ECS - Elastic Container Service

Question 1

What is ECS?

Answer 1

Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service

Question 2

What is popular for ECS and Docker?

Answer 2

microservices and migration

Question 3

Where are apps packaged in Docker?

Answer 3

in containers

Question 4

What OSs, languages and technologies can be run into Docker containers?

Answer 4

any OS, language, or technology

Question 5

How interact and how are impacted the Docker containers that are running on the same machine

Answer 5

they don’t interact with each other unless we tell them to and they don’t impact each other, so if one application is going crazy the other ones won’t be impacted

Question 6

Where are Docker images stored?

Answer 6

Docker images are stored in Docker Repositories and there are two types of repositories:
o Public: Docker Hub https://hub.docker.com/
Find base images for many technologies or OS:
- Ubuntu
- MySQL
- NodeJS
- Java…
o Private: Amazon ECR (Elastic Container Registry)

Question 7

What is the main difference between Docker and a VM?

Answer 7

Docker containers run on the Docker Engine which uses just 1 Guest OS.
Each app in a VM run on a Guest OS and these OS run on the Hypervisor

Question 8

Whar are the ECS flavors?

Answer 8

• ECS “Classic”
• Fargate: ECS
• EKS

Question 9

What is ECS “Classic”?

Answer 9

Provision EC2 instances to run containers onto.

Question 10

What you must configure in EC2 to use ECS “Classic”?

Answer 10

We must configure the file /etc/ecs/ecs.config with the cluster name.

Question 11

What is Fargate?

Answer 11

ECS Serverless, no more EC2 to provision

Question 12

What is EKS?

Answer 12

Managed Kubernetes by AWS

Question 13

What are ECS clusters?

Answer 13

logical grouping of EC2 instances running the ECS agent

Question 14

What is the job of the ECS agent?

Answer 14

to register the instance to the ECS cluster

Question 15

What can you say about the EC2 instances AMI used in an ECS cluster?

Answer 15

The EC2 instances run a special AMI, made specifically for ECS

Question 16

Can you create an empty ECS cluster?

Answer 16

Yes, by just defining its name

Question 17

In ECS “Classic” what kind of Instance Launch types can be used?

Answer 17

On-demand and spot instances

Question 18

What Instance configuration can you define in an ECS “classic” definition?

Answer 18

o	EC2 instance launch type
o	EC2 instance type
o	# of instances.
o	EC2 AMI id.
o	EBS storage (GB).
o	Key pair.

Question 19

How is CloudWatch integrated to ECS?

Answer 19

CloudWatch Container Insights: Each container will have a different log stream.

Question 20

How is used the EC2 instances CPU and memory in ECS?

Answer 20

The EC2 instances in the cluster each have CPU and Memory values that are going to be shared among the containers.

Question 21

What is created by default when you finish defining the ECS instance configuration?

Answer 21

By default, an Auto Scaling Group is created in the cluster based on your instance configuration provided in the cluster

Question 22

When an instance in ECS starts how does it know to register to the cluster?

Answer 22

It uses the Instance User Data

Question 23

What are ECS tasks definitions?

Answer 23

Tasks definitions are metadata in JSON form to tell ECS how to run a Docker Container

Question 24

What are the 4 most important aspects defined in an ECS task definition?

Answer 24

o Docker Image
o Port Binding for Container and Host (no needed for Fargate)
o Memory and CPU required
o IAM Task Role

Question 25

What is the network mode used by Fargate?

Answer 25

awsvpc

Question 26

What is an ECS Service?

Answer 26

• ECS Services help define how many tasks should run and how they should be run
• They ensure that the number of tasks desired is running across our fleet of EC2 instances.

Question 27

What you need to do when you update your ECS task definition?

Answer 27

Whenever you update the Task Definition you must update your Service to use latest task definition revision.

Question 28

What are the ECS service types?

Answer 28

Replica

Daemon

Question 29

What is the ECS service type used by Fargate?

Answer 29

Replica

Question 30

What is the ECS service type replica?

Answer 30

Places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones.

Question 31

What is the ECS service type daemon?

Answer 31

1 task per ECS instance. No need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies. Useful for monitoring

Question 32

What are the most important aspects defined in an ECS service?

Answer 32

• Launch type (EC2 or Fargate)
• Task definition revision
• Cluster
• Number of tasks
• Task placement (not in Fargate)
• Load Balancing
• Service Auto Scaling

Question 33

What are the ECS Service deployment types?

Answer 33

• Rolling update

- Blue/green powered by CodeDeploy

Question 34

What you must do to define a Load Balancer for an ECS service?

Answer 34

a Load Balancer can only be set at service creation level, so you must create a new service

Question 35

What you must do to delete a service?

