ecs服务集群
Have you ever had an idea?
你有主意吗?
I bet so! Wouldn’t be fantastic If you can deploy it in production as soon as possible in the shortest amount of time, passing from your CI/CD pipeline and have all of this standardised across all your environment?
我敢打赌! 如果您可以在最短的时间内从CI / CD管道传递尽快将其部署到生产环境中,并在所有环境中实现所有这些标准化 ,那岂不是太奇妙了吗?
Well, docker can be your perfect companion:
好吧, 码头工人可以成为您的完美伴侣:
Standardisation (the same image you are running on your dev should be identical to the production one, apart from the ENV variable)
标准化 (除ENV变量外,您在开发人员上运行的同一映像应与生产映像相同)
Read-only container (ready to scale horizontally)
只读容器 (准备水平缩放)
Rapid Deployment (as soon as the image available, it takes less than 10 seconds to spin up a container)
快速部署 (一旦映像可用,启动容器只需不到10秒的时间)
Isolation (You can define the amount of CPU/Memory to be used)
隔离度 (您可以定义要使用的CPU /内存量)
Security (Docker ensure that your applications are completely isolated from each other)
安全性 (Docker确保您的应用程序完全相互隔离)
DISCLAIMER: In a production environment I would use cloud formation to create all the resources and orchestrate the Deployment, nevertheless, this guide is an introduction of the basic of ECS to understand the underlying system and how to get the best from it.
免责声明 :在生产环境中,我将使用云形成来创建所有资源并编排部署,尽管如此,本指南还是ECS的基本介绍,以了解底层系统以及如何从中获得最佳收益。
什么是我为什么要使用Amazon ECS? (What is and why I have to use Amazon ECS?)
Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Amazon ECS eliminates the need for you to install and operate your own container orchestration software, manage and scale a cluster of virtual machines, or schedule containers on those virtual machines.
Amazon Elastic Container Service(Amazon ECS)是一种高度可扩展的高性能容器编排服务,它支持Docker容器,并允许您在AWS上轻松运行和扩展容器化的应用程序。 Amazon ECS消除了您安装和操作自己的容器编排软件,管理和扩展虚拟机集群或在这些虚拟机上调度容器的需求。
There are few alternatives out there; however, today, we will talk about Amazon ECS using AWS as your cloud provider.
那里别无选择。 但是,今天,我们将讨论使用AWS作为您的云提供商的Amazon ECS 。
让我们成为现实:高概述体系结构。 (Let’s get real: High-Overview Architecture.)
For the sake of this example, I will design a VPC following all the basic best-practice that you should apply in a production environment.
为了这个示例,我将遵循您应在生产环境中应用的所有基本最佳实践来设计VPC。
In this article, we will focus just on the ECS component. However, this is a pretty standard architecture for a VPC where you do have a Public, Private/Application and Data-Subnet.
在本文中,我们将仅关注ECS组件。 但是,对于VPC,这是一个相当标准的体系结构,在其中您具有Public , Private / Application和Data-Subnet。
As you can see, the Private and Data subnet is secured, this means that no-one can access directly from outside if they are not passing from the application load balancer.
如您所见,私有和数据子网是安全的 ,这意味着如果没有从应用程序负载平衡器传递的话, 任何人都不能直接从外部访问 。
让我们开始:应用程序负载平衡器的重要性。 (Let’s start: The importance of the Application Load Balancer.)
The ALB is the entry point for your application! Imagine typing (www.yourdomain.com); your DNS will translate the request to the IP of the Application Load Balancer. At this stage, the Application Load Balancer will have to analyse the different rule and re-route the request to a specific target group. A target group is used to re-route traffic to a particular service and behind the scene to all the different task (s)/container(s) that the service is running across your ECS cluster.
