stockholm - amazon s3decks...php app time of day app. key components: task definitions ......

STOCKHOLM

©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

Amazon EC2 Container Service and

AWS CodeDeployJohan Broman

Solutions Architect

Containers

What are containers?

Self contained

Process isolation

OS virtualization

AutomationServer

Guest OS

Bins/Libs Bins/Libs

App2App1

Container advantages

Portable

Server

Guest OS

Bins/Libs Bins/Libs

App2App1

Container advantages

Flexible

Server

Guest OS

Bins/Libs Bins/Libs

App2App1

Container advantages

Fast

Server

Guest OS

Bins/Libs Bins/Libs

App2App1

Container advantages

Efficient

Server

Guest OS

Bins/Libs Bins/Libs

App2App1

Server

Guest OS

Bins/Libs Bins/Libs

App2App1

EC2 Container Service Benefits

Easily manage clusters for any scale

Nothing to run

Complete state

Control and monitoring

Scale

Flexible container placement

Applications

Batch jobs

Multiple schedulers

Designed for use with other AWS services

Elastic Load Balancing

Amazon Elastic Block Store

Amazon Virtual Private Cloud

AWS Identity and Access Management

AWS CloudTrail

Extensible

Comprehensive APIs

Open source agent

Custom schedulers

EC2 Container Service Terminology

Amazon EC2 instances

Docker daemon

Amazon ECS agent

Key components: container instances

Regional

Resource pool

Grouping of container instances

Start empty, dynamically scalable

Key components: clusters

Key components: task definitions

Volume Definitions

Container Definitions

Key components: task definitions

Shared Data Volume

PHP App Time of day App

Key components: task definitions

Container

Instance

Schedule

Shared Data Volume

PHP App Time of day App

Shared Data Volume

PHP

App

Time of

day

App

Key components: task definitions{

"environment": [],

"name": "simple-demo",

"image": "my-demo",

"cpu": 10,

"memory": 500,

"portMappings": [

{

"containerPort": 80,

"hostPort": 80

}

],

"mountPoints": [

{

"sourceVolume": "my-vol",

"containerPath": "/var/www/my-

vol"

}

],

"entryPoint": [

"/usr/sbin/apache2",

"-D",

"FOREGROUND"

],

"essential": true

},

{

"name": "busybox",

"image": "busybox",

"cpu": 10,

"memory": 500,

"volumesFrom": [

{

"sourceContainer": "simple-demo"

}

],

"entryPoint": [

"sh",

"-c"

],

"command": [

"/bin/sh -c \"while true; do

/bin/date > /var/www/my-vol/date; sleep 1; done\""

],

"essential": false

}

{

"environment": [],

"name": "simple-demo",

"image": "amazon/amazon-ecs-sample",

"cpu": 10,

"memory": 500,

"portMappings": [

{

"containerPort": 80,

"hostPort": 80

}

],

"mountPoints": [

{

"sourceVolume": "my-vol",

"containerPath": "/var/www/my-vol"

}

],

"entryPoint": [

"/usr/sbin/apache2",

"-D",

"FOREGROUND"

],

"essential": true

},

Key components: task definitions[

{

"image": "mysql",

"name": "db",

"cpu": 10,

"memory": 500,

"essential": true,

"entryPoint": [

"/entrypoint.sh"

],

"environment": [

{

"name": "MYSQL_ROOT_PASSWORD",

"value": "pass"

}

],

"portMappings": []

}

]

Essential to our task

Create and mount volumes

Expose port 80 in container

to port 80 on host

10 CPU units (1024 is full CPU),

500 megabytes of memory

{

"name": "busybox",

"image": "busybox",

"cpu": 10,

"memory": 500,

"volumesFrom": [

{

"sourceContainer": "simple-demo"

}

],

"entryPoint": [

"sh",

"-c"

],

"command": [

"/bin/sh -c \"while true; do

/bin/date > /var/www/my-vol/date; sleep 1; done\""

],

"essential": false

}

Key components: task definitions[

{

"image": "tutum/wordpress-stackable",

"name": "wordpress",

"cpu": 10,

"memory": 500,

"essential": true,

"links": [

"db"

],

"entryPoint": [

"/bin/sh",

"-c"

],

"environment": [

…

],

"portMappings": [

{

"containerPort": 80,

"hostPort": 80

}

]

},

]

From Docker Hub

Mount volume from other container

Command to exec

Unit of work

Grouping of related containers

Run on container instances

Key components: tasks

Key components: run a task

Good for short-lived

containers, for

example batch jobs

Key components: create a service

Good for long-

running applications

and services

EC2 Container Service

Manages containers

Handles scale

Schedules containers

Integrated with AWS services

AWS at Klarna

Our journey

What we started with

● Microservices

● Mostly Java (Dropwizard)

● Build Pipelines

● Zero downtime deployments

● Teams do (almost) everything

● Internal Cloud

Going AWS

● Almost no prior knowledge in the team

● Simplicity is key

● Help from a ruby team in Tel Aviv

First version

● Manually upload jar files and run them

Automation of machine creation

● Lets build a general cloudformation template for

everyone!

