π‘Β Only covering stuff that wasn't covered in SAA-C03
ECS
Ref: https://www.udemy.com/course/aws-certified-machine-learning-engineer-associate-mla-c01/learn/lecture/45356913
- If launching ECS with EC2 mode, each EC2 instance will be running an ECS Agent to register the ECS cluster
- IAM Roles
- EC2 Instance Profile (Only for ECS-EC2 mode)
- Role assumed by the ECS Agent inside the EC2 instance
- Needs permissions to: make API calls to ECS, send container logs to CWLogs, pull images from ECR, reference sensitive data in Secrets Manager/SSM Parameter Store
- ECS Task Roles
- Role assumed by a task
- Must grant permissions that task needs
- Defined in task definition
- Diagram
- ELB integrations
- ALB: use for most cases
- NLB: use only for high throughput/performance, or to pair with AWS Private Link
- CLB: NOT recommended (no advanced features, no Fargate support)
- Data Volumes β EFS support for both EC2 & Fargate
- EFS allows sharing data cross-AZ between tasks β persistent multi-AZ shared storage for containers
- Fargate + EFS β ultimate serverless combo
- CloudWatch Container Insights β container logs and metrics (for both ECS and EKS)
EKS
Ref: https://www.udemy.com/course/aws-certified-machine-learning-engineer-associate-mla-c01/learn/lecture/45356923
- Data Volumes β need to specify
StorageClass manifest in EKS cluster
- Leverages a Container Storage Interface (CSI) compliant driver
- Support for: EBS, EFS (works with Fargate), FSx for Lustre & FSx for NetApp ONTAP
AWS Batch
Ref: https://www.udemy.com/course/aws-certified-machine-learning-engineer-associate-mla-c01/learn/lecture/46732159