Amazon ECS - keshavbaweja-git/guides GitHub Wiki

Clusters

  1. Clusters are region specific.
  2. A cluster may contain mix of tasks hosted on different launch types.
  3. ECS Launch Types - Fargate, EC2, External

Capacity Providers

  1. A cluster may contain mix of both Auto Scaling and Fargate capacity providers
  2. A capacity provider strategy can include only one type of capacity provider.
  3. FARGATE and FARGATE_SPOT are reserved capacity providers that can be associated with your ECS cluster
  4. EC2 Capacity Provider
    1. Name
    2. Auto Scaling Group
    3. Managed scaling and termination settings
  5. A capacity provider strategy is specified when creating a service or running a task
  6. A default capacity provider strategy is associated with a cluster.
  7. A service may be updated to use a capacity provider strategy rather than a launch type.

Fargate capacity provider

  1. Not supported for Windows containers and Linux arm64 architectures
  2. Reserved capacity providers that can be associated/disassociated from a cluster
  3. When tasks are stopped, event notification is sent to Amazon EventBridge.
  4. When tasks are stopped due to Spot interruption, a two minute warning is sent before the task is stopped. SIGTERM is sent to container and a task state change event is sent to EventBridge. ECS stopTimeout has a default value of 30 seconds.

Networking

  1. AWSVPC mode
  2. Bridge mode
  3. Host mode

https://docs.aws.amazon.com/AmazonECS/latest/bestpracticesguide/networking-networkmode.html

FireLens

  1. FireLens can route logs to AWS services and APN services as destination for log storage. FireLens provides an abstraction for Fluentd and Fluent Bit.

Sensitive data

  1. ECS offers seamless integration with Secrets Manager and SSM Parameter Store for accessing sensitive data, which can be injected as environment variables in containers or in task definition attributes.

IAM roles

  1. Execution Role - IAM role for ECS agent
  2. Task Role - IAM role for ECS task
  3. Container Instance Role - ecsInstanceRole (service role)

ECS Account level settings

  1. CloudWatch Container Insights
  2. AWS VPC Trunking
  3. Dual Stack

Service scheduler strategies

  1. REPLICA
  2. DAEMON (not supported for Fargate launch type)
  3. EventBridge scheduled event

Task placement strategies

  1. binpack
  2. random
  3. spread

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html

Task placement constraints

  1. distinctInstance
  2. memberOf
  3. ecs.os-family

Deployment - Rolling update

  1. Currently running tasks are replaced with new tasks
  2. minimumHealthyPercent - lower limit on no. of tasks that should be running during a deployment, expressed in percentage
  3. maximumPercent - upper limit on number of tasks that should be running during a service deployment
  4. Supports deployment circuit breaker - Can't be used with Classic LB, is not triggered if service deployment has at least one successfully running task.

Deployment - Blue/Green

  1. Canary - two increments
  2. Linear - equal increments with equal interval between increments
  3. All at once

Application Auto Scaling

  1. ECS Service can be configured as "AWS::ApplicationAutoScaling::ScalableTarget"
  2. "AWS::ApplicationAutoScaling::ScalingPolicy" allows a Target Tracking or Step Scaling policy to be associated with a scalable target