© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS OpsWorks

Abstract

Automate your CI / CD using Amazon ECS to streamline your application’s development and deployment processes, leaving the heavy lifting to AWS OpsWorks. OpsWorks will take care of the daily tasks of installing system and package updates, configuring EBS volumes or tracking the health of your ECS Cluster. Use Amazon ECS in combination with AWS OpsWorks to drive operational efficiency into your CI/CD!

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Amir Golan Senior Product Manager

April 12th 2016

Managing Amazon ECS Applications with AWS OpsWorks

Amazon ECSContainer Management on AWS

Why do you need ECS?

Ø Package application code, configurations, and dependencies

Ø Deploy applications reliably and consistently

Ø Streamline cluster management q Scheduling, container management, service discovery, etc.

Ø Scaling and availability q Control node replication schemes and concurrency controls

Ø View and analyze metrics of running containers

How Does ECS help your CI / CD?

Ø The same container that runs on a developer’s desktop will run on

production

Ø Run independent containers with no shared dependencies (e.g. shared

library)

Ø track container versions regardless of the application (i.e. dockerfile)

Ø Existing containers don’t change and are faster to boot and scale

AWS OpsWorksOperate Infrastructure on AWS

Why do you need OpsWorks with ECS?

Ø Model and group your container applications

Ø Manage the life-­cycle of your container instances

Ø Control Access Management

Ø Monitor the health of your container instance

Ø Analyze logging information

Configure your instances using AWS OpsWorks

Ø Uses Chef to configure the software on the instances

Ø Associates runbooks (i.e. Chef cookbooks) with your instances

Ø Applies runbook configuration changes using life-­cycle events

Model your applications usingAWS OpsWorks

Manage the life-­cycle of your instances

Lifecycle events

Setup Configure Shut Down

Control Access Management

OpsWorks Access Management

Ø Provide IAM users full SSH and sudo privileges

Ø Provided limited access on a group level (i.e. OpsWorks stack)

SSH / RDP session managementØ AWS OpsWorks grants SSH access to IAM users

Monitor the Health Your Resources

Configure your instances using AWS OpsWorks

Ø 14 free one minute metrics (CPU, Memory, load, process count, etc.)

Ø Aggregation on the group level (OpsWorks stack, layer)

Ø CloudWatch optimized dashboards (contextual dashboards)

Analyze Logging Information

Configure your instances using AWS OpsWorks

Ø Track application logs using CloudWatch Logs

Amazon ECS and AWS OpsWorks

How to register an ECS cluster to OpsWorks?

What would OpsWorks do?

Ø Install Docker on the instance

Ø Installing the ECS agent on the instance

Ø Assign the instance to the ECS cluster

Benefits of using Amazon ECS & AWS OpsWorks

Ø Streamlined container instance scaling & provisioning

Ø Container instance operating system and package updates

Ø User permissions access management

Ø Container instance performance monitoring

Ø Amazon Elastic Block Store (Amazon EBS) volume management

Ø Public and Elastic IP address management

Ø Security Group management

Demo Time

Run Bash, Python, Ruby scripts on AWS OpsWorks

Ø "shellout" : "code" : "env x='() :;;;; echo vulnerable' bash -­c 'echo

Hello OpsJAWS!'"

Provide IAM Users With sudo Permissions

Ø sudo cat /etc/sudoers.d/opsworks

Thank You!