Container-Based Compute

A container is a package that contains an application, libraries and file system required to run it. Containers run on a container engine which generally runs within a single OS such as Linux. Containers provide the isolation benefits of virtualization - but are more lightweight allowing faster starts and more dense packing within a host. All containers on a particular hardware use the same underlying OS and Infrastructure

A popular container engine is Docker and is the basis for Elastic Container Service (ECS). An image is a collection of file system layers. Docker file systems are differential - each layer stores differences from previous layers.

Launching a Container

  • Launch an EC2 Instance

  • Connect to the EC2 instance using SSH

  • Installing Docker Container Engine.

sudo amazon-linux-extras install docker

sudo service docker start (this will start the docker service)

sudo usermod -a -G docker ec2-user (this will authorize user=ec2-user to use docker. Need to exit the SSH session and log back in to EC2 instance. )

docker ps (to check docker engine is working without errors)

sudo yum install git (will install git to access git repository)

git clone https://github.com/linuxacademy/content-aws-csa2019.git (To copy data from specified git location)

cd content-aws-csa2019/lesson_files/03_compute/Topic5_Containers/Docker/ (change directory to specified location)

ls -la (to check the files in the folder)

docker build -t containercat . (period is to locate the Dockerfile on the current folder. We will use an image to spin up docker engine. Below is the Dockerfile contents which is saved a separate file in the above folder with no file extension)


FROM centos:latest

MAINTAINER FelineInc

RUN yum -y install httpd (this will install webserver. If error is observed, use sudo at the start of the command)

COPY index.html containercat.jpg /var/www/html/ (copy index.html and containercat.jpg into image folder)

ENTRYPOINT ["/usr/sbin/httpd", "-D", "FOREGROUND"] (webserver is started and exposed with port 80)

EXPOSE 80


docker images (will show the newly created image "containercat")

docker run -t -i -p 80:80 containercat (this will spin/run the docker image containercat)

That's it. Copy the public IP DNS URL of the EC2 Instance into a new browser window and we can see the webpage of our new website. Below steps will upload the containercat to a public docker hub.

docker login --username YOUR_USER

docker images

docker tag IMAGEID YOUR_USER/containercat

docker push YOUR_USER/containercat

Elastic Container Service (ECS)

ECS is a managed container engine. It allows docker containers to be deployed and managed within AWS environments. ECS can use infrastructure clusters based on EC2 OR Fargate where AWS manage the backing infrastructure. There are two modes of ECS.

EC2 Mode

ECS manages the EC2 instances over which containers are deployed via images. ECS manages scheduling and Orchestration, Cluster management and Placement Engine.

Fargate Mode

In this mode, EC2 instances are managed by AWS Fargate. While Amazon ECS manages Scheduleing and Orchestation, Cluster Manager and Placement Engine.

In ECS Service Menu, Click Cluster-->Create Cluster

Here you have to pick Either AWS Fargate mode OR Linux EC2 Instances OR Windows EC2 instances.

For example here, we pick AWS Fargate. Once Cluster is created, we click Tasks. Task defines what is going to be run inside ECS.

Click Task Definition-->Fargate-->Input Name, Task memory (GB)=1GB, Task CPU (vCPU)=0.5 vCPU, Add Container-->Input Container Name, Image=docker.io/USER ID/CONTAINER File Name, Memory Limits (MIB)=1024, Port mappings=80, Click Add. Click Create.

Now we will click Clusters-->Tasks-->Run New Tasks-->Select Launch Type=FARGATE, Task Definition, Platform version=LATEST, Cluster, Number of tasks=1 (1 copy of task will be run), Cluster VPC, Subnets, Security Groups, Auto-assign public IP=ENABLED-->RUN TEST.

Cluster: A logical collection of ECS resources - either ECS EC2 Instances or a logical representation of managed Fargate infrastructure.

Tasks Definition: Defines application. similar to a Dockerfile but for running containers in ECS. Can contain multiple containers.

Container Definition: Inside a Task Definition, a container definition defines the individual containers a Task uses. It controls the CPU and MEMORY each container has, in addition to port mappings for the container.

Task: A single running copy of any containers defined by a task definition. One working copy of an application e.g. DB and Web containers.

Service: Services allow task definition to be scaled by adding additional tasks (copies of application). Defines Minimum and Maximum values.

Registry: Storage for container images i.e. ECS container registry or Dockerhub. Used to download image to create containers.

Next: Networking