Optimize costs for AWS Fargate tasks on Amazon ECS
Overview
Right sizing AWS Fargate tasks is an important step for cost optimization. Too
often, applications are built with arbitrary sizing for Fargate tasks and never
revisited. This can cause overprovisioning of Fargate tasks and unnecessary
spending. This section shows you how to use AWS Compute Optimizer
Cost benefits
Right sizing Amazon ECS tasks on Fargate can reduce costs by 30–70 percent for long running tasks. Without reviewing application performance metrics to right size your task size, you can apply the same mindset used on EC2 compute instances to container sizing. This leads to oversized Fargate tasks that increase costs for idle resources. You can use Compute Optimizer to surface the right sizing opportunities reactively. Ideally, the application owner reviews the specific application performance metrics and removes the operating system overhead to ensure the proper task size is specified. For more information, see the Move Windows applications to containers section of this guide.
Cost optimization recommendations
This section offers recommendations for using Compute Optimizer to right size your Amazon ECS on Fargate tasks.
As part of the cost-optimization process, we recommend that you do the following:
-
Enable Compute Optimizer
-
Consume Compute Optimizer results
-
Tag tasks to be right sized
-
Enable the cost allocation tag to work with AWS billing tools
-
Implement right sizing recommendations
-
Review before and after costs in Cost Explorer
Enable Compute Optimizer
You can enable AWS Compute Optimizer at the organization or single account level in AWS Organizations. The organization-wide configuration provides ongoing reports for new and existing instances across your entire fleet for all member accounts. This enables right sizing to be a recurring activity instead of a point-in-time activity.
Organization level
For most organizations, the most efficient way to use Compute Optimizer is at the organization level. This provides multi-account and multi-Region visibility into your organization and centralizes the data into one source for review. To enable this at the organization level, do the following:
-
Sign in to your AWS Organizations management account with a role that has the required permissions and choose to opt in for all accounts within this organization. Your organization must have all features enabled.
-
After you enable the management account, you can sign in to the account, see all other member accounts, and browse their recommendations.
Note
It's a best practice to configure a delegated administrator account for Compute Optimizer. This enables you to exercise the principle of least privilege, minimizing access to the AWS Organizations management account while still providing access to the organization-wide service.
Single account level
If you're targeting an account with high costs but don't have access to AWS Organizations, you can still enable Compute Optimizer for that account and Region. To learn about the opt-in process, see Getting started with AWS Compute Optimizer.
Note
The recommendations are refreshed daily and they can take up to 12 hours to generate. Keep in mind that Compute Optimizer requires 24 hours of metrics in the past 14 days to generate recommendations for Amazon ECS on Fargate. For more information, see Requirements for Amazon ECS services on Fargate in the Compute Optimizer documentation.
Compute Optimizer automatically analyzes the following Amazon CloudWatch and Amazon ECS utilization metrics for your Amazon ECS services on Fargate:
-
CPUUtilization
– The percentage of CPU capacity that's used in the service. -
MemoryUtilization
– The percentage of memory that's used in the service.
Consume Compute Optimizer results
Consider an example that focuses on making right sizing changes within a single account and single Region. In this example, Compute Optimizer is enabled at the organization level across all accounts. Keep in mind that right sizing is a disruptive process that in most cases is carried out with precision by the application owners during a scheduled maintenance window over several weeks.
If you navigate to Compute Optimizer from within an organization's management account (as
shown in the following steps), you can choose the account that you want to
investigate. In this example, one task is running in a single account that's
overprovisioned in us-east-1
. The focus is on resizing to the
recommended size for the Amazon ECS service.
-
Open the Compute Optimizer console
. -
On the Dashboard page, filter by Findings=Over-provisioned to see all the Amazon ECS services on Fargate.
-
To review detailed recommendations for Over-provisioned ECS services on Fargate, scroll down and then choose View recommendations.
-
Choose Export and save the file for future use.
Note
To save recommendations for future review, you must have an S3 bucket available for Compute Optimizer to write to in each Region. For more information, see Amazon S3 bucket policy for AWS Compute Optimizer in the Compute Optimizer documentation.
To see recommendations from Compute Optimizer, do the following:
-
In the Compute Optimizer console
, go the Export recommendations page. -
For S3 bucket destination, choose your S3 bucket.
-
In the Export filters section, for Resource type, choose ECS services on Fargate.
-
On the Recommendations for ECS services on Fargate page, drill into one of the ECS services on Fargate and see the CPU and memory recommendations from Compute Optimizer. For example, review the recommendations in the Compare current settings with recommend task size and Compare current settings with recommended container size sections.
To get the list of ECS services for Fargate that you need to right size, do the following:
-
Open the Amazon S3 console
. -
In the navigation pane, choose Buckets, and then choose the bucket where you exported your results.
-
On the Objects tab, select your object and choose Download.
-
In your downloaded results, filter the finding column to show only OVER_PROVISIONED Amazon ECS services on Fargate. This shows the Amazon ECS services that you plan to target for right sizing.
-
Store the task definitions in a text editor for use later.
