Durable storage volume for AWS Fargate, using Cloud Development Kit (CDK)
About
AWS Fargate is a serverless compute for running your containers. It comes with a large ephemeral storage volume that you can use to store data you are working on. However, this ephemeral storage space is wiped when the task stops and restarts.
This Cloud Development Kit (CDK) app shows how to attach an Elastic File System (EFS) to an application running in AWS Fargate
EC2 or AWS Fargate?
There are two main compute options for running containers with Amazon Elastic Container Service:
- EC2 (Deploy and manage your own cluster of self managed virtual machine instances that can each run one or more containers)
- AWS Fargate (Run containers directly, without any virtual machines to think about)
Both are completely valid techniques for operating your containers in a scalable and reliable fashion. Which one you pick depends on which factors you want to optimize for.
Comparison of Amazon EC2 and AWS Fargate across pricing, performance, and administrative overhead, with examples of best fits for each compute option.
A deep dive into Amazon ECS cost management
Nathan Peck (Senior Developer Advocate), Weijuan Davis (Senior Product Manager), Shubir Kapoor (Principal Product Manager, Cost Insights) and Arvind Soni (Principal Container Specialist) do a deep dive into cost management and cost allocation on Amazon ECS.
How to track container resource usage back to your AWS bill? Learn how to use ECS resource tags and AWS Cost and Usage billing report
Amazon ECS cluster on Bottlerocket Operating System
About
Bottlerocket is a Linux-based open-source operating system that is purpose-built by Amazon Web Services for running containers. Bottlerocket is designed to have only the bare minimum of software required to run containers. Additionally, it is designed with additional security hardening and an upgrade mechanism designed to reduce the overhead of maintaining large clusters.
Launch an ECS cluster that uses Bottlerocket OS instances as capacity for running containers
Internal worker or background service hosted on EC2 instances
About
A fully private service is generally used for important internal business services that need to be protected from direct access by the public:
- Cache service such as Redis
- Internal API that provides a thin wrapper around a database
- Billing, password and authentication, or other similar service that has personally identifying information.
- Internal background worker service
Architecture
A private service’s architecture looks like this:
A containerized worker or internal service, in a private network, managed by EC2, hosted on EC2 capacity.
Serverless public facing API hosted on AWS Fargate
About
Sometimes you want to create a public facing service, but you want stricter control over the networking of the service. This pattern is especially useful for the following usecases: