Section 17: ECS, ECR & Fargate - Docker in AWS

Question 1

What is a hypervisor?

Answer 1

A computer software, firmware or hardware that creates and runs virtual machines

Question 2

What other name is given to a hypervisor?

Answer 2

Virtual Machine Monitor (VMM)

Question 3

What is a host machine?

Answer 3

A computer on which a hypervisor runs one or more virtual machines

Question 4

What is a guest machine?

Answer 4

A virtual machine

Question 5

What is Docker?

Answer 5

Docker is a software development platform to deploy apps that are packaged in containers that can run on any OS

Question 6

What are the benefits of using Docker?

Answer 6

Run on any machine
No compatibility issues
Predictable behavior
Less work
Easier to maintain and deploy
Works with any language, OS and technology

Question 7

Can a machine run many Docker containers at the same time?

Answer 7

Yes

Question 8

What is the difference between a Docker image vs Docker container?

Answer 8

A Docker container is an actual instanciation of a Docker image

Question 9

What does a Docker image packs?

Answer 9

The application and environment required by the application to run

Question 10

Where are Docker images stored?

Answer 10

In Docker Repositories

Question 11

What is the main public Docker Repository?

Answer 11

Docker Hub

Question 12

What AWS service allows you to create your own private Docker repository?

Answer 12

AWS ECR

Question 13

What does ECR stand for?

Answer 13

Elastic Container Registry

Question 14

What does VM stand for?

Answer 14

Virtual Machine

Question 15

How does Docker Containers differ from VMs?

Answer 15

VMs are sitting on an hypervisor and all have their own guest OS

Docker containers are managed by the Docker Daemon, which itself is controlled by the Docker client (CLI, AWS Console, etc.)

Question 16

What is the file that allows you to create Docker images?

Answer 16

Dockerfile

Question 17

What are the three container management platforms offered by AWS?

Answer 17

ECS
EKS
Fargate

Question 18

What does ECS stand for?

Answer 18

Elastic Container Service

Question 19

What does EKS stand for?

Answer 19

Elastic Kubernetes Service

Question 20

What are ECS Clusters?

Answer 20

Logical grouping of EC2 instances

Question 21

What kind of AMI does EC2 instances inside an ECS cluster must use?

Answer 21

An ECS-optimized AMI containing the ECS agent?

Question 22

What is the ECS agent?

Answer 22

A container that runs by default on ECS’ EC2 instances that is responsible for managing containers on behalf of Amazon ECS

Question 23

What does the ECS agents do when EC2 instances are created inside an ECS cluster?

Answer 23

They register the instances to the ECS cluster

Question 24

What are ECS Task Definitions?

Answer 24

Metadata in JSON form to tell ECS how to run a Docker Container

Question 25

What does an ECS task definition contain?

Answer 25

Task name
Task role (optional)
Task execution role
Memory and CPU required
Container definitions

Question 26

What do container definitions contain?

Answer 26

Container name
Image
Memory limits
Port mappings
Environment variables

Question 27

What do ECS Services do?

Answer 27

Define how many tasks should run and how they should be run

Ensure that the number of tasks desired is running accross our fleet of EC2 instances

Question 28

What is “Task role” ?

Answer 28

The Task Role is optional IAM role that tasks can use to make API requests to authorized AWS services.

Question 29

What is “Task execution role” ?

Answer 29

The Task Execution Role is the role that authorizes Amazon ECS to pull private images and publish logs for your task. This takes the place of the EC2 Instance role when running tasks.

Question 30

What must be tasks definitions port mapping host port in order to make them work with an ALB?

Answer 30

0, they will get generated randomly and the ALB will take care of forwarding the traffic to those generated ports

Question 31

What do you need to do BEFORE any push / pull to AWS ECR private repositories?

Answer 31

You need to retrieve an authentication token from AWS and authenticate from your Docker client to your registry using the docker CLI

aws ecr get-login-password –region ca-central-1 | docker login –username AWS –password-stdin _____________.dkr.ecr.ca-central-1.amazonaws.com/repositoryname

Question 32

What docker command allows you to push an image?

Answer 32

docker push ____

Question 33

What docker command allows you to pull an image?

Answer 33

docker pull ____

Question 34

What is Fargate?

Answer 34

AWS Fargate is a serverless compute engine for containers that works with ECS and EKS

Question 35

What does Fargate removes?

Answer 35

The need to provision and manage servers

Question 36

What is the only role of the developer when using Fargate?

Answer 36

Creating Task Definitions

Question 37

What is the file that must be configured with the cluster name when working directly with EC2 instances when working with ECS?

Answer 37

/etc/ecs/ecs.config

Question 38

What traffic must EC2 instances security group accept when working with ECS with an ALB?

Answer 38

The traffic from ALL ports from the ALB

Question 39

What are the two available X-Ray integration options for classic ECS clusters?

Answer 39

X-Ray Container as a Daemon

X-Ray Container as a “Side Car”

Question 40

What port mapping configuration should the X-Ray Container have?

Answer 40

{
  "HostPort": 0,
  "containerPort": 2000,
  "protocol": "udp"
}

Question 41

What should your app container have in order to find the X-Ray Container as a Daemon?

Answer 41

The environment variable
AWS_XRAY_DAEMON_ADDRESS=xray-daemon:2000

And a “links” array containing the value “xray-daemon”

Question 42

Can you run docker containers in EB?

Answer 42

Yes, either in Single or Multi Docker mode

Question 43

What does your EB source code need in order to run Docker containers?

Answer 43

Dockerfile

Dockerrun.aws.json

Question 44

How can you create a service on ECS using the CLI?

Answer 44

aws ecs create-service

Question 45

What docker CLI cmd allows you to build a docker image?

Answer 45

docker build -t demo .

The . is important here