Right sizing tag tasks
Tagging your workloads is a powerful tool for organizing your resources in
AWS. You can use tags to gain fine-grain visibility into costs and enable
chargeback. There are many methods and strategies for adding tags to AWS
resources to handle chargeback and automation. For more information, see the
AWS Whitepaper Best Practices for Tagging AWS Resources. The following example
uses AWS CloudShell
#!/bin/bash # Set variables TAG_KEY="rightsizing" TAG_VALUE="enabled" # Get a list of ECS Clusters ClustersArns=$( w secs list-clusters –query 'clusterArns' –output text) for ClustersArn in $ClustersArns; do ServiceArns=$( w secs list-services –cluster $ClustersArn –query 'serviceArns' –output text) for ServiceArn in $ServiceArns; do TasksArns=$( w secs list-tasks –cluster $ClustersArn –service-name $ServiceArn –query 'taskArns' –output text) for TasksArn in $TasksArns; do w secs tag-resource –resource-arn $TasksArn –tags key=$TAG_KEY,value=$TAG_VALUE done done done
The following code example shows how to enable tag propagation to all Amazon ECS services.
#!/bin/bash # Set variables TAG_KEY="rightsizing" TAG_VALUE="enabled" # Get a list of ECS Clusters ClustersArns=$(aws ecs list-clusters --query 'clusterArns' --output text) for ClustersArn in $ClustersArns; do ServiceArns=$(aws ecs list-services --cluster $ClustersArn --query 'serviceArns' --output text) for ServiceArn in $ServiceArns; do aws ecs update-service --cluster $ClustersArn --service $ServiceArn --propagate-tags SERVICE &>/dev/null aws ecs tag-resource --resource-arn $ServiceArn --tags key=$TAG_KEY,value=$TAG_VALUE done done
Enable the cost allocation tag to work with AWS billing tools
We recommend activating the user-defined cost allocation tag. This enables the Rightsizing tag to be recognized and filterable in the AWS billing tools (for example, AWS Cost Explorer and AWS Cost and Usage Report). If you don't enable this, the tag filtering option and data won't be available. For information about using cost allocation tags, see Activating user-defined cost allocation tags in the AWS Billing and Cost Management documentation.
After waiting for 24 hours, you can see the tag in Cost Explorer before implementing right sizing recommendations in the next section. To do this, search for the Rightsizing tag in Cost Explorer.
Implement right sizing recommendations
Compute Optimizer will provide either task or container size recommendations. To implement right sizing recommendations, do the following.
-
Open the Amazon ECS console
. -
From the navigation bar, choose the Region that contains your task definition.
-
In the navigation pane, choose Task definitions.
-
On the Task definitions page, choose the task, and then choose Create new revision.
-
On the Create new task definition revision page, make changes. To update the container size recommendation, update
cpu
andmemory
under the containerDefinitions block in your ECS task definition. For example:"containerDefinitions": [ { "name": "your-container-name", "image": "your-image", "cpu": 1024, "memory": 2048, } ],
-
Verify the information, and then choose Create.
To update the Amazon ECS service, do the following:
-
Open the Amazon ECS console
. -
On the Clusters page, select the cluster.
-
On the Cluster overview page, select the service, and then choose Update.
-
For Task definition, choose the task definition family and revision to use.
For advanced operators, you could use CloudShell to update the Amazon ECS service. For example:
bash #!/bin/bash # Set variables ClustersName="workshop-cluster" ServiceName="lab7-fargate-service" TaskDefinition="lab7-fargate-demo:3" # update the service aws ecs update-service --cluster $ClustersName --service $ServiceName --task-definition $TaskDefinition
Review before and after costs
After you have right sized your resources, you can use Cost Explorer to show before and after costs by using the Rightsizing tag. Recall that you can use resource tags to track costs. By using several layers of tags, you can achieve granular visibility into your costs. In the example covered in this guide, the Rightsizing tag is used to apply a generic tag to all targeted instances. Then, a team tag is used to further organize resources. The next step is to introduce application tags to further show the cost impact for operating a specific application.
Consider an example of the cost reduction that can be achieved by using the Rightsizing tag for a single account level. In this example, operating costs go from $30.26 per day to $7.56 per day. Assuming 744 hours per month, the annual cost before right sizing is $11,044.9. After right sizing, the annual cost drops to $2,759.4. This translates to a 75 percent decrease in compute costs for this account. Imagine the impact of this across a large organization.
Before embarking on your right sizing journey, consider the following:
-
AWS offers many options for cost reduction. This includes AWS OLA
, where AWS reviews your on-premises instances prior to moving to AWS. The AWS OLA also provides you with right-sizing recommendations and licensing guidance. -
Complete all of your right sizing before purchasing Savings Plans
. This can help you avoid over purchases on your Savings Plans commitment.
Next steps
We recommend the following next steps:
-
Review your existing landscape and consider converting Amazon EBS gp2 volumes to gp3 volumes.
-
Review Savings Plans
.
Additional resources
-
Getting started with Compute Optimizer
(AWS documentation) -
Best Practices for Tagging AWS Resources (AWS Whitepapers)
-
Windows Containers on AWS
(AWS Workshop Studio)