ECS vs EKS – Which AWS Service Is Right for You?

Voiced by Amazon Polly

ECS and EKS are both container orchestration services from AWS—in this post we take a look at ECS vs EKS to see which one will be more appropriate for your containerized workloads.

Young woman in front of laptop holding up two graphic question marks to depict the comparison on two things

 

Container adoption is on the rise—the technology has become popular due to its efficient resource utilization and portability.  A container is essentially a software package that includes code, configurations and dependencies so that an application can be quickly launched and reliably run on any computing environment. This means that a developer can develop an app in a container on their laptop, then run that container on any cloud or on premise infrastructure without making any changes to it. 

Virtualization is handled at the operating system level rather than the hardware level, meaning containers can make much more efficient use of the underlying infrastructure.  Just as multiple virtual servers can share the same physical hardware, multiple containers can share the same operating system.

There are a number of different types of containers available—Docker is one of the most widely recognized and adopted. Other container formats include:

  • LXD
  • OpenVZ
  • Rkt
  • Windows Server Containers
  • Hyper-V Containers

Containers can achieve very high density compared to virtual machines—but this in itself presents a management or ‘orchestration’ challenge when operating containers at scale.  This is where container orchestration has become a necessity. Container orchestration manages the entire life-cycle of containers, taking care of tasks such as:

  • Provisioning and deployment of containers on the underlying compute infrastructure
  • Container availability and redundancy
  • Container elasticity (scale up, scale down)
  • Compute resource allocation
  • Monitoring containers and hosts
  • Application deployment

Amazon ECS vs EKS

Enter ECS and EKS – two solutions from AWS that help to solve the challenge of container orchestration.  Let’s first take a look at the two AWS services, then compare and contrast them to help you decide which is the best option for you.

Amazon ECS

Amazon Elastic Container Service logo

Amazon ECS (Elastic Container Service) is a fully managed container orchestration service—essentially ‘Docker as a Service’.  ECS is a tried and tested solution that is used to power many other AWS services, including Amazon.com’s recommendation engine, Amazon SageMaker and Amazon Lex.  This means that ECS is production ready in terms of security, reliability and availability.

ECS integrates with AWS Fargate, enabling a true ‘Serverless’ compute option for running containers on AWS, removing the need to provision and manage servers. But it can also be used with EC2 instances, or a mix of Fargate managed resources and EC2 instances, providing a truly flexible environment to run your containers and match resource fees to application utilization.

ECS pulls container images from ECR (Elastic Container Registry), where container images can be built and stored.  Containers can also be pulled from other third party container image repositories, such as Docker Hub. Users then define the container images and resources needed for their application in ECS, and ECS can launch the application either onto EC2 or Fargate. ECS then takes care of scaling the application and ensuring application availability.

ECS has the ability to self heal—failed containers are re-launched automatically using auto-recovery.

ECS works on the concept of ‘Tasks’ – a task definition is written in JSON (Java Script Object Notation).

ECS supports both Docker containers and Windows containers.

Amazon EKS

Amazon Elastic Kubernetes Service logo

Amazon EKS (Elastic Kubernetes Service) is a fully managed Kubernetes service.  Kubernetes is an open source system for automating the deployment, scaling and management of containerized applications.  Amazon EKS enables AWS customers to run Kubernetes on AWS without needing to build and maintain their own Kubernetes control plane, which consists of a kube-apiserver, etcd, kube-scheduler, kube-controller-manager and cloud-controller-manager.

The Kubernetes control plane nodes are responsible for starting and stopping containers, scheduling containers on virtual machines, storing cluster data and other tasks.  Amazon EKS automatically manages the scaling and availability of the Kubernetes control plane nodes.

EKS provides a scalable, highly available Kubernetes control plane that spans three AWS availability zones.

Like ECS, EKS can integrate with AWS Fargate, which removes the need to provision and manage servers for the Kubernetes nodes or worker machines on which the containers will run.  EKS also integrates with other AWS networking and security services, including the Application Load Balancer for load distribution, Identity and Access Management (IAM) for role-based access control, and Virtual Private Cloud (VPC) for secure Kubernetes pod networking.

