Skip to content

Containers⚓︎

Amazon Elastic Container Registry (ECR)⚓︎

  • Private/public container storage alternative to Docker Hub.
  • Containers are represented as images.
  • Backed by Amazon S3.
  • Access controlled by IAM.
  • Utilized by ECS, EKS, and Fargate.
  • Supports vulnerability scans, versioning, image tags, and image lifecycle management.

Amazon Elastic Container Service (ECS)⚓︎

  • Supports two launch types: Amazon EC2 and Fargate.
  • Fargate supports EFS volumes, FSx for Windows, Docker volumes, or bind mounts.
  • EC2 utilizes EFS volumes mounted on instances, not EBS.
  • ECS Autoscaling target tracking metrics include:
    • ECSSVCAVECPU
    • AveCPU use
    • ECSSVCAVEMEM (average memory use)
    • ALBRequestCountPerTarget (number of requests per target in ALB target group).
  • Scalable in/out based on EventBridge-invoked rules/schedules.
  • IAM roles:
    • EC2 Instance Profile (EC2 only): Used by ECS agent to make API calls to ECS service, send container images from ECR, and reference sensitive data in Secrets Manager or SSM Parameter Store.
    • ECS Task Role: Allows each task to have a specific role, useful for different ECS services.

Amazon Elastic Kubernetes Service (EKS)⚓︎

  • Managed node groups:
    • Create/manage nodes (EC2).
    • Nodes are part of ASG managed by EKS.
    • Supports On-Demand or Spot Instances.
  • Self-managed nodes:
    • Nodes created by users, registered to EKS cluster, and managed by an ASG.
    • Can use prebuilt AMI (Amazon EKS Optimized AMI).
    • Supports On-Demand and Spot Instances.
  • Requires specifying storage class on EKS cluster using Container Storage Interface (CSI) compliant driver: EBS, EFS (Fargate), FSx for Lustre/NetApp ON TAP.
  • Does not support Lambda, supports Fargate, Managed Node Groups, and Self-Managed Nodes.

AWS Lambda⚓︎

  • Serverless backend supporting container images (must implement Lambda Runtime API).
  • Free tier includes 1,000,000 requests and 400,000 GBs compute time.
  • Pay $0.20 per 1,000,000 requests after free threshold.
  • Pay per duration of memory (in increments of 1 ms) after free threshold ($1.00 for 600,000 GBs).
  • Supports up to 10 GB of RAM, minimum 128 MB.
  • Environment variables (up to 4 KB).
  • No out-of-the-box caching.
  • Regionally based.
  • Disk capacity in function container (/tmp) from 512 MB to 10 GB.
  • Can use /tmp to load other files at startup.
  • Concurrency executions: 1000, but can be increased.
  • Deployment size: uncompressed 250 MB, compressed 50 MB.
  • Can run via CloudFront as CloudFront functions and Lambda@Edge.
  • Can create Lambda layers (up to 5) to reuse code, reducing deployment size.

AWS Fargate⚓︎

  • Serverless backend utilizing ECS, EKS, ECR.
  • Resources include vCPU, memory, and storage (20 GB free).
  • AWS runs ECS Tasks based on CPU/RAM needs; to scale, increase the number of tasks.
  • No time limit like Lambda (15 minutes).
  • Lambda can encounter max concurrency issues; Fargate might throttle with error code 429.
  • Utilizes EFS, does not support mounting EBS volumes.

Amazon Managed Service for Prometheus⚓︎

  • Serverless monitoring service utilizing PROMQL to monitor and alert on container environments upon ingestion/storage.