Real-time Container Monitoring Best Practices

Real-time Container Monitoring Best Practices Presented by AWS & Datadog

Today’s Speakers Daniel Maher Developer Advocate Datadog Igor Alekseev Data & Analytics Partner AWS

Agenda – Introduction & Session Overview – Containers at AWS – Real-world Containers Best Practices & Use Cases – What’s Next? – Audience Q&A

Poll Question What container runtime are you currently using? – Docker – Containerd – CRI-O – Other

What customers ask for Build applications, not infrastructure © 2022 Amazon Web Services, Inc. or its Affiliates. Manage infrastructure to their requirements Scale quickly and seamlessly Security and isolation by design

Applications Shared services platform Enterprise app migration Machine learning Mobile & web applications CI/CD .NET Classic Windows apps Autonomous vehicle Back-end web services IaaS Linux apps Recommendation engines IoT Management, security, & governance Third-party applications Fraud detection Data processing Logging & monitoring © 2020, 2022, Amazon Web Services, Inc. or its Affiliates. Chatbots

Compute operational models Least AWS Lambda Serverless functions AWS manages Customer manages Data source integrations Application code Physical hardware, software, networking, and facilities Provisioning Application code What you manage Container orchestration, provisioning AWS Fargate Cluster scaling Data source integrations Serverless containers Physical hardware, host OS/kernel, networking, and facilities Security config and updates Network config Management tasks Application code Amazon ECS/EKS Container-management -as-a-service Container orchestration control plane Physical hardware software, networking, and facilities Data source integrations Work clusters Security config and updates, network config, firewall, management tasks Application code Amazon EC2 Infrastructure-as-a-Service Most © 2022 Amazon Web Services, Inc. or its Affiliates. Physical hardware software, networking, and facilities Data source integrations Scaling Security config and updates Network config Management tasks Provisioning, managing scaling and patching of servers

Poll Question Are you using or have aspirations to have aspirations to use AWS serverless technologies such as Fargate or Lambda? - Yes - No - Not yet, but we are planning to implement © 2022 Amazon Web Services, Inc. or its Affiliates.

The containers stack on AWS CONTAINERS CONTAINER SERVICE MANAGED KUBERNETES STORE & RETRIEVE DOCKER IMAGES COMPUTE AUTO SCALING HYBRID ARCHITECTURE AWS-SERVICES ON-PREMISES ACCESS CONTROL DATA INTEGRATION APPLICATION LIFECYCLE MANAGEMENT ASSESSMENT & REPORTING INTEGRATED DEVICES & EDGE SYSTEMS AUTHORING CONFIGURATION COMPLIANCE INTEGRATED IDENTITY & ACCESS BUILD & TEST DATA PROTECTION INTEGRATED NETWORKING CONTAINERS DDOS PROTECTION INTEGRATED RESOURCE & DEPLOYMENT MANAGEMENT DEVOPS RESOURCE MANAGEMENT IDENTITY MANAGEMENT VMWARE CLOUD ON AWS ONE CLICK APP DEVELOPMENT KEY MANAGEMENT & STORAGE PATCHING MONITORING & LODGING PIPELINE ORCHESTRATION RESOURCE MANAGEMENT RESOURCE TEMPLATES THREAT DETECTION TRIGGERS BATCH JOBS EVENT-DRIVEN SERVERLESS COMPUTING INFRASTRUCTURE INSTANCE TYPES AVAILABILITY ZONES MANAGED REPOSITORY FOR SERVERLESS APPS CUSTOM HARDWARE RUN & MANAGE WEB APPS DATA CENTER INFRASTRUCTURE SERVERLESS COMPUTE POINT OF PRESENCE ISOLATED COMPUTE ENVIRONMENTS (FOR NITRO ENCLAVES) ANALYSE & DEBUG WEB APPLICATION FIREWALL MANAGED VIRTUAL PRIVATE SERVERS VIRTUAL SERVERS GLOBAL NETWORK BACKBONE THREAT DETECTION & INVESTIGATION FOR AMAZON DETECTIVE AUTOMATED SECURITY POSTURE CHECKS FOR AWS SECURITY HUB DEVELOPMENT FRAMEWORK REGIONS STORAGE APPLICATION DELIVERY ARCHIVE STORAGE DEDICATED NETWORK CONNECTION BACKUP & RESTORE DOMAIN NAMING SERVICE BLOCK STORAGE LOAD BALANCING DATA TRANSFER MONITOR APIS EDGE PROCESSING & COMPUTING MONITOR MICROSERVICES FILE STORAGE NETWORK TOPOLOGY HIGH PERFORMANCE FILE SYSTEM NETWORKING HUG HYBRID CLOUD STORAGE PRIVATE CONNECTION TO APPS OBJECT STORAGE SCALE VPS & ACCOUNT CONNECTIONS WINDOWS FILE SYSTEM © SERVICE 2022 Amazon Web Services, Inc. or its Affiliates. DISCOVERY VIRTUAL PRIVATE CLOUD MOBILE API GATEWAY POWER INFRASTRUCTURE IDENTITY MANAGEMENT & GOVERNANCE NETWORKING & CONTENT DELIVERY DEV TOOLS SECURITY, IDENTITY, & COMPLIANCE MOBILE ANALYTICS MOBILE APP TESTING ACTIVITY & API USAGE TRACKING SINGLE INTEGRATED CONSOLE CHATBOT SYNC CONFIGURATION TRACKING TARGETED PUSH NOTIFICATIONS GOVERNANCE INVENTORY TRACKING LICENSE MANAGER MANAGE POLICIES MANAGE RESOURCES MONITORING PROVISIONING RESOURCE TEMPLATES SECURITY RECOMMENDATIONS SERVER MANAGEMENT SERVICE CATALOG SYSTEM MANAGER APPLICATION INTEGRATION EMAIL MESSAGE BROKER QUEUING & NOTIFICATIONS SEARCH TRANSCODING WORKFLOW

