7
7
Table of Contents

What is Amazon ECS ?

Amazon ECS (Amazon Elastic Container Service) is a highly scalable, secure, reliable, and powerful container orchestration service. It allows you to run and manage Docker containers easily and efficiently in a cluster of EC2 or AWS Fargate, a serverless compute engine for containers. ECS container orchestration allows you to launch, stop and scale containers with ease, and it provides a set of APIs and CLI tools for integrating with other AWS services and third-party tools. Businesses also use Amazon Elastic Container Services for Kubernetes.

Components of Amazon ECS

Amazon ECS service consists of the following components:

  1. Task Definition: A task definition is a blueprint for the containers that run in an AWS ECS service. It defines the Docker images, CPU and memory requirements, networking configuration, and other parameters needed to run the containers.
  2. Task: A task is an instance of a task definition that runs on a container instance in an AWS ECS cluster.
  3. Service: A service is a logical grouping of tasks that perform a similar function. A service ensures that a specified number of tasks are running and provides a way to load balance traffic across them.
  4. Cluster: A cluster is a logical grouping of container instances that run ECS tasks.
  5. Container Instances: A container instance is an EC2 instance that runs the Amazon ECS agent and is registered into an Amazon ECS cluster.
  6. Scheduler: The scheduler is responsible for placing tasks onto container instances based on their resource requirements, placement constraints, and availability.

What is Service-to-Service Communication?

Service-to-service communication refers to the exchange of data and messages between different microservices or containerized applications. In a microservices architecture, different parts of an application are broken down into smaller, more modular services that communicate with each other via APIs. This allows for greater flexibility, scalability, and agility when developing and deploying applications.
For microservices to function properly, they need to be able to communicate with each other reliably and securely. This is where ECS comes in.
ECS offers several ways to enable service-to-service communication in microservices, including:

1. Amazon ECS Service Discovery

ECS supports service discovery, which makes it easy for containerized applications to find and communicate with each other. ECS integrates with AWS Cloud Map, which is a managed service registry that allows you to define custom names for your applications, services, and resources.
Using ECS service discovery, you can create a DNS record for your application, which can be resolved to the IP address of the container that is currently running the application. This makes locating and communicating with your application easy for other services.

2. AWS App Mesh

App Mesh is a networking service that shows you how your services are communicating with each other, giving you end-to-end visibility by deploying a lightweight envoy proxy alongside the container and it helps to ensure high availability for your application.

3. Amazon ECS Service Connect

Amazon ECS Service Connect provides managed service-to-service communication based on Amazon ECS configuration. It does this by creating both ECS service discovery and a service mesh. The complete configuration is provided inside each service. ECS Service Connect is a way to connect or refer to each of your services within the same namespace and it does not depend on the Amazon VPC. ECS Service Connect also provides logs and standardized metrics to monitor each of our services on Amazon ECS, thereby also helping in ECS cost optimization. It only interconnects AWS ECS Service.

ECS Service Discovery and ECS Service Connection using AWS Cloud Map

What is a Cloud map?

AWS Cloud Map is a service that helps you manage the names and locations of your cloud resources, such as virtual machines, containers, and other services
For example, if you have a microservices-based application running on AWS, you can use Cloud Map to register and discover the location of each service. This allows other services in the application to easily locate and communicate with the registered services, without needing to know their exact IP addresses or locations.

ECS Service Discovery

Containers are immutable by nature, they can be replaced with a newer version of service or can be changed regularly. This means that we can register new or upgrade services and deregister the old or unhealthy services. To do this is a challenging task and hence there is a need for ECS service discovery.

Configuration

When creating an Amazon ECS service the service discovery integration is listed as the second last section of the Configure network page. As shown in Figure, a new namespace called sample-namespace is being created, along with a service name of the backend. Whenever a client needs to communicate with the backend service, they’ll simply use the backend. sample-namespace to resolve all service endpoints.