Automation of machine creation

Lets build a general cloudformation template for

everyone!

If statements in json

Automation of machine creation

● Specific cloudformation template for each

service

● Parameter File to differentiate between

environments

Provisioning

● Continue with Chef?

Provisioning

Lets start with bash

● install yum repo

● yum install

● start service

Run it from cloudformation

moved a lot to into the image, packer is great.

Provisioning, upgrading

● Min Instance count 3 (one in each zone)

● Launch new instances

● Let autoscaling kill Oldest

Provisioning, upgrading

● Specify application version as a parameter

● Cloudformation rolling upgrade

Monitoring

● Previously OP5/Nagios

o Hard when replacing machines often

o Hard to know when a service is up

Monitoring

● Finds instances automatically based on tags

● Finds monitoring port automatically based on

security groups

● API to be used from OP5

Current state

● Cloudformation checked in

● Template per service, parameter file per

environment

● Jenkins builds docker image, update-stack

● Provision with bash

● Most services run in docker

Next step

● Docker everything

● Run multiple docker images on same host

● Speed up deployment (currently 10 minutes)

● ECS

AWS CodeDeploy

©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

Why use a deployment service?

Automate

deployments

Manage

complexity

Avoid

downtime

CodeDeploy

• Scale from 1 instance to thousands

• Deploy without downtime

• Centralize deployment control and monitoring

Staging

CodeDeployv1, v2, v3

Production

Dev

Coordinate automated deployments, just like Amazon

Application

revisions

Deployment groups

Step 1: Package your application (with an AppSpec

file)

version: 0.0

os: linux

files:

- source: chef/

destination: /etc/chef/codedeploy

- source: target/hello.war

destination: /var/lib/tomcat6/webapps

hooks:

ApplicationStop:

- location: deploy_hooks/stop-tomcat.sh

BeforeInstall:

- location: deploy_hooks/install-chef.sh

AfterInstall:

- location: deploy_hooks/librarian-install.sh

ApplicationStart:

- location: deploy_hooks/chef-solo.sh

ValidateService:

- location: deploy_hooks/verify_service.sh

Step 1: Package your application (with an AppSpec

file)

version: 0.0

os: linux

files:

- source: chef/

destination: /etc/chef/codedeploy

- source: target/hello.war

destination: /var/lib/tomcat6/webapps

hooks:

ApplicationStop:

- location: deploy_hooks/stop-tomcat.sh

BeforeInstall:

- location: deploy_hooks/install-chef.sh

AfterInstall:

- location: deploy_hooks/librarian-install.sh

ApplicationStart:

- location: deploy_hooks/chef-solo.sh

ValidateService:

- location: deploy_hooks/verify_service.sh

Step 1: Package your application (with an AppSpec

file)

version: 0.0

os: linux

files:

- source: chef/

destination: /etc/chef/codedeploy

- source: target/hello.war

destination: /var/lib/tomcat6/webapps

hooks:

ApplicationStop:

- location: deploy_hooks/stop-tomcat.sh

BeforeInstall:

- location: deploy_hooks/install-chef.sh

AfterInstall:

- location: deploy_hooks/librarian-install.sh

ApplicationStart:

- location: deploy_hooks/chef-solo.sh

ValidateService:

- location: deploy_hooks/verify_service.sh

Step 2: Set up your target environments

Agent Agent Agent

Staging

Agent Agent

Agent Agent

Agent

Agent

Production

Deployment groupDeployment group

Group instances by:

• Auto Scaling group

• Amazon EC2 tag

• On-premises tag

Step 3: Deploy!

aws deploy create-deployment \

--application-name MyApp \

--deployment-group-name TargetGroup \

--s3-location bucket=MyBucket,key=MyApp.zip

AWS CLI & SDKs

AWS Console

CI / CD Partners

GitHub

Deployment config – Choose speed

v2 v1 v1 v1 v1 v1 v1 v1

v2 v2 v2 v2 v1 v1 v1 v1

v2 v2 v2 v2 v2 v2 v2 v2

One-at-a-time

Half-at-a-time

All-at-once

Rolling update – Deploy without downtime

v1v1 v1

Load Balancer

Rolling update – Deploy without downtime

v1v2 v1

Load Balancer

Rolling update – Deploy without downtime

v2v2 v1

Load Balancer

Rolling update – Deploy without downtime

v2v2v2

Load Balancer

Rolling update – Deploy without downtime

v2v2 v2

Load Balancer

Health Tracking – Catch deployment problems

v2v2 v2

Load Balancer

Health tracking – Catch deployment problems

v3 v2 v2Stop

Load Balancer

Health tracking – Catch deployment problems

v2v2 v2

Load Balancer

Rollback

Health tracking – Catch deployment problems

v2v2 v2

Load Balancer

Product integrations

Useful links

• EC2 Container Service– http://aws.amazon.com/ecs/details/

• AWS CodeDeploy– http://aws.amazon.com/codedeploy/details/

– https://blogs.aws.amazon.com/application-

management/post/Tx33XKAKURCCW83/Automatically-Deploy-

from-GitHub-Using-AWS-CodeDeploy

STOCKHOLM