9 min read

What exactly is AWS Fargate?

June 10, 2021

What is aws fargate

AWS Fargate is a service that provisions serverless compute resources to run AWS ECS and EKS containers.  AWS states that Fargate allows you to focus on building your applications when you let Fargate provision and manage the infrastructure required. Think of it as containers on-demand with no underlying manually created infrastructure that are quick to launch and scale, where you manage everything at the container level.

You specify the resources your application needs to run and Fargate handles the provisioning of compute resources in an isolated and secure instance.

Fargate determines the correct amount of compute resources required, which means you don’t need to worry about selecting instance types or having to scale the cluster capacity.

With Fargate you only pay for the resources required to run your containers as they are consumed which means you eliminate over provisioning and paying for servers you don’t need.

Fargate tasks (pods) run in their own kernels providing a secure and isolated compute environment, which provides an isolated workload and improved security as a consequence.

Some major AWS clients like Vanguard, Accenture, Foursquare and Ancestry have selected Fargate to run their mission critical applications.

NAB a major Australian bank anticipate the removal of infrastructure management by using Fargate for EKS will reduce development costs on new projects by up to 75%. This ties in with the AWS premise that Fargate allows teams to build and operate applications using ECS or EKS containers without having the labour intensive infrastructure management tasks like scaling and securing servers and patching operating systems.

AWS Fargate provides a good level of observability with built in integrations with other AWS services like Amazon CloudWatch Container Insights. You can gather logs and metrics using any number of third party tools.

Fargate will always launch and scale compute resources to match the requirements you specify for the container, so over-provisioning is prevented meaning you aren’t paying for resources you aren’t using. You can also get spot and compute savings plan. The Fargate Spot option provides up to 70% savings over standard pricing, but is best used with interruptible applications.

AWS Fargate Platform Versions

Fargate platform version refers to the runtime environments available for the task infrastructure, which is a combination of the container runtime version and the kernel version.

When specifying a platform version, you can select a specific version ie 1.4.0 or specify LATEST.  Once deployed and you have tasks running, should your services need to scale, additional tasks are instantiated using the same version as the parent deployment.

When a new platform version is released, you can update your service, change the platform version and force a new deployment. This redeploys your tasks with the latest version. 

How does Fargate work?

To utilise Fargate to manage the deployment of your application container, you will need to have a container stored in a container registry like ECR or DockerHub and set up a task and cluster via ECS or EKS.

The steps in the deployment cycle are:

1) Build a container image

2) Host in a registry ie Amazon ECR or DockerHub

3) Choose an orchestration service - either Amazon ECS or EKS

4) Create a Cluster taking the AWS Fargate option

Your container Image is a read-only template that can be built from a docker file which contains your code, system libraries, tools, runtime and other dependencies required by your application to deploy. The docker file is a plain text file that details all of the required components that generates the container Image for storage in a container registry like DockerHub or Amazon Elastic Container Registry.

Once in the registry, your container can be pulled into a cluster instance to be run whenever required.

To set up the container to run using ECS you will then need to set up a task definition. Typically a task definition is a JSON file containing a blueprint of the requirements and settings needed to run the container. Container definitions like the image type, memory, cpu & network mode.

 If you were using EC2 to run your application in a cluster your would need to define:

  • Task Name
  • Task Role  (Optional IAM role to make API calls)
  • Network Mode  (Bridge on Linux, NAT on Windows)
  • Task Memory
  • Task CPU
  • Add the container name
  • Add the container image location
  • Specify memory limits
  • Create a Cluster
  • Select from EC2 Linux + Networking or EC2 Windows + Networking
  • Name the Cluster
  • Select a provisioning model (On-demand or Spot Instances)
  • Select the required EC2 Instance type - ie  M5.large
  • Select the number of Instances to provision
  • Select the EBS storage size in GB
  • Add an SSH keypair if RDP access is required
  • Select whether to create a new VPC or utilise an existing one
  • Select or create a new security group
  • Set up Subnet1 and Subnet2
  • Create or select an IAM role for use by the ECS Container Agent

As you can see, setting up your cluster, tasks and containers using EC2 can be a lengthy and quite complex process.

Using Fargate on the other hand removes the majority of these set up requirements.

The starting point is the Amazon ECS service dashboard. If visiting for the first time, it will look something like this:

Amazon_ECS_Home

Once you click the get started you’ll get an overview of how the ECS objects relate to each other 

Amazon_ECS_Objectsand you then get to select from some standard container images like a sample app, nginx or tomcat webservers.

Amazon_ECS_Container_Definition

This is where you find the custom container definition, which is where you enter the location of the container you wish to run.

Amazon_ECS_Edit_Container

At this point there is also a default task definition which sets an ECS task execution role and allows you to set the task name, task memory and task CPU:

Amazon_ECS_Task_Def

Next you can define elements of the Service settings like the service name and the number of tasks you would like to provision for the service. Having multiple tasks can mitigate against service failure should a singular task fail for some reason.

You can also set a port range here to enable access to your application and define load balancing settings if required.

The service will create a single security group unless load balancing is configured, then two new security groups are instantiated.

The next step is to name your cluster:

Amazon_ECS_configure_cluster

Once you continue you will get the option to review all the settings for the Task, Service and Cluster before creating the Fargate instance.

Amazon_ECS_Review

When you are happy with the settings, click create.   Note we have not had to select any EC2 instance types or configure any underlying infrastructure. Fargate will provision all of this automatically.

Amazon_ECS_Create_Start

After a few minutes the service creation should complete.

Amazon_ECS_create_complete

And you can view the service.

Amazon_ECS_Fargate_Service_Running

To access the application, access the Tasks tab of the service

Amazon_ECS_Task_Tab

Then select the running task id 

Amazon_ECS_ENI

The public IP address is displayed in the network settings of the task.

Enter that into a browser to view the running web application.

In this example we deployed the AWS sample-app container using Fargate.  Using Hava cloud visualization, we can visualize the container deployment. Connecting Hava to the AWS account used in this example, we can see a diagram has been created for the cluster.

Fargate_Cluster_Diagram

Selecting the bounding box (the cluster) - details are displayed in the attribute pane on the right hand side of the diagram showing details of the ECS cluster which shows the status of the cluster, active services and tasks.

Fargate_ECS_Cluster

You can then select the services contained within the cluster. In this instance there is just the one service:

Fargate_ECS_Service

And finally we can select the individual task visualized within the service to see all the details related to the task, including the running status, container id and the service and cluster running it.

Fargate_ECS_Task

This container view can also be switched to the hava.io list view to get details of all the ECS deployment info, containers, clusters, services and tasks.

Fargate_List_View

When we set up the cluster using Fargate, we were told security groups would be created. Hava also visualizes the security groups. In this example, we can see two security groups were created and one port has been opened, which is the one we specified during the cluster set up.

Fargate_Security_View

Selecting one of the security groups on the diagram will reveal the metadata related to that group in the attribute pane to the right of the diagram.  In this example the ECS MyCluster SG is selected revealing the ingress/egress ports configured and the connected resources.

 

 

testimonials

If you are building and deploying applications on AWS infrastructure, whether using Fargate, traditional ECS or non containerised EC2 infrastructure, you can visualize your infrastructure using Hava. 

You can find out more about Hava here:



Team Hava

Written by Team Hava

The Hava content team

Featured