EKS works on the concept of ‘Pods’ – pods are defined by a ‘manifest file’ which is written in YAML (YAML Ain’t Markup Language).  An EKS Pod is equivalent to an ECS Task.

EKS supports both Windows and Linux worker nodes in the same cluster.

Read more about Amazon EKS and competitive offerings.

Amazon (AWS) ECS vs Kubernetes

So, now we understand that EKS and ECS are both fully managed container orchestration services offered by AWS. What’s the difference? And why choose one over the other?  Let’s take a look at some of the key differences between the two services.

Vendor Lock In

ECS is an AWS proprietary technology, whereas EKS runs Kubernetes, which is open source.

One of the key benefits of containers is that they can run anywhere, so when deciding between ECS and EKS you need to ask yourself: Will I want to run my containers anywhere other than AWS? If the answer is yes, you’ll need to go with Kubernetes and EKS.  If the answer is no, then ECS will work just fine for you.

Networking

With ECS, ENIs (Elastic Network Interfaces ie Virtual NICs) can be allocated to a ‘Task’. An EC2 instance can support up to 120 tasks. With EKS, ENIs can be allocated to and shared between Kubernetes pods, enabling the user to place up to 750 Kubernetes pods per EC2 instance (depending on the size of the instance) which achieves a much higher container density than ECS.

Security

From a security perspective, there is little difference between ECS and EKS. Previously, it was not possible to associate an IAM role to a container in EKS, but this functionality was added in late 2019.
Both ECS and EKS pull container images from secure storage in ECR (Elastic Container Registry), which is the AWS service for storing Docker images.

Simplicity of Deployment

ECS is an out-the-box solution, which can easily be deployed via the AWS console.  As it is a fully managed PaaS service from AWS, there is no control plane to configure—once ECS is set up, users can start deploying tasks straight away from within the AWS console.
 
EKS is a little more complex and requires more configuration and therefore more expertise.  After setting it up in the AWS console, users then need to configure and deploy Kubernetes pods using Kops.

Pricing

AWS does not charge for the use of ECS—you simply pay for the compute resources consumed by your containers, whether that be on EC2 instances or a serverless compute with Fargate. For EKS there is a charge of $0.10 per hour for each EKS cluster that is created.

ECS vs EKS: Which One to Choose?

AWS ECS vs EKS

ECS and EKS are both very capable container orchestration solutions that will help you to manage containers at scale, so there is no right or wrong answer.

If you are a complete container novice, then you’ll find it easier to get started with ECS.  

If you are experienced with containers already, or if you are already running Kubernetes clusters, then EKS will be a better fit.  And as mentioned above, if you are concerned about vendor lock in and maybe want to run container workloads outside of AWS, then EKS is the right choice.

Whatever you decide when choosing between ECS and EKS, Logicata’s AWS Managed Services is always an option should you require help with the deployment and ongoing management of your containerized workloads.

You Might Be Also Interested In These...

Realistic set of bright yellow cargo containers. Front, side back and perspective view.

5 New Features in AWS Fargate Version 1.4

What is AWS Fargate? AWS Fargate is a serverless computing engine for containers that enables customers to deploy and manage applications, not infrastructure.  Fargate works with Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS), and enables customers to deploy container based applications without having to provision EC2 instances or Kubernetes pods. AWS […]

View Post
Approved certificate medal icon in flat style. Check mark stamp vector illustration on white isolated background. Accepted, award seal business concept.

AWS Reliability – A Core Pillar of Your Architecture

In this post I’m going to give an overview of the AWS Well Architected Framework, then give a deep dive on the Reliability pillar, which is one of the 5 core pillars that should underpin your AWS architecture.   AWS Well Architected Framework The AWS Well Architected Framework is a series of best practise principles, […]

View Post

9 Announcements from the Werner Vogels Keynote at AWS re:Invent 2021

Today it was the turn of AWS CTO Dr. Werner Vogels to deliver his re:Invent keynote.  A slightly more sober warm up act today with the Cattus quartet playing strings covers of modern hits. In his opening movie, Road to re:Invent, Werner recapped the last 10 years of re:Invent announcements. Dressed in a Stranglers t-shirt, […]

View Post
ebook featured image

5 Steps to a Successful

AWS Migration

DOWNLOAD FREE EBOOK