BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Amazon EC2 Container Service (ECS) is a cloud computing service in Amazon Web Services (AWS) that manages containers. It enables developers to deploy and manage scalable applications that run on groups of servers called clusters through application programming interface (API) calls and task definitions. Amazon ECS is a scalable service that is accessible through the AWS Management Console and software developer's kits (SDKs).
Amazon developed ECS in response to the rise of popularity of containerization. ECS enables a developer to specify rules for isolated sets of Elastic Compute Cloud (EC2) instances to increase portability and computing performance by running on top of a host operating system. ECS supports Docker, an open source Linux container service.
ECS enables users to create and run Docker containers for distributed applications that run on microservices. ECS evaluates and monitors CPU and memory output to determine the optimal deployment for a container. AWS customers can also use the service to update containers or scale them up or down. Elastic Load Balancing, Elastic Block Store (EBS) volumes and Identity and Access Management (IAM) roles are also supported for further customization.
Amazon EC2 Container Service vs. Kubernetes
Amazon ECS competes with Kubernetes, Google's open source container orchestration system. While the container management tools and use cases differ, Kubernetes has the following features that ECS does not:
- it is deployable to non-AWS clouds and on-premises resources;
- it has storage options outside AWS; and
- it receives contributions from the developer community, while not all ECS code is publicly available.
But Amazon ECS might be a simpler option for businesses that rely on AWS exclusively, or that want a container management platform with easy installation. Load balancer tools, resource monitoring, Auto Scaling and service management features are comparable between the two options.
Amazon ECS runs containers on top of EC2 instances, which provides isolation to help businesses achieve compliance. EC2 instances reside in an Amazon Virtual Private Cloud, and a user can specify which instances are exposed to the internet.
EC2 instances and ECS tasks also adhere to IAM roles, while security groups and network access control lists limit access to instances. An administrator can also provision EC2 Dedicated Instances for containers to provide extra workload isolation.
Administrators can adjust security settings at the OS level and implement other monitoring or management tools to protect ECS containers.
Scheduling containers, integrating registries
EC2 Container Service includes two schedulers, which enable users to deploy containers based on computing needs or availability requirements. AWS Blox, an open source container orchestration tool, integrates with ECS to schedule containers. Long-running applications and batch jobs benefit from the use of schedulers for their responsiveness; ECS also supports third-party scheduling options.
Any third-party or private Docker registry can access ECS, including Docker Hub. The user need only specify the repository in the task definition for ECS to retrieve the images.
Amazon ECS pricing
There is no additional cost to AWS customers for using ECS, though users still pay for EC2 instances and EBS volumes in the cluster, plus any other billable AWS resources used.