Module 2: AWS App Runner Fundamentals
In this module, you will:
- Learn the fundamentals of AWS App Runner, including its benefits, use cases, features, and pricing model.
- Understand where to find documentation and other resources.
- Get acquainted with AWS App Runner in the AWS management console and learn how to create, manage, and delete a service.
AWS App Runner is a fully managed service that makes it easy for developers to quickly deploy containerized web applications and APIs, at scale and with no prior infrastructure experience required. Start with your source code or a container image. App Runner builds and deploys your web application automatically, load balances traffic with encryption, scales to meet your traffic needs, and makes it easy for your services to communicate with other AWS services and applications that run in a private Amazon VPC. With App Runner, rather than thinking about servers or scaling, you have more time to focus on your applications.
Introduction to AWS App Runner
Easy to use
You can build and run secure web-scale application in just a few clicks with AWS App Runner. You don’t need experience with containers, infrastructure, server configuration, networking, load balancing, or deployment pipelines.
Scales with Traffic
App Runner seamless scales up and down resources in response to web traffic. You can configure a minimum number of container instances to eliminate cold starts and ensure low latency.
You won’t need to spend time allocating, configuring, or managing resources and infrastructure with App Runner. Resources and infrastructure components are fully managed by AWS, and benefit from security and operational best practices. You can stay completely focused on your application
Ensure a compliant environment
Your App Runner application can connect to AWS services, such as database, cache, and message queue services, through Amazon VPC. No public subnets are required, helping you protect your resources.
Front-end and Back-end Web Applications
You can host websites, web services, and APIs in App Runner.
Microservices and APIs
You can run thousands of microservices simultaneously on App Runner. This gives you loose-coupling and each microservice can scale independently.
App Runner leverages AWS best practices and technologies for deploying and running your containers at scale. This reduces your time-to-market for new applications and features.
App Runner services can communicate with other AWS services running in a private Amazon Virtual Private Cloud (VPC) via a VPC Connectors. This enables you to add support for other services under the control of an Amazon VPC.
App Runner automatically scales container instances up or down to meet traffic, with the constraints you configure.
App Runner can automatically build and deploy your application when it changes. You can connect App Runner to your code repository, or to a container image registry such as ECR.
App Runner includes Transport Layer Security (TLS) automatically. There is no setup required, and certificates are automatically renewed.
You can control costs by easily pausing or resuming applications through the AWS management console, AWS CLI, or AWS SDK.
App Runner load balances traffic automatically, providing reliability and high availability.
Logs and Metrics
To enable monitoring and optimization of your containerized applications, App Runner provides detailed build, deployment, and runtime logs. A full set of compute metrics is also provided through built-in integration to Amazon CloudWatch.
AWS App Runner is not available in all AWS regions. You can find the currently supported regions on the AWS App Runner endpoints and quotas page.
One container per service
In App Runner, a service is associated with one container, and one container only. You can run multiple instances of that container in accordance with traffic, but there’s no way to compose a service from multiple containers, the way you can with ECS or EKS.
By default, you can create a maximum of 10 auto scaling configurations, 10 connections to third-party resources, 10 observability configurations, 10 services, and 10 VPC connectors per region. All of these quotas are adjustable. You can request a service quota increase using the AWS Service Quotes and AWS Support Center.
Once you deploy an application, you are charged for the memory provisioned in each container instance. By keeping memory provisioned even where there is no traffic, App Runner ensures it can respond to the next request with low latency.
At the time of this writing, provisioned container instances cost $0.007/GB-hour in US and European regions.
Pricing example: Imagine you have deployed a provisioned container instance that requires 2GB of memory, and as yet no traffic. That one 2GB provisioned container instance costs 1 x 2GB x $0.007 = $0.34 per day.
Active Container Instances
When your application is processing requests, your charges switch from provisioned container instances to active container instances. Active container instances charge you for compute resources and any memory beyond what is covered by provisioned container instances.
Active container instances are charged at the rate of $0.064/vCPU-hour. Container instance charges are billed per second, with a one-minute minimum for vCPU resources once a provisioned container instance starts processing requests.
