Invoking AWS Container Service Platform to Accelerate Modernization of Application Architecture


As concepts such as Cloud Native and Microservice become apparent, more and more enterprises are transforming the old monolithic application architecture and embracing the containerized architecture. The Container Orchestrator Platform supports large-scale applications and manages the life cycle of containers.


But here comes the problem. There seem to be many container management platform products on the market at this stage, including open source solutions such as Kubernetes, Docker Swarm, Red Hat Open Shift, Rancher, and other services such as VMware Tanzu, AWS, and Azure. Commercial products, in the end how to choose will be better?


Be In all fairness, each platform has its own advantages or disadvantages. Therefore, AWS provides as many different container management services and related tools as possible to meet the various considerations of different users. As of now, options offered by AWS include Amazon Elastic Container Service (ECS), Amazon Elastic Kubernetes Service (EKS), AWS Fargate, and, most recently, Amazon EKS Anywhere. The following pages will describe these solutions in detail, and guide AWS users to choose the project that best suits their needs.


What is Container?

Container is a lightweight, independent, portable, executable software package including all functions required to run an application, from the application itself to all settings, Dependent software or packages, system resource libraries, etc. Thanks to the containerization package, we can greatly simplify the development and deployment of applications. Amazon ECS is a representative product with containers.


Enable a container management platform to keep containers running smoothly

Now that we understand what containers are, let's talk about why you need a container management platform . Containers alone are not enough for a formal application environment. We also need the following resources to help containers run smoothly:

1. An executable computing environment with CPU, memory and storage resources

2. A network that allows connections between containers, other services, and more Internet resources

3. Storage space and database

4. Caching, API and other external services

5. Mechanisms for monitoring various parameters, applications, syslog and security events


Although the container encapsulates the application itself, it still needs a container management platform to meet the other requirements that mentioned above during the entire life cycle of the container operation. Amazon EKS is a representative product with container management functions.


Amazon ECS fully managed service, so that beginners can easily start

Amazon Elastic Container Service (Amazon ECS) is a highly scalable and fast container management service. You can use it to run, stop, and manage containers on a cluster. With Amazon ECS, your containers are defined in a task definition that you use to run individual tasks or tasks within a service. In this context, a service is a configuration that you can use to run and maintain a specified number of tasks simultaneously in a cluster. You can run your tasks and services on a serverless infrastructure that's managed by AWS Fargate. Alternatively, for more control over your infrastructure, you can run your tasks and services on a cluster of Amazon EC2 instances that you manage.


Migrate workloads between different Kubernetes (K8s) clusters with Amazon EKS

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes. Kubernetes is an open-source system for automating the deployment, scaling, and management of containerized applications.


Amazon EKS introduces the Kubernetes Pod concept to deploy and manage containers, while Amazon ECS directly uses a single container for deployment needs. Kubernetes Pods can contain one or more containers with shared resource pools, and provide more flexible and fine-grained control functions for the elements in the service ; such as Proxy, Service Discovery, etc., all the services that need to be used when running containers, All included in Kubernetes Cluster.


Let's make an assumption here that our application service is composed of three independent components such as microservice API, image file management, and storage space. Kubernetes will allow us to list the three independent components as different containers to form application services. Running in a Pod, and the containers in the Pod are executed in conjunction with each other, they can easily access each other, and can also share resources such as storage, and do not need to rely on complex settings or external services. This also means that users can make good use of Amazon EKS to build more complex application architectures.


Amazon EKS allows users to tap into the wider Kubernetes ecosystem while leveraging a variety of add-ons, including network policy management and network solutions such as Cisco ACI, VMware NSX, Red Hat OVS or Project Calico (CNI), CoreDNS , which provides DNS services, and numerous other third-party add-ons and integrations. In addition, because Amazon EKS is based on Kubernetes, users can flexibly move workloads between different Kubernetes Clusters and are not tied to a specific vendor's platform or product.


No need to manage servers by using AWS Fargate

It is undeniable that even AWS fully managed service is adopted, the servers that provide computing still exist, so users can decide which type of computing resources to provide to Amazon ECS or Amazon EKS for use.


Moving on to AWS Fargate, a serverless, Pay-as-you-go computing engine that allows users to focus on developing applications without the distraction of managing servers. This means that AWS will take over the management of the underlying servers and will not require users to create servers, install software, and maintain updates. In other words, once you use AWS Fargate, you only need to create a cluster and add a workload, and then AWS will automatically add Pre-configured servers to match your workload needs.


From this point of view, in most cases, AWS Fargate will obviously be the more ideal solution, because it will not cost more than a self-managed server, and in most cases, only for the exact amount of usage Charges, it seem more cost-effective.


