How to Automate Load Balancing ECS Anywhere
ECS Anywhere extends the reach of Amazon's ECS service to customer's datacenters. In this article we'll look at how F5 is helping its customers connect their F5 solutions to ECS Anywhere.
What is ECS Anywhere
Container workloads are everywhere and the ECS service provides a simple method to run these workloads. In the AWS cloud customers can choose to run their workloads on EC2 instances that are deployed by the ECS service or use Fargate to provide Container as-a Service (CaaS) without the need for any dedicated compute resources.
ECS Anywhere provides a method for AWS to provide the control-plane for managing container workloads in customer datacenters. This is enabled by a customer deploying a Linux machine that can be managed by AWS for the purposes of running container workloads.
How do I connect to Network Applications
There’s a variety of use cases for ECS from compute driven tasks (crunch numbers) to network based tasks (run a NGINX webserver). When you need to connect to a service like a webserver you can connect to the IP and Port that is exposed by ECS to reach the service. A simple example would be to connect to a webserver on the IP “10.1.10.10” and the Port “8080” that would map to the container port of “80” on the container.
Setting up (Manual) Load Balancing
A rudimentary method of setting up Load Balancing to ECS Anywhere is to configure your load balancing pool/upstream with the IP and Port of your services that you deployed. This can be OK for services that change infrequently, but this could become annoying if you need to make frequent changes.
Scripting Load Balancing
You can retrieve this information from the AWS APIs. The following is examples of how you can use the AWS CLI to retrieve the IP and Port of a service.
# extract Port of task $ aws ecs describe-tasks --cluster $CLUSTER_NAME --tasks $TEST_TASKID|jq .tasks[0].containers[0].networkBindings[0].hostPort 8080 # extract cluster ARN $ aws ecs describe-tasks --cluster $CLUSTER_NAME --tasks $TEST_TASKID|jq .tasks[].containerInstanceArn "arn:aws:ecs:us-east-1:123456:container-instance/test-ecs-anywhere/20564e8b6fda4a959a1e0018b33238f6" # obtain ID of SSM agent $ aws ecs describe-container-instances --cluster $CLUSTER_NAME --container-instances arn:aws:ecs:us-east-1:123456:container-instance/test-ecs-anywhere/20564e8b6fda4a959a1e0018b33238f6|jq .containerInstances[0].ec2InstanceId "mi-0e411842bff3ea5c5" # retrieve IP address $ aws ssm describe-instance-information --filters "Key=InstanceIds,Values=mi-0e411842bff3ea5c5"|jq .InstanceInformationList[0].IPAddress -r 192.168.122.20
Automating Load Balancing Changes
Automating these changes can be done in a variety of ways. Please see the following video for a demonstration of how you could create a BIG-IP ECS Controller that automates changes in your ECS Anywhere cluster to your BIG-IP devices. The code that was used to create the demo can be found on the F5 DevCentral GitHub at: https://github.com/f5devcentral/f5-aws-ecs-anywhere-sample
Where do you want to go?
In this article we've given you a first look at how you can work with ECS Anywhere. F5 and AWS are interested in getting your feedback on how you would like to use ECS Anywhere with your applications. Please feel free to comment or reach out to your respective account team on how we can work together to meet your business objectives.
- slickAltocumulus
Hi,
Thanks for this article, it's interesting.Is there anything that prevents me from running this setup for "normal" ECS (i.e non Anywhere) that uses fargate to run the containers ?