The section right after service discovery is for establishing the Amazon Route 53 record types, AKA Service Discovery Instance

service_discovery

After the successful creation of the service, we should verify whether all tasks are running or not.
Once we’ve verified the tasks are all running, we should be able to hop over to the Amazon Route 53 console to also verify the existence of records that support the AWS Fargate task instances.

sample

Now if we dig or curl the service using an instance or another service instance in the same VPC, we get results as shown in Figure.

terminal_vpc

ECS Service Connect

AWS launched ECS Service Connect, a capability of Amazon ECS providing seamless service-to-service communication across VPC and ECS Cluster that integrates the capabilities of service discovery and service mesh inside an ECS service configuration.

Configuration

To configure ECS Service Connect, the first step is to update or create the task definition with the additional property of app protocol in the Port Mapping section. This additional layer 7 protocol helps to get additional metrics. Allowed values for AppProtocol are HTTP, HTTP2, GRPC

info

Create a service from task definition. When creating a new service or updating the service, click Turn on Service Connect

service_optional

Under the ECS service connect configuration there are two options i.e. Client side only and Client and Server. Choose the client side if the container in the task needs to connect to an endpoint from a service in a namespace. For the other option, the service does not get its endpoint

Choose client and server service if the container exposes and listens on a port for network traffic. This service gets an endpoint to communicate with any service within the same namespace

If you select client and server service then the service connect and discovery name configuration will appear which has a few options. The discovery name is used to create an AWS cloud map service. If this name is not specified, the port name from the task definition is used

DNS Name is the one that you use in the applications of client tasks to connect to this service and the listening port number for the Service Connect proxy. Each service with client and server configuration will get an endpoint in the form of http://DNS-Name:Port

Eg. http://demo:8090

services
To connect to services running on different ECS clusters, you must specify the same namespace in the cluster configuration so that all ECS services can communicate with each other. ECS Service Connect will make your services discoverable by all services in the same namespace.
After the creation of services in the same namespace, the services can connect or communicate to this service by the endpoint given in the configuration and task

ECS Service Discovery and ECS Service Connect Cost 

ECS Service Discovery and ECS Service Connect are two different AWS services that offer similar functionality but with different ECS pricing structures.

Here's an example that highlights the cost difference between the two:

Let's consider a scenario where you have a microservices-based architecture deployed on ECS. You have multiple services running as containers and must enable ECS Service Discovery or Service Connection and Communication between them.

Let's compare the cost difference between ECS Service Discovery and ECS Service Connect for a typical setup:

ECS Service Discovery:

  • It is charged for AWS Cloud Map discovery API functionality and AWS Route 53 resources. This includes the cost of creating an AWS Route 53 hosted zone and queries to the service registry.

ECS Service Connect:

  • ECS Service Connect does not have any separate cost or pricing model. Its pricing depends on whether you use AWS Fargate or Amazon EC2 infrastructure to host your containerized workloads. Customers using Amazon ECS service connect are charged for AWS Cloud Map discovery API operations. It also provides free traffic telemetry.

For more information, refer to AWS Cloud Map Pricing in the AWS Cloud Map Developer Guide.

table

Conclusion

ECS Service Discovery and ECS Service Connect are used for service-to-service communication, but ECS Service Connect is more advanced and cost-effective as it does not have any additional cost, it can be used for communication of services in other VPCs and it also provides monitoring of traffic health of the connected services.

CloudKeeper helps you optimize and streamline your AWS infrastructure, by handholding you toward the best practices and cost-efficient considerations. Want to know more about CloudKeeper Services?
Talk to our experts today!
 

You may also like

Thumbnail

An exclusive whitepaper based on the survey conducted by the Everest Group

Download Whitepaper
12
Let's discuss your cloud challenges and see how CloudKeeper can solve them all!
Connect with us
0 Comment
Read More
Read Less
Leave a Comment

Speak with our advisors to learn how you can take control of your Cloud Cost

Contact us
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10