NetApp Inc.

09/28/2021 | Press release | Distributed by Public on 09/28/2021 00:04

Import ECS Fargate into Spot Ocean - The Spot by NetApp Blog

AWS Fargate is a serverless compute engine for containers that work with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). With Fargate handling instance provisioning and scaling, users don't have to worry about spinning up instances when their applications need resources. While this has many benefits, it's not without its share of challenges which can limit its applicability to a wide variety of use cases. In this blog, we discuss those limitations and how you can achieve your goals using Spot Ocean as your serverless engine for containers.

ECS Fargate Considerations

Fargate abstracts infrastructure from the user, and manages compute in a black box. With no access to the actual infrastructure that clusters are running on, users do give up some control and transparency. This is especially apparent when it comes to compute pricing. On average, the cost of running workloads on Fargate is three times more than running the same workloads on EC2. For users that want to run serverless-but more cost efficiently-the options that Fargate offers is limited. While it's possible to run spot instances, a more affordable pricing model, AWS doesn't have an SLA for these and they can be taken away with little to no warning. Moreover, using Fargate means that customers also can't make use of their existing reserved instances.

There are also some technical limitations (see AWS Fargate Considerations) that can impact cost and limit flexibility. In addition to some restrictions on pod sizes, network, load balancing, GPU and other configurations, Fargate will also round up resource requests to specific sizes. This practice can create a lot of accumulated waste. For example, if you have pods that require 0.7vCPU and 1GB RAM, those requirements would be translated by Fargate to 1vCPU and 2GB of RAM. With large clusters, this behavior leads to waste and drives costs up as Fargate is charge by the request size.

Ocean for ECS

For the best infrastructure of both worlds-hands-free and cost-efficient-Spot by NetApp offers Ocean Engine, a serverless platform, purpose-built for containers and Kubernetes. With your containers orchestrated by EKS (or any other major managed Kubernetes service, as well as Kubernetes itself), and Ocean automatically managing the underlying infrastructure, you can save up to 80% of EC2 costs.

To achieve this significant cost savings, Ocean provisions the optimal blend of spot, reserved and on-demand instances with an enterprise-grade SLA. Applications can run reliably on spot instances, while the Spot platform is monitoring the spot market and will proactively replace at-risk instances.

Under the hood, Ocean uses AI-driven algorithms to understand cluster resource utilization and the requirements of each container, picking the right instances to match application needs. Designed to provide a serverless experience, users have the ability to control their infrastructure when they want to. They can set cluster-wide resource limits and have full visibility and granular control wherever they may need it.

Ocean includes further benefits and features such as:

Container-driven auto scaling
As you deploy tasks, Ocean scales the number of instances in the cluster to meet your application demands. Ocean learns your tasks requirements and decides what is the best instance size or type to accommodate those requirements.

Headroom
A smart buffer of capacity that allows for immediate pod scheduling and helps avoid pending tasks, making scale-up a proactive process. Custom headroom per Launch Specification is supported (see item #6).

High Allocation
Embracing a "containers first" approach, Ocean studies the actual Containers' requirements and utilizes bin packing algorithms to match tasks with the most efficient and optimized mix of EC2 Instances. This ensures the instances are highly utilized, which is extremely difficult to implement and track at scale, and provides additional cost reduction of 20-30%.

Right-Sizing
This capability assists in optimizing ECS services resource requirements in terms of CPU and Memory in order to increase the cluster's utilization and lower operational costs even further. Provides actionable suggestions based on actual consumption data gathered by metrics.

Cost Showback
One of the challenges of running workloads in a micro-serviced container architecture is that multiple applications and services share the underlying infrastructure, making it extremely difficult to distinguish between the costs of various workloads. With Spot Ocean "Showback" users gain insights into the costs of individual applications, allowing for better budget planning. Daily, weekly and monthly views, with total and relative costs.

Virtual Node Groups
Manage different workload types on one cluster with VNGs (previously launch specifications). You can configure different sets of AMI, IAM Profile, Security Group. Ocean's Autoscaler will pick the right Launch Specification based on attributes defined.

Cluster Roll
Apply configuration changes with a single click. For example, when a new version of Kubernetes is released, both the control and data planes need to be updated. A managed service like ECS will handle the control plane, but the cluster's worker nodes need to be updated as well. Ocean's cluster roll feature can be used to update the worker nodes with the new K8s version by utilizing a smart deployment mechanism to replace the cluster infrastructure in a blue-green manner. The deployment performs a smart selection of instances to launch, considering the pods running in the cluster and their requirements, as well as being aware of new workloads entering the cluster.

Visibility
Drill down into the cluster resources with the help of detailed dashboards. Resource allocation and utilization views, with breakdowns per node, deployment, pod and right down to the container level. Diagnose issues without leaving the console with detailed autoscaler Logs.

Automatic update ECS agent
Ocean will detect when a new ECS agent is available and update the AMI to the newest AMI automatically.