Answer 35

set the number of tasks to 0

Question 36

What happens if you have 1 instance running in your cluster running 1 task which has a port mapping 8080 -> 80 and you try to run a second task?

Answer 36

it will try to run it in the same instance with the same port mapping configuration and you will get this error. You can update your cluster number of instances to 2 and then it will deploy the second task in the second instance.

Question 37

What feature is provided by ALB for ECS?

Answer 37

The ALB has a feature named dynamic port forwarding which basically will route the traffic to the random port and basically spread our load on our different containers. This is how you run multiple same tasks on the same EC2 instance.

Question 38

What must be done in ECS task definition to work with the ALB?

Answer 38

You must create a new task definition revision by excluding any host ports. What will happen is that we just specify a container port and the host port becomes random.

Question 39

What you need to do on your EC2 instances if you set an ALB in front of your ECS cluster?

Answer 39

You need to update the EC2 instances security group to accept all protocols traffic from all the ports from the ALB security group

Question 40

What is ECR?

Answer 40

• A fully-managed container registry that makes it easy for developers to store, manage, and deploy container images.

Question 41

What if you get a permission error while trying to access ECR?

Answer 41

Check the IAM policy

Question 42

What you need to have in your computer to push an image to ECR?

Answer 42

Make sure you have Docker installed in your computer and either
• latest version of AWS tools for PowerShell (Windows)
• latest version of the AWS CLI (Mac/Linux).

Question 43

What are the steps to push an image to ECR?

Answer 43

1. Create a Repository in ECR
2. Authenticate in ECR using the CLI
3. Build your docker image
4. Tag the image so you can push it to the repository
5. Push the image

Question 44

How can you authenticate in ECR using the CLI?

Answer 44

• AWS CLI v1 login command

- AWS CLI v2 login command (newer)

Question 45

What is it about AWS CLI v1 login command in ECR?

Answer 45

It is about executing the output of

$(aws ecr get-login –no-include-email –region REGION)

Question 46

What is it about AWS CLI v2 login command in ECR?

Answer 46

1st part before the pipe (|) gives you the password used by the 2nd part to login.
aws ecr get-login-password –region REGION | docker login –username AWS –password-stdin ACCOUNT.dkr.ecr.REGION.amazonaws.com

Question 47

How do you scale in Fargate?

Answer 47

By increasing the number of tasks

Question 48

What you don’t define in Fargate?

Answer 48

Nothing related to EC2 instances. It is serverless

Question 49

What are the 2 most important ECS IAM Roles?

Answer 49

• EC2 Instance Profile or ECS Instance Role

* ECS Task Role

Question 50

What is ECS EC2 Instance Profile?

Answer 50

Used by the ECS agent to make API calls to ECS service like sending container logs to CloudWatch Logs or pulling docker images from ECR

Question 51

What is ECS Task Role?

Answer 51

Allows each task to have a specific role with the minimum permissions. Use different roles for the different ECS Services you run. Task Role is defined in the task definition, 1 task role per task.

Question 52

What are the ECS Task Placement Strategies?

Answer 52

• Binpack
• Random
• Spread
• A combination of these

Question 53

What is Binpack ECS Task Placement Strategy?

Answer 53

• Place tasks based on the least available amount of CPU or memory (it puts the tasks in the instance with more tasks).
• This minimizes the number of instances in use (cost savings)

Question 54

What is Spread ECS Task Placement Strategy?

Answer 54

• Place the task evenly based on the specified value.

* Example: instanceId, attribute:ecs.availability-zone

Question 55

What are the ECS Task Placement Constrains?

Answer 55

• distinctInstance

- memberOf

Question 56

What is distinctInstance ECS Task Placement Constrain?

Answer 56

place each task on a different container instance

Question 57

What is memberOf ECS Task Placement Constrain?

Answer 57

places task on instances that satisfy an expression. Uses the Cluster Query Language (advanced).
I.e.: all the tasks should be placed on t2 instances

Question 58

What are the scaling policies used by ECS Service Auto Scaling

Answer 58

It uses the same auto scaling service as used in EC2 auto scaling groups
o Target Tracking
o Step Scaling
o Scheduled Scaling

Question 59

What can you do if you want to do ECS Service Auto Scaling + EC2 Auto Scaling in your cluster

Answer 59

Use ECS Cluster Capacity Provider

Question 60

What is ECS Cluster Capacity Provider?

Answer 60

A Capacity Provider is used in association with a cluster to determine the infrastructure that a task runs on

Question 61

What are FARGATE and FARGATE_SPOT capacity providers?

Answer 61

The FARGATE and FARGATE_SPOT capacity providers are added automatically to Fargate

Question 62

What you need to do to add a Capacity Provider to ECS “classic”?

Answer 62

For Amazon ECS on EC2, you need to associate the capacity provider with an auto-scaling group