My name is @ ug23 and I am developing a service called Tax Accountant.com at a company called Bengo4.com.
This article is the 23rd day article of Bengo4.com Advent Calendar 2020. Eve Eve, which is not a holiday, feels strange.
I wrote the enthusiasm of I want to compare PHP testing frameworks, but recently I had more work related to Docker and AWS than writing PHP, so I summarized it while focusing on what I did recently. ..
I hope it helps people who have only touched EC2 but need to touch Fargate, or those who do not use ECS but have never used Fargate.
** Does not touch on Fargate best practices or how to build it. ** **
The other day, tax accountant dot com has moved from a configuration based on EC2 to a configuration using Fargate.
I feel a lot of benefits even though I have just made the transition, such as being freed from managing instances and being able to concentrate on managing containers, updating the operating environment, and being able to quickly scale in/out.
However, for me personally, it was my first experience that the production environment was container-based, so when I first touched Fargate, I was often confused by the difference in concept from EC2. Since the development environment is Docker, I used to touch containers on a daily basis, but I had no connection with tools such as Spinnaker and Kubernetes that move containers in a good way. I was working on organizing the concepts to get used to Fargate.
While studying, I noticed that ** even if it becomes Fargate, it can be considered in connection with the existing AWS **.
Fargate can be used in the ECS (Elastic Container Service) service. Therefore, to understand Fargate, you need to understand ECS.
As the name implies, ECS is responsible for orchestration of container-related services. Among them, you will select the Startup Type of the container from the following.
--EC2 launch type: Launch EC2 and run the container on it --Fargate launch type: Run container with Fargate
The EC2 launch type seems to be able to operate in a manner similar to running a Docker container on EC2 using other automation solutions while managing EC2. On the other hand, there are still issues that must be managed for EC2.
By making it a Fargate startup type, it seems that you can operate the service using Fargate without being aware of EC2 management on the user side. [^ 1]
If there is a service currently operated by ECS using the EC2 startup type, you can migrate by changing the startup type to Fargate. (Of course, verification is necessary because the network configuration etc. will change)
It's easy to think that Fargate handles a completely different concept from EC2 because it is handled in a container, but there are quite similar concepts available.
| On EC2 | At Fargate | Explanation |
|---|---|---|
| Instance type | CPU/Memory settings | Fargate gives you more flexibility than instance type to set vCPU and memory capacity combinations for each task |
| Instance store | Task storage | 20GB of ephemeral storage is available for each task. Data is lost when the task is finished |
| EBS | EFS | EBS is not available, so use EFS |
| Spot instance | Fargate Spot | FARGATE in capacity provider settings_If you set SPOT, you can use it with up to 7 discounts for normal tasks. The risk of interruption does not change |
| IAM role per instance | IAM role per task | IAM role range becomes task unit |
Even if they are similar, they are not exactly the same, so if you want to use them, actually check the advantages/disadvantages, constraints and billing system before using.
The part that changes suddenly from dealing with EC2 is that task networking is fixed to awsvpc.
--Since each task has an ENI (Elastic Network Interface), a private IP is assigned. --You can launch multiple containers within a task, but internally you can access another container on the same task via localhost because it shares the localhost interface. --The container that provides the Web server and the agents of various monitoring services can be placed in the same task and accessed from each other on localhost. --If you are in the same VPC, you can access it with a private IP like an instance --When registering to the target group to connect to ALB, register the task with the target type as IP
The part that shares localhost in the task may be annoying, but when you actually build it, you can feel it physically.
Even though I've only dealt with EC2, when I understood the concepts and networking mechanisms handled within Fargate, I realized that the basics wouldn't change that much, and I was able to get used to it through my work. If you decided to use Fargate, or if you changed jobs and the environment was Fargate, don't be afraid to touch Fargate.
Also, regarding AWS, not only this, you can learn the service outline and the relationship with other services by reading the slides of the blackbelt online seminar, so let's check it when you touch the service for the first time. (What is written here is written on these slides)
It seems that @poemn will write something tomorrow.
[^ 1]: As far as page 9 of the slide of here is seen, it seems that the EC2 environment managed by the AWS platform side is working even if it is not managed by the user.
Recommended Posts