{"id":537,"date":"2022-03-15T02:14:10","date_gmt":"2022-03-15T02:14:10","guid":{"rendered":"https:\/\/192.168.1.3\/wordpress\/?p=537"},"modified":"2024-10-17T12:57:53","modified_gmt":"2024-10-17T12:57:53","slug":"aws-developer-associate-dva-c01-review-material-ecs","status":"publish","type":"post","link":"https:\/\/mylinuxsite.com\/wordpress\/?p=537","title":{"rendered":"AWS Developer Associate (DVA-C01) Review Material \u2013 ECS"},"content":{"rendered":"\n<!--more CONTINUE READING-->\n\n\n\n<h4 class=\"wp-block-heading\"><strong>General<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li><i>A <strong>cluster<\/strong><\/i>&nbsp;is a logical grouping of tasks or services.&nbsp;<\/li><li>A <em><strong>container<\/strong><\/em> is a standardized unit of software development that holds everything that your software application requires to run.<\/li><li>Containers are created from a read-only template that&#8217;s called an&nbsp;<em><strong>image<\/strong><\/em>.<\/li><li>A&nbsp;<strong><em>task definition<\/em>&nbsp;<\/strong>is a text file, in JSON format, that describes <strong>one or more<\/strong> <em>containers<\/em> that form your application<\/li><li>A&nbsp;<em><strong>task<\/strong><\/em>&nbsp;is the <span style=\"color:#a30009\" class=\"has-inline-color\">instantiation<\/span> of a task definition within a cluster.<\/li><li>A <em><strong>service <\/strong><\/em>runs and maintains the desired number of tasks simultaneously in an Amazon ECS cluster.<\/li><li>Supports the following OS:<ul><li>Amazon Linux<\/li><li>Windows Server<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>ECS Cluster<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Logical grouping of tasks or services.<\/li><li>Tasks and services are run on infrastructure that is registered to a cluster, which includes:<ul><li>Managed by users:<ul><li>EC2 instances<\/li><li>On-Prem<\/li><li>Virtual Machines<\/li><\/ul><\/li><li>Managed by AWS:<ul><li>Fargate<\/li><\/ul><\/li><\/ul><\/li><li>Region-specific<\/li><li>Can be in the following states:<ol><li>ACTIVE<\/li><li>PROVISIONING<\/li><li>DEPROVISIONING<\/li><li>FAILED<\/li><li>INACTIVE<\/li><\/ol><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>EC2 Launch Type<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Requires an ECS agent.  <ul><li>The agent will run in EC2 as a docker container.<\/li><li>The agent will register the host to the ECS cluster<\/li><li>Container instances require external network access to communicate with the Amazon ECS service endpoint(inbound 1024-65535)<\/li><\/ul><\/li><li>Must use a special AMI<\/li><li>Can be provisioned using:<ul><li>On-Demand<\/li><li>Spot<\/li><\/ul><\/li><li>Uses CloudFormation to create the EC2.<\/li><li>Managed by an ASG (also created by CloudFormation)<ul><li>The launch configuration will have the following user data<\/li><\/ul><\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/bin\/bash\necho ECS_CLUSTER=DVA-C01 &gt;&gt; \/etc\/ecs\/ecs.config;echo ECS_BACKEND_HOST= &gt;&gt; \/etc\/ecs\/ecs.config;<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>The Linux variants of the Amazon ECS-optimized AMI look for agent configuration data in the<em><strong>&nbsp;<code>\/etc\/ecs\/ecs.config<\/code><\/strong><\/em><\/li><li>Uses the IAM Policy: <a rel=\"noreferrer noopener\" href=\"https:\/\/console.aws.amazon.com\/iam\/home#\/policies\/arn:aws:iam::aws:policy\/service-role\/AmazonEC2ContainerServiceforEC2Role\" target=\"_blank\">AmazonEC2ContainerServiceforEC2Role<\/a> by default<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Task Definition<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Meta that tells ECS how to run the container<strong><span style=\"color:#f10d0d\" class=\"has-inline-color\">s<\/span><\/strong> which include:<ul><li>The Docker image to use<\/li><li>CPU and Memory of<ul><li>Each task<\/li><li>Each container<\/li><\/ul><\/li><li>Launch type (EC2 or Fargate)<\/li><li>Networking mode (Bridge, Host, AWSVPC)<\/li><li>Logging<\/li><li>Data Volume<\/li><li><strong>The IAM role<\/strong><\/li><li>Container definition<ul><li>The command the container should use<\/li><li><strong>Port mapping<\/strong> <em>(set host port to 0 for dynamic port mapping)<\/em><\/li><li>Memory limit<\/li><\/ul><\/li><li>Whether the task should continue to run if the container finishes or fails<\/li><\/ul><\/li><li>You can define <strong>multiple containers i<\/strong>n a task definition<\/li><li>Has revisions (or version)<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>ECS Service<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Defines how many tasks should run and how should they run.