ALB是您应用程序的入口 ! 想象一下键入(www.yourdomain.com); 您的DNS会将请求转换为应用程序负载平衡器的IP。 在此阶段, 应用程序负载平衡器将必须分析不同的规则,然后将请求 重新路由到特定的目标组 。 目标组用于将流量重新路由到特定服务,并在后台将流量重新路由到该服务在您的ECS群集中运行的所有不同任务/容器 。
ECS集群 (ECS Cluster)
In this example, we are doing an old school EC2 Instance Cluster. Nevertheless, if you are into serverless, I will recommend using the FARGATE option.
在此示例中,我们正在使用旧式EC2实例集群。 不过,如果您无服务器,我建议您使用FARGATE选项。
An Amazon ECS cluster is a regional grouping of one or more container instances on which you can run task requests. Each account receives a default cluster the first time you use the Amazon ECS service. Clusters may contain more than one Amazon EC2 instance type.
Amazon ECS集群是一个或多个容器实例的区域分组,您可以在其上运行任务请求。 首次使用Amazon ECS服务时,每个帐户都会收到一个默认集群。 群集可能包含多个Amazon EC2实例类型。
To create a cluster jump on your “Amazon ECS” page and click Create Cluster.
要创建集群,请跳至“ Amazon ECS”页面,然后单击创建集群。
From there you will be asked to choose a template: Fargate template (not covered in this guide) or a Standard Template (Linux / Windows). After you select the template you need to choose:
从那里,您将被要求选择一个模板: Fargate模板(本指南未涵盖)或标准模板(Linux / Windows)。 选择模板后,您需要选择:
- Cluster Name 集群名称
- Provisioning Model, Number of Instances, EC2 Image to be used, EBS Storage Size, Keypair 设置模型,实例数,要使用的EC2映像,EBS存储大小,密钥对
- Network Configuration, Security Group (never use the public subnet!) 网络配置,安全组(切勿使用公共子网!)
- Container Instance IAM Role 容器实例IAM角色
- CloudWatch Container Insights CloudWatch容器见解
ECS服务 (ECS Service)
An ECS Service is responsible for launching, monitoring and recovering task (s)/Container(s) started in the ECS Cluster. You can define how many tasks you want to run and how to place them in the cluster (using task placement strategies and constraints to customise task placement decisions).
ECS服务负责启动 ,监视和恢复在ECS群集中启动的任务/容器。 您可以定义要运行的任务数量以及如何将它们放置在集群中(使用任务放置策略和约束来自定义任务放置决策)。
To allow the ECS Service to manage your task (s), you need to provide a task definition, that in the docker world will be the equivalent of a docker-compose.yml file.
为了允许ECS服务管理您的任务,您需要提供一个任务定义 ,该定义在docker world中将等同于docker-compose.yml文件。
ECS服务-任务定义 (ECS Service — Task Definition)
The Task Definition is a requirement to run Docker container(s)/task(s) in AWS ECS as it defines:
任务定义是在AWS ECS中运行Docker容器/任务的要求 ,因为它定义了:
- The image to use (generally hosted in AWS ECR/DOCKER HUB or your preferred Registry) 要使用的映像(通常托管在AWS ECR / DOCKER HUB或您首选的注册表中)
- Memory and CPU limits 内存和CPU限制
- The launch type 发射类型
- The logging configuration 日志记录配置
- And much more 以及更多
You can refer to this gist to have an idea:
您可以参考以下要点来了解:
For create a task definition, go to your ECS console and create a new one, this will be needed whenever we will start up a Service:
要创建任务定义,请转到您的ECS控制台并创建一个新的定义,每当我们启动服务时都将需要此定义:
At this stage, you can configure everything by the UI, or copy/paste a JSON file.
在此阶段,您可以通过UI配置所有内容,或复制/粘贴JSON文件。
ECS服务-服务创建 (ECS Service — Service Creation)
Jump on your ECS Console and after that, select your cluster and click Create a New Service. From there, select the task definition you’ve created and read the instruction to complete the task.