Importing ECS Fargate into Ocean ECS

Pre-req:

  1. Spot Organization Created. If you're not signup, create your Spot account here: https://console.spotinst.com/spt/auth/signUp
  2. AWS account linked to Spot Organization: Documentation
  3. Creation Spot Platform API Token: Documentation
  4. Fargate uses a network mode of: "awsvpc". In order to assign each task with an ENI you must enable VPCtrunking in your account to allow multiple ENIs to get assigned to a single EC2 instance. Documentationaws ecs put-account-setting-default --name awsvpcTrunking --value enabled --region us-west2
  5. Use an ECS optimized AMI: Documentation
  6. Python3 and pip installed.

Getting Started:

Part 1: Replicate the Fargate services as EC2 services

The below script will automatically import and replicate all current running fargate services in a specified ECS cluster to EC2 services managed by Spot's ECS integration with Ocean.

The script starts off by parsing through every Fargate-defined security group and will add all existing rules to a new single security group. This is required if you have more than 5 security groups as only 5 security groups are permitted to be attached to a single EC2 instance. After the creation of the new security group, a new Ocean ECS cluster will be created in the Spot SaaS platform. Lastly, the script will begin to replicate all fargate services by creating a new task definition and new EC2 service

  1. Download 01_ecs_create_ocean_import_fargate.py and requirements.txt from: https://github.com/spotinst/spotinst-examples/tree/master/Utilities/AWS/Ocean/ECS
  2. Run: pip install -r requirements.txt
  3. View the help documentation to view all of the required arguments (python3 01_ecs_create_ocean_import_fargate.py import-fargate -help)
     
    Usage: 01_ecs_create_ocean_import_fargate.py import-fargate
           [OPTIONS]

  ## The script will gather all services and do the following: ## 1) Describe
  all services within specified ECS cluster ## 2) Gather all SGs for each
  service ## 3) Create new Master SG ## 4) Copy all rules from existing SGS
  into master SG ## 5) Create a Spot Ocean Cluster ## 6) Copy/Import all
  fargate services into EC2 services (This does not remove/delete original
  fargate services) ## NOTE: Please use at your own discretion. Not
  responsible for any damage or accidental deletion of AWS infrastructure.

Options:
  -a, --account_id TEXT     Spot Account ID   [required]
  -t, --token TEXT          Spot.io Token  [required]
  -e, --ecs_cluster TEXT    Name of the ECS cluster  [required]
  --sg_name TEXT            Name of the new security group  [default:
                            FargateSecurityGroup;required]
  --sg_description TEXT     Description of the new security group  [default:
                            FargateSecurityGroup;required]
  -r, --region TEXT         Region where the ECS cluster is located
                            [required]
  -v, --vpc TEXT            VPC ID  [required]
  -s, --subnet TEXT         Security group ids - Syntax:
                            '["sg-123456","sg-123456"]'  [required]
  --iam_instance_role TEXT  instance profile arn EX:
                            arn:aws:iam::123456789:instance-
                            profile/ecsInstanceRole  [required]
  --ecs_ami TEXT            ECS optimized AMI ID  [required]
  --profile TEXT            AWS CLI Profile Name
  --access_key TEXT         Access key for AWS CLI access
  --secret_key TEXT         Secret key for AWS CLI access
  --session_token TEXT      Session token for AWS CLI access
  --help                    Show this message and exit.
    1. -a Spot Account ID
    2. -t Spot API Token
    3. -e Name of the cluster wish to import
    4. -r Region of the cluster
    5. -v VPC ID
    6. -s Subnet/s seperated by commas in the following syntax '["sg-123456″,"sg-123456"]'
    7. -iam_instance_role instance profile arn AWS Documentation
    8. -ecs_ami - The specific ECS optimized AMI

4. Run the script using python3 py import-fargate [OPTIONS]

5. Outputs:

    1. Security Group ID
    2. Ocean Cluster ID
    3. Migration Status

Part 2 (Optional): Rename the EC2 Services that were replicated and delete the original Fargate services.

The goal of this script is to automatically delete the existing Fargate services and rename the new EC2 services to keep the same naming convention as the original Fargate services. During the import process a prefix is added to all the imported services because AWS will not allow two services with the same name. This script is optional and not required as one can scale the existing Fargate services to zero and use the newly imported services from part 1.

The script will scale down the original fargate services to zero and delete them. After deletion, we will re-create the services with the exact same name but using the new task definition for a launch type of EC2. Once the new services are created, we will delete the migrated replicas so that you will have the same number of services prior to starting the migration of all EC2 launch types.

  1. Download 02_ecs_rename_sfm_service.py
  2. Open for editing and enter the following:
    1. Name of the cluster - ecs_cluster = ''
    2. region = "
    3. Indicate whether we should skip the deletion of any services that are not successfully running on EC2 - skip_non_running_services = False
    4. Aws Profile (Optional) - profile_name = 'default'
  3. Run the script using python py
  4. Output:
    1. Update original Fargate services desired task count to zero
    2. Delete original Fargate services
    3. Creating new services with EC2 launch type
    4. Deleting replicated services

Now that you've completed the import process, you can start creating Ocean cluster for ECS. Visit our documentation to learn more.