<\/li><li>Can be associated with a load balancer (ALB\/NLB\/CLB). <strong>However, the association only happens during service creation<\/strong>. <\/li><li>The following parameters can be specified in a service definition:<ul><li>Launch Type (EC2, Fargate, External). Mutually exclusive with Capacity Provider.<\/li><li>Capacity Provider Strategy. Mutually exclusive with Launch Type.<\/li><li>Task Definition<\/li><li>Platform operating system (Required for Fargate, ignored in EC2)<\/li><li>Platform version (applicable to Fargate only)<\/li><li>Scheduling strategy (<strong>Replica<\/strong> or <strong>Daemon<\/strong>)<ul><li><strong>Replica<\/strong> &#8211; maintain the desired number of tasks across your cluster.<\/li><li><strong>Daemon<\/strong> &#8211; &nbsp;deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. No need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies<\/li><\/ul><\/li><li>Desired count. The number of instantiations of the specified task definition to place and keep running on your cluster.<\/li><li><strong>Task placement (for EC2 launch types only) <\/strong><ul><li><code>placementConstraints<\/code> (<strong>distinctInstance<\/strong>| <strong>memberof<\/strong>)<\/li><li>placementStrategy (<strong><code>random<\/code>&nbsp;|&nbsp;<code>spread<\/code>&nbsp;|&nbsp;<code>binpack<\/code><\/strong><code>)<\/code><\/li><\/ul><\/li><li>Network configuration (<strong>VPC, subnet and SG settings<\/strong>)<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>ECR<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>AWS managed container image registry service that is secure, scalable, and reliable<\/li><li>Each account has 1 private and public registry<\/li><li>Each registry can have multiple repositories.<\/li><li>A Docker repository is&nbsp;<strong>where you can store 1 or more versions of a specific Docker image<\/strong><\/li><li>To login using the CLI:<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>$ # Version 2\n$ aws ecr get-login-password --region region | docker login --username AWS --password-stdin aws_account_id.dkr.ecr.region.amazonaws.com\n\n$ # Version 1\n$ (aws ecr get-login --no-include-email --region region)<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Fargate<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Fargate version is a combination of the kernel and container runtime versions.<\/li><li>&nbsp;Pay for the vCPU and memory resources the tasks used.<\/li><li>Each Fargate task has its own isolation boundary and does not share the underlying kernel, CPU resources, memory resources, or elastic network interface with another task<\/li><li>Fargate launch each task has a <strong>dedicated Linux kernel&nbsp;<\/strong>not sharing CPU, memory, or the Elastic Network Interface (ENI)&nbsp;with any other task (each task has its own ENI)<\/li><li>Task definition must be compatible with Fargate.<\/li><li><strong>No host port mapping.<\/strong><\/li><li>Task Definition:<ul><li>Must specify Task Memory (0.5GB,1GB,2GB&#8230;) and Task vCPU (0.25,0.5,1,2..)<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Roles<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Instance Role (Container Instance Role)<ul><li>Used by the ECS Agent to make API calls<\/li><li>Defined during cluster creation.<\/li><li>Applicable only on EC2 launch type<\/li><\/ul><\/li><li>Task Role<ul><li>Used by the task<\/li><li>Defined in the task definition<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Task Placement Strategy and Task Constraints (EC2 Launch Type Only)<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Determines where to place the task when launching a new task or what task to terminate when terminating a task.<\/li><li>When Amazon ECS places tasks, it uses the following process to select container instances:<ol><li>Identify the instances that satisfy the <strong>CPU, memory, and port <\/strong>requirements in the task definition.<\/li><li>Identify the instances that satisfy the task placement constraints.<\/li><li>Identify the instances that satisfy the task placement strategies.<\/li><li>Select the instances for task placement.<\/li><\/ol><\/li><li><strong>Task Placement Strategy:<\/strong><ul><li>An algorithm for selecting instances for task placement or tasks for termination<\/li><li>Can be specified when either running a task or creating a new service.