跳到您的ECS控制台上,然后选择您的集群,然后单击创建新服务。 从那里,选择您创建的任务定义,并阅读说明以完成任务。
Congratulation your docker container is up and running, with a service taking care of the health check and the cluster behind, ready to host more and more of your projects!
恭喜您的Docker容器已启动并正在运行,其中有一项服务负责运行状况检查和背后的群集,可随时托管越来越多的项目!
让我们谈谈功能吗? (Let’s talk about features?)
Auto-heal container: Using the target group, you can specify a path for checking the status of your application:
自动修复容器:使用目标组,您可以指定用于检查应用程序状态的路径:
In this example, the health-check is pinging the homepage at an interval of 30 seconds, making sure that it is returning a status code of 200. In the reverse scenario, the health-check fails, and your container will be re-deployed automatically!
在此示例中,运行状况检查以30秒的间隔对主页执行ping操作,并确保其返回的状态码为200。在相反的情况下,运行状况检查失败,并且将重新部署您的容器自动!
Demon Scheduling: Have you ever need to run a demon across your cluster? Well, if the answer is yes, you do know how painful is to manage (what happens if the container dies for a health-check for example?), this is the AWS managed way to deploy demon such a logging system.
恶魔调度:您是否曾经需要在整个集群中运行恶魔? 好吧,如果答案是肯定的,那么您确实知道管理起来很痛苦(例如,如果容器死于健康检查,会发生什么情况?),这是AWS托管的方式来部署恶魔这样的日志记录系统。
Task Scheduling: Batch jobs? Event-driven Jobs? All-in-one solution, the task scheduling allows you to start a task(s) based on a time interval (cronjob like), from a queue job (event-driven) or start manually!
任务计划:批处理作业? 事件驱动的工作? 一体化的解决方案,任务计划允许您基于时间间隔(类似于cronjob),从队列作业(事件驱动)或手动启动任务!
Task Placement: Even if it sounds something “1–0–1” placing the container across your cluster is not an easy job, you want to make sure that, e.g. that you do have an even distribution, therefore, if one of your ec2 instances stop or get restarted by mistake, your service will continue to stay up and running.
任务放置:即使听起来有些“ 1–0–1”,将容器放置在整个群集中也不是一件容易的事,但您还是要确保(例如,您确实拥有一个均匀的分布)ec2实例停止或错误重启,您的服务将继续保持运行状态。
AZ Balanced Spread: Availability Zone across EC2 instance (try to place each of the container in an EC2 instance that reside in a different az).AZ Balanced BinPack: Availability Zone across EC2 instance choosing the one with the least available memoryBinPack: EC2 instance selecting the one with the least available memoryOne Task Per Host: As per the descriptionCustom: This is the best feature; you can specify custom rules like Which kind of instance, you need to run the task, the AMI-id, the region, etc.etc
AZ平衡差 :整个EC2实例的 vailabilityž酮(尝试把每个容器的EC2实例驻留在不同的亚利桑那州)。 AZ平衡BinPack:跨EC2实例的 vailabilityž一个选择一个用最少的可用内存BinPack:EC 2实例选择一个用最少的可用内存一个任务每主持人 :每说明风俗:这是最好的功能; 您可以指定自定义规则,例如哪种实例,您需要运行任务,AMI-id,区域等。
结论 (Conclusion)
Now that your cluster has been set up and your first service is running on it, you just need to point a route53 entry to the target group and start playing around with your new docker cluster!
现在您的集群已经设置好并且您的第一个服务正在运行,您只需要将route53条目指向目标组并开始使用新的Docker集群!
This is an elementary guide, and lots of steps have not been illustrated, nevertheless, if you have any question feel free to send me a message on Linkedin
这是一个基本指南,尽管没有任何说明,但是如果您有任何问题,请随时向Linkedin发送我的信息,并没有说明许多步骤。
翻译自: https://medium.com/@acubeddu87/how-to-create-a-micro-service-using-aws-ecs-70b66a6c1e7e
ecs服务集群
246
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
