ECS Anywhere, which enables on-premises or Edge container applications to be managed by AWS, is now generally available.
The Elastic Container Service is the AWS alternative to Kubernetes for container orchestration. AWS also offers EKS (Elastic Kubernetes Service), but ECS is easier to use and tightly integrated to other AWS services like IAM (Identity and Access Management) and ELB (Elastic Load Balancer).
Wheeled out at the company’s re:Invent shindig last December, ECS Anywhere and allows customers to run containers on ECS on their own infrastructure.
ECS will now run in a variety of hybrid scenarios: the big difference with ECS Anywhere is that it runs on customer-managed hardware
AWS was at one time cool on the idea of hybrid cloud, but now embraces it even to the extent of having a dedicated micro-site on the subject. “While most applications can run in the cloud, some need to remain on premises or in a specific location due to low latency, local data processing, or data residency requirements,” it acknowledged.
Hybrid services now include Outposts, where AWS installs hardware on-premises and manages it for the customer as an extension of an AWS Region. By contrast both ECS Anywhere and the forthcoming EKS Anywhere let the customer install AWS software on their own hardware and manage it from the AWS console.
ECS runs containers on clusters which are formed of instances, unless they run serverless on Fargate which manages cluster resources automatically. ECS Anywhere works by registering on-premises servers or VMs as “external instances”.
This does require a VPN between the on-premises network and an AWS VPC (Virtual Private Cloud).
Registering an external instance generates a script which customers run on each on-premises server or VM. Both x86_43 and ARM64 architectures are supported, and the OS must be one of a range of supported Linux versions, including CentOS 7 and 8, RHEL 7, Fedora 32 and 33, openSUSE Tumbleweed, Ubuntu 18 or 20, Debian 9 or 10, and SUSE Enterprise Server 15. Once configured, the external instances show up in the ECS console ready to run tasks, a task being a set of containers which are designed to work together.
“Amazon ECS external instances are optimized for running applications that generate outbound traffic or process data,” the docs explain.
There is no support for ELB, which means that running applications such as web services is sub-optimal, though it is still possible to configure a load balancer manually.
What happens if the link between AWS and ECS Anywhere instances goes down? The on-premises tasks will continue to run, but the task role credentials expire every six hours, and once expired, tasks “will not be able to communicate with other AWS services” according to the docs.
ECS Anywhere is not suitable for disconnected environments. The company did note that “only information necessary for managing the containers is sent to the ECS control plane running in the AWS region.”
This means that customer data remains on-premises.
Pricing for ECS Anywhere is $0.01025 per instance-hour for each managed ECS Anywhere instance. This is different from the pricing for ECS on AWS, where customers pay only for the resources used (no extra for ECS). Put another way, that is around $7.50 per month per task for the benefit of orchestration via AWS.
A detailed post describes how to try out ECS Anywhere using four Raspberry Pi 4 computers for the cluster. In the example, Ubuntu 20 is the operating system.
AWS is also previewing EKS Anywhere, which follows a similar model. The company said it will be available later this year.
With ECS Anywhere, AWS is following Google (with Anthos) and Microsoft (with Azure Arc) in trying to persuade its customers to integrate on-premises workloads with its public cloud. The benefits are consistency of management and ease of migration of workloads between cloud and on-premises, though it also means paying AWS to run applications on privately managed infrastructure. ®