AWS Container Services — ECS, EKS, ECR

Amazon ECS (Elastic Container Service)

Container Orchestration: Manages Docker containers on a cluster of EC2 instances. ECS handles scheduling, scaling, and lifecycle management without requiring Kubernetes expertise.

Task Definitions: Blueprint describing how to run a Docker container—specifies the image, CPU, memory, environment variables, port mappings, and logging configuration.

Clusters: Logical grouping of EC2 instances where tasks run. You manage the underlying EC2 fleet, or let Fargate handle infrastructure.

Services: Ensure a specified number of tasks run continuously and handle task replacement if they fail. A Service is not a Task—the Service manages the desired state, while a Task is a single running instance of the definition.

Amazon EKS (Elastic Kubernetes Service)

Managed Kubernetes: Simplifies running Kubernetes on AWS without needing to manage the Kubernetes control plane. AWS handles the master node; you focus on worker nodes and pods.

Node Management: Supports both EC2 and Fargate nodes. Use EC2 for full Kubernetes flexibility; use Fargate for serverless pod execution.

Integration: Integrates with AWS services like IAM, CloudWatch, and ALB. Deploy applications using standard Kubernetes manifests and tools.

Amazon Elastic Container Registry (ECR)

Managed Docker Container Registry: Store, manage, and deploy Docker container images in AWS with automatic replication, versioning, and access control.

Integration: Seamlessly integrates with Amazon ECS, EKS, and AWS Lambda. Reference ECR images via IAM role-based access—no credential management in task definitions.

Security: Provides encryption at rest and in transit, IAM roles for access control, and image scanning for vulnerabilities. Scan on push or pull.

Scalability: Automatically scales to meet your storage needs. Registry URLs are region-specific—cross-region replication is not automatic but available via replication rules.