<\/li><li><strong>Strategy Types:<\/strong><ol><li><strong>binpack<\/strong> &#8211; placed on an instance so as to leave the least amount of unused CPU or memory<\/li><li><strong>random<\/strong><\/li><li><strong>spread<\/strong> &#8211; placed evenly based on the specified value. (e.g. instanceId, zone)<\/li><\/ol><\/li><\/ul><\/li><li><strong>Task Placement Constraint:<\/strong><ul><li>&nbsp;A rule that&#8217;s considered during task placement. <\/li><li>Can be specified when either running a task or creating a new service.<\/li><li><strong>Constraint Types:<\/strong><ol><li><strong>distinctInstance<\/strong> &#8211; Place each task on a different container instance.&nbsp;<\/li><li><strong>memberOf<\/strong> &#8211; Place tasks on container instances that satisfy an expression (using Cluster Query Language)<\/li><li><strong>ecs.os-family<\/strong><\/li><\/ol><\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Auto Scaling<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Can scale Service or infra through Cluster Capacity Provider<\/li><li><strong>Service<\/strong> <strong>Auto Scaling<\/strong>:<ol><li><a href=\"https:\/\/docs.aws.amazon.com\/AmazonECS\/latest\/developerguide\/service-autoscaling-targettracking.html\">Target tracking scaling policies<\/a>\u2014Increase or decrease the number of tasks that your service runs based on a target value for a specific metric. This is similar to the way that your thermostat maintains the temperature of your home. You select temperature and the thermostat does the rest.<\/li><li><a href=\"https:\/\/docs.aws.amazon.com\/AmazonECS\/latest\/developerguide\/service-autoscaling-stepscaling.html\">Step scaling policies<\/a>\u2014Increase or decrease the number of tasks that your service runs based on a set of scaling adjustments, known as step adjustments, that vary based on the size of the alarm breach.<\/li><li><a href=\"https:\/\/docs.aws.amazon.com\/autoscaling\/application\/userguide\/application-auto-scaling-scheduled-scaling.html\">Scheduled Scaling<\/a>\u2014Increase or decrease the number of tasks that your service runs based on the date and time.<\/li><\/ol><\/li><li><strong>Cluster Capacity Provider<\/strong>:<ul><li>A&nbsp;<em>capacity provider<\/em>&nbsp;is associated with a cluster and is used in a capacity provider strategy to determine the infrastructure that a task runs on<\/li><li>Defined at the cluster level<\/li><li>Fargate uses the&nbsp;<code>FARGATE<\/code>&nbsp;and a&nbsp;<code>FARGATE_SPOT<\/code>&nbsp;capacity providers that are added by default.<\/li><li>EC2 requires an ASG.<\/li><li>The <strong>service definition<\/strong> must use &#8216;<strong>Capacity Provide<\/strong>r&#8217; as the <span style=\"color:#a30000\" class=\"has-inline-color\">launch type<\/span> (not Fargate or EC2).<span style=\"color: var(--ast-global-color-3); font-size: 1rem; font-weight: inherit;\"><\/span><\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Task Volumes<\/strong><\/h4>\n\n\n\n<ol class=\"wp-block-list\"><li>Fargate task storage<\/li><li>Amazon EFS volumes<\/li><li>FSx for Windows File Server volumes<\/li><li>Docker volumes &#8211; a new directory is <strong>created within Docker\u2019s storage directory <\/strong>on the host machine.  Docker volumes are completely handled by Docker itself and therefore independent of both your directory structure and the OS of the host machine.<ul><li>The scope can be:<ol><li>Task &#8211; data are destroyed when the task completes.<\/li><li>Shared &#8211; data persists even after the task completes.<\/li><\/ol><\/li><\/ul><\/li><li>Bind mounts &#8211; &nbsp;a file or directory on the&nbsp;<em>host machine<\/em>&nbsp;is mounted into a container.&nbsp;<\/li><\/ol>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[11],"tags":[],"class_list":["post-537","post","type-post","status-publish","format-standard","hentry","category-aws-review-notes"],"_links":{"self":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/537","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=537"}],"version-history":[{"count":21,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/537\/revisions"}],"predecessor-version":[{"id":816,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/537\/revisions\/816"}],"wp:attachment":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=537"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=537"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=537"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}