ECS Core Concepts
- Cluster → Service → Task (running instance of task definition)
- Launch types: Fargate (serverless) or EC2 (self-managed)
- Task definition: container definitions, CPU/memory, IAM roles, networking
- Task role (application permissions) vs execution role (pull image, logs)
ECS Deployments
- Rolling update: minimum healthy percent + maximum percent
- Blue/green (CodeDeploy): new task set, traffic shift, original terminated
- Circuit breaker: auto-rollback on repeated task failures
- Capacity providers: Fargate, Fargate Spot, or EC2 ASG
ECR
- Private registry per account per region
- Image scanning: on-push or continuous (Enhanced with Inspector)
- Lifecycle policies: expire old/untagged images automatically
- Cross-account and cross-region replication
EKS & Fargate
- Managed Kubernetes control plane with auto-upgrades
- Node groups: managed, self-managed, or Fargate profiles
- IRSA: IAM Roles for Service Accounts (pod-level permissions)
- EKS Anywhere: on-premises Kubernetes with EKS tooling
Practice Containers Questions
Put your knowledge to the test with practice questions.