If you opt-in to automatic deployments, source code changes to a deployment branch build container images and trigger a deployment. Automatic deployments are billed at $1/per application per month.
You pay a build fee when App Runner builds your application from source code. The rate is $0.005/build-minute.
Pricing example 1: App Testing
You are testing your application for 2 hours each day. While active, your app gets 2 requests per second for a 2-hour period. Your app requires 2GB of memory per container instance. You pause the service for 22 hours of each day.
Your daily provisioned container instance fee is 2 hrs x 1 provisioned container instance x (2 GB x $0.007 GB-hour), or $0.03. You are only charged 2 hours per day because you are pausing the app for the other 22 hours of each day.
Your daily active container instance fee is 2 hrs x 1 active container instance x [(1 vCPU x $0.064 vCPU-hour)] – 2 hrs x 1 provisioned container instance x (2 GB x $0.007) = $0.13. Your total daily cost is $0.16, or $4.80/month.
Pricing example 2: Lightweight API
You have deployed a lightweight latency-sensitive web API to 1 provisioned container instance with 2GB of memory. Each day, you receive 80 sporadic requests during an 8-hour period.
App Runner maintains the provisioned container instance (memory) 24 hours/day, charged at 2GB x $0.007 GB-hour, or $0.34/day.
App Runners scales to 1 active container instance for 8 hours a day when requests are coming in. Active container instances are charged for compute and memory, minus the provisioned container instance memory charges. The formula is below, and comes out to $0.51/day.
8 hrs × 1 active container instance × [(1 vCPU × $0.064 vCPU-hour) + (2 GB × $0.007 GB-hour)] - 8 hrs x 1 provisioned container instance x (2 GB × $0.007 GB-hour) = $0.51
Total daily charges are $0.51 (active container instances) + $0.34 (provisioned container instances) = $0.85, or $25.50/month.
Pricing example 3: High-Volume Production
You have a web application in production. Each container instance requires 2GB of memory and can process 80 requests/second. The site is busy during the day with requests that peak at 800 requests/second for 3 hours. During 12 non-peak hours, there are 60 requests/second. App Runner scales the app to 10 active container instances for peak hours, and down to 1 active container instance for non-peak hours. Provisioned container instance memory is charged 24 hours each day.
The provisioned container instance (memory) is charged 24 hours/day at 2GB x $0.007 GB-hour, or $0.34/day.
During peak hours, 10 active container instances are needed to serve 800 requests/second for 3 hours. That’s 10 active container instances × 3 hrs × [(1 vCPU × $0.064 vCPU-hour) + (2 GB x $0.007 GB-hour)] - 1 provisioned container instance x 3 hrs x (2 GB x $0.007 GB-hour) = $2.30.
During non-peak (12 hours), 1 active container instance handles the 60 requests/second. That’s 12 hrs × 1 active container instance × [(1 vCPU × $0.064 vCPU-hour) + (2 GB x $0.007 GB-hour)] - 12 hrs × 1 provisioned container instance x (2 GB x $0.007 GB-hour) = $0.77.
Putting that all together, $2.30 (peak active container instances) + $0.77 (non-peak active container instances) + $0.45 (daily provisioned container instances) = $3.40/day, or $102/month.
In this step, you connect to a container image or your source code and select deployment settings. When you create an App Runner service, you connect it to a source. The source can be a container image or a source code repository (shown below). For a source code repository, such as a GitHub repo, you’ll need to provide connection details.
Even if your application is not containerized, App Runner supports automatically building a container image. When you associate your existing source code repository and optionally provide App Runner with your runtime build and start commands, App Runner automatically containerizes your web application and provides a running web application. Automatic containerization is available for curated App Runner platforms that contain supported runtimes and frameworks.
Reference: AWS App Runner | FAQs
In deployment settings, you can choose to trigger update deployments of your application manually or automatically. If you enable automatic deployment, App Runner will automatically build and deploy your application whenever you update your source code or container image.
