ECS vs. Fargate: What's the difference?
When discussing options to run Docker on AWS, I’m often asked about the differences between ECS and EKS or Kubernets. However, lately, a new question arises: What’s the difference between ECS and AWS Fargate? In this blog post, you get the answer. You also learn about the advantages and disadvantages of both options.
To understand the difference, let’s divide the ECS service into two responsibilities:
- Managing the lifecycle and placement of tasks
- Running containers
First, ECS is responsible for managing the lifecycle and placement of tasks. A task is usually made of one or two containers that work together, e.g., an nginx container with a php-fpm container. You can ask ECS to start or stop a task, and it stores your intent. However, ECS does not run or execute your container. ECS only provides the control plane to manage tasks. So, who runs the containers?
To run containers, you have two options. You can use ECS container instances, or you can use Fargate. Both options work together with ECS. The following figure demonstrates the difference.
An ECS container instance is nothing more than an EC2 instance that runs the ECS Container Agent. The EC2 instance is owned and managed by you. The instance appears in the list of EC2 instances like any other EC2 instance. The ECS Container Agent regularly polls the ECS API if new containers need to be started or stopped. Usually, you run a cluster of container instances in an auto-scaling group. ECS is free of charge. You only pay for the EC2 instances. The downside is that you have to scale, monitor, patch, and secure the EC2 instances yourself. Especially the scaling is not easy because:
- There is no obvious metric to scale the cluster and no integration to scale when the task placement fails because of insufficient capacity.
- The auto-scaling group and ECS are not aware of each other which makes task deployments very hard during cluster scale in or rolling updates via CloudFormation.
- You have to scale down without killing running tasks which is an even more significant challenge for long lived tasks.
AWS Fargate manages the task execution. No EC2 instances to manage anymore. You pay for running tasks. That’s it. As easy as it sounds.
Each task that runs in Fargate comes with a dedicated Elastic Network Interface (ENI) with a private IP address. All containers of the same task can communicate with each other via localhost. Inbound and outbound task communication goes through the ENI. A public IP address can be enabled as well.
|ECS container instance||Fargate|
|Pricing||per running EC2 instance||per running task|
|EFS integration||hacky but possible 1 2 3||no|
|EBS integration||hacky but possible 1||no|
|Networking options||multiple||ENI per task|
ECS or Fargate is not the correct question to ask. The question is whether to use container instances or Fargate. ECS is involved in both cases.
Fargate for EKS was announced but not shipped so far. What ECS calls a container instance is known as a worker node in Kubernetes/EKS.
We learned it the hard way. Scaling container instances is a challenge. That’s why we recommend using Fargate. Fargate is much easier to operate. Use it if possible (see networking, EFS, and EBS limitations).
PS: We are working on Rapid Docker on AWS. It’s a rapid way to get your containerized web application up and running on AWS. Made for DevOps engineers and web developers who want to dockerize their web applications and run the Docker containers on Amazon Web Services (AWS). Prior knowledge of Docker and AWS is not required. Check it out!