AWS has the richest container portfolio anywhere APPLICATION NETWORKING Service discovery and service mesh MANAGEMENT Deployment, scheduling, scaling, and management of containerized applications HOSTING Where the containers run IMAGE REGISTRY Container image repository © 2022, Amazon Web Services, Inc. or its Affiliates. AWS Cloud Map AWS App Mesh Amazon Elastic Container Service (Amazon ECS) Amazon Elastic Kubernetes Service (Amazon EKS) Amazon Elastic Compute Cloud (Amazon EC2) AWS Fargate Amazon Elastic Container Registry (Amazon ECR) Red Hat OpenShift Service for AWS (ROSA)

Powerful simplicity AWS-opinionated way to run containers at scale Reduce decisions without sacrificing scale or features ECS © 2022, Amazon Web Services, Inc. or its Affiliates. Reduce time to build, deploy, and migrate applications

Open flexibility Gain agility and efficiency with AWS-optimized Kubernetes, and standardize operations everywhere Secure, highly available, with observability across all Kubernetes deployments EKS © 2022, Amazon Web Services, Inc. or its Affiliates. Build with choice of solutions from the broader community around Kubernetes

Opinionated container platform Leverage integrated tools and services for developers and operators Transfer OpenShift skills and processes from on-prem environments ROSA © 2022, Amazon Web Services, Inc. or its Affiliates. Simplify management, support and billing of OpenShift environments

Customers usually mix and match Team GitHub Jenkins ECR Flux CloudWatch ALB, NLB, NGINX, Traefik AWS App Mesh EKS Fargate © 2022, Amazon Web Services, Inc. or its Affiliates. OR ECS EC2 CloudFormation Application User

AWS App Runner Fully managed service for web applications AWS App Runner Web application Serverless Platform Backend server provides a highly abstracted and simple managed experience for running web applications and API hosting services © 2022 Amazon Web Services, Inc. or its Affiliates. • https://www.datadoghq.com/blog/aws-app-runner-monitoring

Run your containers anywhere based on your workload needs Serverless EC2 options AWS Fargate Amazon EC2 Spot instance © 2022 Amazon Web Services, Inc. or its Affiliates. Edge and 5G AWS Local Zones AWS Wavelength On-premises AWS Outposts ECS EKS Anywhere Anywhere

Containers are worth looking at

Containers monitoring is not magic

Kubernetes is sort of magic though…

10 Trends in Real World Containers https://datadoghq.com/container-report/

EKS had a 20% increase in adoption among AWS orgs

Stateful workloads, containers, and you

Images: the hot top ten!

Images: the hot top ten (DJ k8s remix!)

Docker is champ, but new challengers are rising…

How it started vs. how it’s going

It’s Speculation Time! – Edge computing (containers on the edge) – Increased importance of orchestration / mesh technology – Docker for dev, containerd (or other) for prod? – Moving towards higher levels of abstraction – Containers as a packaging and dependency mechanism

Q&A

Thank You

Real-time Container Monitoring Best Practices

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34