ECS allows non-operational team members with no direct access to the underlying host to start their applications. This gives each team ownership of their deployments.
Jon Todd Chief Architect

Okta creates products that use identity information to grant people access to applications on multiple devices at any time, while still enforcing strong security protections. Okta’s products integrate directly with an organization’s existing directory and identity systems, as well as more than 4,000 applications. The company is based in San Francisco, California.

  • Okta has been using an internally developed tool to deploy from development to production, and Docker Compose to create complex applications using Docker containers.
  • The company needed a container-management solution without a steep learning curve, and was looking for something that was simple and easy to introduce to development and engineering teams.
  • Okta evaluated other open-source cluster-management solutions, but was concerned operating these would distract from building and running the company’s apps.
  • Okta started using Amazon EC2 Container Service (Amazon ECS), a highly scalable container-management service that provides cluster management and container orchestration.
  • The Okta engineering team already had a deep understanding of how to set up AWS Identity and Access Management (IAM) permissions and roles, and was easily able to map network policies and IAM policies to the company’s Amazon ECS cluster.
  • Amazon ECS has been an enabler to adopting Docker, providing an abstraction layer between operations and development. Amazon ECS is being used to run automated builds, tests, and microservices applications.
  • Okta found Amazon ECS to be simpler to introduce, manage, and run compared to other solutions, because Amazon ECS comes as a managed service.
  • Amazon ECS reduces microservices operations. The automatic health checks and restart functionality provided by the Amazon ECS scheduler reduce paging alerts, allowing Okta to focus on more strategic projects. Amazon ECS also provides automatic scaling and IAM roles for tasks, allowing for scalable and secure deployments.
  • The company is seeing a reduction in operational costs, as operators no longer need to manually heal down nodes.
  • Amazon ECS has reduced the complexity of deploying containers in AWS. Amazon ECS provides a set of APIs to launch containers on a cluster, allowing non-operational team members with no direct access to the underlying host to start applications. This has led to a much larger number of people doing deployments and has given each team ownership of its deployments.
  • With the Okta’s framework created around Amazon ECS, the time it takes for developers to get new services in production is now measured in days instead of weeks.

Learn more about simplifying container management by visiting the Amazon EC2 Container Service details page