Containers on AWS
Please use the menu below to navigate the article sections:
In recent years, the word “container” has become a buzzword in the world of Cloud and software development, and yet many have little understanding of what containerization actually is, and what problems containers can solve. In this article, we aim to get to the heart of what containers are, how containers can help your application management and how containers on AWS can be used.
In order to understand what containers are, we need to understand what containers are replacing, and this is what is known as a Virtual Machine.
Virtual Machines (VM) vs Containers
Virtual Machines (otherwise known as a VM) is a virtualized instance of a computer which runs applications, operating systems or anything else a typically physical computer might run.
Virtual machines do however run on a physical machine (somewhere) and use and make access to various computing resources (CPU, RAM etc) using a particular type of software called a hypervisor.
This hypervisor reconstitutes these resources into a collection of resources that can be provisioned and distributed wherever needed, enabling multiple VMs to run on a single physical machine – a big advantage to comparable physical computers.
Containers are however slightly different. Whilst VMs virtualize the computing resources, the virtualization of containers exists at the operating system level. Now let’s explain what that means.
When virtualization occurs on a VM, this VM will include the OS, as well as the application your developer puts on it. If a physical server was running for example, three virtual machines, they would have a hypervisor with three separate operating systems on it.
Using Containerization, a physical server would run three containerized applications with a container tool, which would run a single operating system. Each container will share the OS kernel with all of the other containers.
Containers are much more lightweight and use far fewer resources than virtual machines due to this method of virtualization. They are perfect for microservices applications and you can run containers on AWS to easily launch applications using a number of managed services.
The service you choose to run your containers on AWS depends on how much operational overhead you require, and depends on how comfortable you are with running containerized applications. The fact that 80% of cloud based containers are run on AWS, also shows how easy AWS makes it. The following services are popular choices when deploying containers on the AWS cloud.
Amazon Elastic Container Service (ECS)
Amazon ECS is the most simple way of running securely configured and scalable containerized applications on the AWS Cloud, and ECS is another fully-managed AWS service that takes all the heavy lifting out of deploying, managing and scaling containers. With deep integration in the wider AWS ecosystem, you can enable your workloads to be container-based with as little disruption as possible.
ECS comes in two main configurations, AWS Fargate (serverless compute) or running on Amazon EC2 (you have much more control on how you launch your containers). Amazon ECS also comes highly secure with native support for IAM, and other AWS Management and Governance tools.
Recently AWS also launched ECS Anywhere, in which you can use ECS to manage on premise container workloads using the AWS Systems Manager agent to coordinate your hardware with the AWS cloud-based control-plane.
Amazon Elastic Kubernetes Service (EKS)
Amazon EKS is a managed option for Kubernetes workloads (a popular container orchestration tool) which provides you with all the familiarity of using a Kubernetes environment, with the inherent scalability and availability the cloud provides.
With features like load balancing, enhanced logging capabilities as well as the choice to power your Kubernetes applications with either EC2 or AWS Fargate, you can choose whichever configuration best suits your needs.
EKS Anywhere is identical in conception to ECS Anywhere also, in the way that it allows you to take managed Kubernetes to your data center – taking the same Amazon EKS Distro that powers EKS in the cloud in your own hands.
Amazon Elastic Container Registry (ECR)
Amazon ECR is a fully managed container registry – where you can host your container images and artifacts securely and cost effectively. Similar to the popular Docker Hub, but fully managed – you can use ECR to integrate with Amazon Inspector to check for security vulnerabilities, or ensure you container images are encrypted using AWS KMS. Amazon ECR is also highly available by default, as it stores your images in S3, with it famous ‘11 9’s’ of durability preventing any loss or inaccessibility of data.
AWS App2Container is a less commonly known service in the collection of AWS Container services, but it is powerful none-the-less.
AWS App2Container is a CLI tool which can safely and simply migrate your existing applications into containerized apps whether they exist on a VM or on-premise and transforms them into modern scalable container-based software.
You simply select the application and using CloudFormation, A2C deploys your app as containers without you doing all the difficult configuration changes.
It is then deployed as a container image to ECR to either be run in ECS or EKS, whichever suits your needs.
Learn More about Containers on AWS
Check out these additional articles and videos on containers:
Containers on AWS are also covered in detail in our comprehensive training courses for AWS certifications:
- AWS Certified Solutions Architect Associate
- AWS Certified Developer Associate
- AWS Certified SysOps Administrator Associate
- AWS Certified Solutions Architect Professional