AWS Fargate users don't have to worry about unused capacity as much as they do with self-managed servers (which need to be manually shut down to save costs). However, AWS Fargate is not suitable for all application scenarios, and users need to be aware of some exceptions. For example, AWS Fargate cannot be used in environments with strict security and compliance requirements because AWS Fargate users lose access to the infrastructure servers, making it impossible to control these servers to meet stringent requirements. AWS Fargate also does not support the independent hosting requirements of "dedicated tenancy".


On the other hand, AWS Fargate is very similar to Amazon ECS in that it only supports the Amazon VPC network model, so it cannot exercise deep control over the network layer. Furthermore, AWS Fargate automatically allocates resources according to workload, so it cannot be set for specific controls; due to this automatic resource allocation mode, the usage cost of some scenarios may unexpectedly soar, especially when testing many jobs. This is especially true for the R&D environment of the load. In this case, would it still be more suitable to have a self-managing server that uses a capacity limit mechanism?

AWS 容器服務平台介紹


Amazon EKS Anywhere supports hybrid cloud to help eliminate data security concerns

When it comes to Amazon EKS, the main feature is that it extends the functionality of Amazon EKS, allowing users to enable default settings on self-managed infrastructure to build and execute Kubernetes Clusters. At the same time, it also provides the necessary tools to manage the cluster using the Amazon EKS console.


Basically, Amazon EKS Anywhere is built on top of Amazon EKS Distro and provides all the latest and necessary software that you can install on your infrastructure. More importantly, Amazon EKS Anywhere can obviously provide a relatively reliable Kubernetes platform compared to a fully self-managed Kubernetes Cluster.


Since Amazon EKS Anywhere adopts a hybrid cloud architecture, it allows enterprises to maintain the consistency of intranet operations regardless of whether they operate in the cloud or on-premises. Enterprises who are concerned about data security can take advantage of Amazon EKS Anywhere's ability to support both cloud and local environments, choose to store data in the enterprise's internal infrastructure, and then use AWS services to manage application architecture and deployment.


Amazon ECS vs Amazon EKS, which one is better?

So far, most companies that are facing the containerized architecture have generally made a choice between Amazon ECS and Amazon EKS, and they are very interested in knowing which side they are suitable for. In contrast, Amazon EKS is undoubtedly a more powerful platform than Amazon ECS, but it does not mean that Amazon EKS is the best solution for all workloads. Amazon ECS, with its simplicity and intuitive function settings, is still suitable for less workload.


Let's talk about when to use Amazon ECS. First of all, Amazon ECS has a low entry threshold and a low learning curve. Therefore, some small organizations or teams with limited resources often think that Amazon ECS is the best choice for managing container workloads. Secondly, Amazon ECS has a major feature, that is, it allows users to more closely integrate AWS resources that are already fa Application Load Balancer(ALB), Amazon Network Load Balancer (NLB) or Amazon Route 53, etc., which helps to manage applications Programming framework, and quickly start and execute applications. Then Amazon ECS can be regarded as a starting point for Kubernetes cloudification. Users do not need to adapt to Amazon EKS at one time, but can use Amazon ECS to implement containerization strategies, and transfer workloads to Amazon ECS fully managed service.


On the other hand, the advantages of Amazon EKS are based on the limitation of Amazon ECS "too simple and not many setting options". It provides more functionality and integration to easily build and manage workloads of any size. When it comes to when to use it, the first is that while many workloads may not require Pods, Pods provide complete control over Pod placement and resource sharing, which is invaluable when dealing with most service-based architectures. Secondly, Amazon EKS provides more flexibility in managing infrastructure resources, not only can it be flexibly operated on Amazon EC2, AWS Fargate, but also can be used within the enterprise through Amazon EKS Anywhere.


Second, Amazon EKS provides all the capabilities to use any public or private container repository. Furthermore, the monitoring and management tools of Amazon ECS are limited to the tools provided by AWS. Although they are sufficient for most usage scenarios, compared with Amazon EKS, it can show greater management through built-in Kubernetes tools and ready-made external integration resources. In terms of monitoring capabilities, Amazon EKS is significantly better.


All in all, the choice of the platform depends on the actual needs of users. Regardless of whether it is Amazon ECS or Amazon EKS, there are actually advantages and disadvantages both of these services. As long as users recognize the characteristics of their workloads, they can choose Amazon ECS or Amazon EKS correctly to maximize their effectiveness. Basically, if you are familiar with Kubernetes and want to cite the flexibility and richer functionality it offers, Amazon EKS is the place to go; otherwise, if you're just getting started with containers, or tend to cite relatively simple solutions , Amazon ECS would be the ideal option.

Contact Us