AWS Container Services: ECS, EKS, and Fargate Study Guide
Containers (for example, Amazon ECS, Amazon EKS, Fargate)
AWS Container Services: ECS, EKS, and Fargate
This study guide covers the core container orchestration and compute services provided by AWS, focusing on architectural decision-making for modernizing applications as microservices.
Learning Objectives
- Differentiate between Amazon ECS and Amazon EKS orchestration models.
- Identify use cases for AWS Fargate versus EC2 launch types.
- Determine the appropriate monitoring solution for containerized workloads.
- Explain the shared responsibility model regarding the control plane and data plane.
Key Terms & Glossary
- Orchestration: The automated management of container lifecycles, including deployment, scaling, and networking.
- Control Plane: The "brains" of the service that manages the cluster state, scheduling, and API (managed by AWS in ECS/EKS).
- Data Plane: The actual compute resources (EC2 instances or Fargate) where containers run.
- Task (ECS): A grouping of one or more containers that run together on the same host.
- Pod (EKS): The smallest deployable units of computing that you can create and manage in Kubernetes.
- Serverless (Fargate): A compute engine for containers that allows you to run containers without managing servers or clusters.
The "Big Idea"
Containerization is the primary vehicle for application modernization. By decoupling a monolith into microservices, you gain agility and scalability. AWS offers two "flavors" of orchestration: ECS (AWS-Native simplicity) and EKS (Open-source Kubernetes flexibility). Regardless of the orchestrator, you choose how to power them: either by managing your own EC2 instances or using the Fargate serverless engine to remove operational overhead.
Formula / Concept Box
| Decision Pivot | Recommendation |
|---|---|
| Existing K8s Knowledge? | Choose Amazon EKS |
| Speed to Market / Simplicity? | Choose Amazon ECS |
| Zero Infrastructure Management? | Use Fargate Launch Type |
| Deep OS Customization / Compliance? | Use EC2 Launch Type |
| Monitoring & Metrics? | Use CloudWatch Container Insights |
Hierarchical Outline
- I. Amazon Elastic Container Service (ECS)
- AWS Native: Deep integration with IAM, ELB, and CloudWatch.
- Opinionated: Simplifies the container journey with a lower learning curve.
- Windows Support: Managed AMIs for Windows and Linux.
- II. Amazon Elastic Kubernetes Service (EKS)
- Vanilla Kubernetes: Supports standard K8s tools and open-source ecosystems.
- Hybrid/Multi-cloud: Easier to migrate workloads from on-premises or other clouds.
- Complexity: Requires Kubernetes-specific expertise.
- III. Compute Platforms (Data Plane)
- EC2 Launch Type: Full control over patching, instance types, and overcommitting resources.
- Fargate Launch Type: Serverless, no OS management, but lacks persistent local storage (ephemeral).
Visual Anchors
Container Service Decision Flow
Control Plane vs. Data Plane Abstraction
Definition-Example Pairs
- Service Integration: The ability of a container service to interact natively with other AWS tools.
- Example: Using an IAM Role for Tasks in ECS to allow a container to write specifically to an S3 bucket without using long-term credentials.
- Ephemeral Storage: Temporary storage that exists only for the lifetime of the container.
- Example: A Fargate task processing a temporary log file. If the task restarts, the log file is deleted unless saved to EFS.
- Container Insights: A CloudWatch feature providing granular metrics.
- Example: Diagnosing a "Pod flapping" issue in EKS by viewing restart failure reasons in the CloudWatch dashboard.
Worked Examples
Scenario 1: The Migration Specialist
Problem: A company is migrating a legacy Java application. They have no experience with Kubernetes and want to integrate with their existing AWS infrastructure with minimal friction. Solution: Recommend Amazon ECS. Because it is "opinionated" and native to AWS, the learning curve is shorter, and it integrates seamlessly with ALB and IAM.
Scenario 2: The Serverless Strategy
Problem: A startup wants to run a containerized API but has no DevOps staff to patch Linux kernels or manage EC2 scaling groups. Solution: Deploy on ECS or EKS using the Fargate Launch Type. Fargate removes the operational overhead of managing the host OS and infrastructure lifecycle.
Checkpoint Questions
- Which container service is best if you require "vanilla" Kubernetes for portability?
- What is the main risk of using Fargate for stateful applications that don't use external storage?
- True or False: Amazon ECS supports Windows containers.
- Which monitoring tool provides container-level visibility like task/pod CPU and memory utilization?
[!TIP] Answers: 1. Amazon EKS; 2. Data loss (storage is ephemeral); 3. True; 4. AWS CloudWatch Container Insights.
Muddy Points & Cross-Refs
- Fargate vs. Lambda: Both are serverless, but Fargate is for standard Docker containers (long-running or complex), while Lambda is for event-driven functions.
- Persistence on Fargate: To save data, you must mount external storage like Amazon EFS. Local disk is wiped on termination.
- Learning Curve: EKS is powerful but complex. For the SAP-C02 exam, remember: EKS = Flexibility/K8s, ECS = Simplicity/Native.
Comparison Tables
ECS vs. EKS
| Feature | Amazon ECS | Amazon EKS |
|---|---|---|
| Complexity | Low (Simple) | High (Requires K8s skill) |
| Ecosystem | AWS Native | Kubernetes/Open Source |
| Unit of Work | Task | Pod |
| Abstraction | Native (Direct) | Layered (Kubernetes API) |
EC2 Launch Type vs. Fargate
| Feature | EC2 Launch Type | Fargate Launch Type |
|---|---|---|
| Management | Customer manages host/OS | AWS manages infrastructure |
| Scaling | Manual/Auto Scaling Groups | Automatic (Per Task/Pod) |
| Cost Model | Pay for EC2 instances | Pay for CPU/RAM per task |
| Isolation | Shared host VM | Dedicated kernel-level isolation |