sumo Logic comes in. By configuring CloudWatch and AWS CloudTrail, over the next two blog posts I'll be going over how you can integrate Sumo Logic in your organization, and highlight examples of how other teams have successfully improved their deployment workflow using Amazon ECS and Sumo Logic.
Conclusion and Getting Started with Amazon ECS
If you want to get started with Amazon ECS, the AWS Management Console for Amazon ECS comes with a "hello world" wizard that walks you through defining a task definition for a web server, and also has a Fargate introduction walk through. You can find out more information by following AWS's own Getting Started with Amazon ECS tutorial.
Complete visibility for DevSecOps
Reduce downtime and move from reactive to proactive monitoring.