2. Configure build and service settings
In this step, you configure your container's vCPU and memory, and select auto scaling and health check options. If you chose to deploy from a source code repository rather than a container registry, you will also configure build settings. Although App Runner will default these settings for you, you’ll want to understand them and know your options for customizing your configuration.
You can choose to configure the settings in the console, or provide a YAML configuration file in your source code repository.
In service settings, you’ll give your service a name and set your container’s CPU and memory size. These settings affect your costs. You can also set any environment variables needed by your application here.
You can configure auto-scaling behavior. The default is just one instance of your container. App Runner can scale your service to more instances when it receives more than 80 concurrent requests. You can configure the maximum number of instances, which gives you cost control.
Health check settings allow you to identify a web path where App Runner can send health check requests. By default, if there are 5 consecutive health check failures, the instance is considered unhealthy and App Runner will replace it. You can configure the number of health checks that must fail before App Runner decides that the service is unhealthy, from 1 to 20.
Security settings allow you to choose an IAM role the instance will use. If your application needs to communicate with other AWS service, you authorize that in the IAM role. These settings also let you optionally provide a customer-managed key (CMK) for encrypting source code.
3.Review and Create
In this step, you review and verify all of your settings. Once you click Create and Deploy, App Runner creates your service and deploys your application.
4. Receive a Secure URL
Lastly, you receive a secure URL of your running production-ready service from AWS App Runner. HTTPS is configured automatically for you.
Finally, you may associate your application with a custom domain if you have one. You’ll be guided through proving you own the domain.
Managing App Runner Services
From the AWS management console, you can create, deploy, configure, monitor, and terminate App Runner services. You navigate to the AWS App Runner console to perform these operations.
Once a service has been created and deployed, you can select a service and view service details in these areas:
In the Service overview section, you see your app's status (such as Running), the default domain URL, the Amazon Resource Name (ARN) of the service, and a "Source" URL. That last one takes you to the container in Amazon Elastic Container Registry (ECR) or your source code repository.
This tab shows your deployment logs and application execution log. App Runner collects your applications output and streams it to CloudWatch Logs. You can include any output you deem useful, such as the detail of requests to a web service.
The Activity tab shows the history of your service. App Runner uses a list of operations to keep track of activity in your App Runner service. An operation represents an asynchronous call to an API action, such as creating a service, updating a configuration, and deploying a service.
The Metrics tab reveals your service metrics, including requests, responses, latency, and number of active instances.
The Configuration tab displays your service configuration details, including number of virtual CPUs and memory, auto-scaling, health check, and security. Click Edit to modify your configuration. If you need to, you can exercise control over the number of virtual CPUs and memory per instance, set environment variables, customize auto-scaling, configure health checks, use a custom IAM role, or use a custom encryption key.
Monitoring and Logging
Monitoring your App Runner application is essential for maintaining reliability, availability, and performance. Collecting monitoring data from all parts of your AWS solution makes debugging a failure easier. App Runner collects application logs from your code. It also integrates with several AWS services for monitoring and responding to service incidents.
Amazon CloudWatch Alarms
You can use Amazon CloudWatch Alarms to monitor a service metric and send you a notification if conditions you specify are met. You can watch a service metric over a time period, and set a threshold to receive a notification if the metric exceeds the threshold for a given number of time periods. For example, you could be alerted when CPU utilization exceeds 60%.
App Runner collects the output of your application code and streams it to Amazon CloudWatch Logs. You decide what to log in your application, such as request details to a web service. You can view these logs in the App Runner console. If you use Visual Studio, you can view CloudWatch logs from the IDE if you have the AWS Toolkit for Visual Studio installed.
AWS CloudTrail Action Logs
AWS Deployment Tool for .NET
Connecting to other AWS Services
Documentation and Resources
In this module, you learned the fundamentals of AWS App Runner. In the introduction to the service you reviewed App Runner’s benefits, use cases, features, limitations, and pricing model. You learned about the developer workflow and what you can configure. You learned about managing an App Runner service from the AWS management console and a variety of tools.