AWS App Runner – Simplifying Containerised Workloads

App Runner has since been updated, please see our update blog after reading below.

Back in November 2019, Google Cloud released their fully managed container service, Cloud Run. This service simplified the deployment and management of containerised web applications, allowing users to quickly deploy applications and let Google Cloud worry about the underlying infrastructure.

Well, Amazon has now released their version of containerised web application managed services, and they’re calling it AWS App Runner. This service promises to allow developers to quickly deploy containerised web applications and APIs, at scale with no prior infrastructure experience required.

What exactly is AWS App Runner?

Containerisation of applications is now one of the primary methods for building, packaging and deploying applications in the cloud. This involves using services such as Docker to package a web application into an image that can be moved from device to environment before being deployed as a container. The beauty of containerisation is the ability to easily share images between environments and have them run and perform consistently (e.g. running a container on a developer laptop and a production-grade server will behave the same) because OS dependencies are packaged into the image.

Traditionally, in order to deploy containers to the cloud with any degree of success an orchestration platform was required to manage the lifecycle of containers (such as Kubernetes, AWS ECS etc.) coupled with underlying infrastructure such as VPC’s, Load Balancers, Ingress & Egress networking etc. This setup requires a significant understanding of the technologies in use as well as experience in design patterns and deployment configurations.

Well – what if you just want to deploy one or two web applications and don’t require a complex setup?

Enter, AWS App Runner! The service designed to meet the needs of developers needing to simply deploy web applications without worrying about the underlying infrastructure.

AWS App Runner - How It Works Diagram

AWS App Runner comes with built-in security best practices, requiring no prior networking, load balancing or server configuration experience. It is able to scale automatically to meet demand and even automatically provisions load balancers complete with TLS certificates.

The primary benefit of AWS App Runner is the ability to rapidly deploy a container using the AWS console and be safe in the knowledge your application is deployed on  a secure architecture.

So let’s take a look at how simple it is…

First, we need an application to deploy, let’s use a sample application hosted on DockerHub – simple-web. This application just simply displays a page showing where a request has come from and where it is going.

AWS App Runner can either host an image uploaded to AWS Elastic Container Registry (ECR) OR it can automatically build your image for you, given access to your source code. For this example, we have downloaded the simple-web image from DockerHub, logged into our ECR, tagged the image for ECR and pushed it to ECR…

docker pull yeasy/simple-web
aws ecr get-login-password –region eu-west-1 | docker login –username AWS –password-stdin <AWS ACCOUNT ID>.dkr.ecr.eu-west-1.amazonaws.com
docker tag yeasy/simple-web:latest <AWS ACCOUNT ID>.dkr.ecr.eu-west-1.amazonaws.com/sample-apps:latest
docker push <AWS ACCOUNT ID>.dkr.ecr.eu-west-1.amazonaws.com/sample-apps:latest

Now when we check our ECR registry we can see the uploaded image…

Let’s head over to AWS App Runner and create our new Service…

Here we have specified our source as a container registry (as previously stated you can point to a code repository and App Runner will automatically provision build servers to build your application – at an extra cost) and browsed to our newly uploaded image. Next, we have set the deployment trigger to manual (setting it to automatic will enable App Runner to deploy your new application automatically each time it’s pushed to ECR) and we’re going to use an existing role I set up earlier. Next, we have to configure our service…

Here we have specified the name, the size of the environment we need for our application (In vCPU and Memory) and specified the container will run on port 80. We have left all of the other configurations to their default settings. Click next, review the configuration and then click ‘create & deploy’.

After a couple of minutes, your service should be reporting a status of ‘running’.

And that’s it! You have a containerised web application deployed on AWS infrastructure complete with load balancing, auto-scaling, managed infrastructure, complete with security best practices, logging & monitoring.

Clicking on the default domain will give you the following page (note in this example we have added our own custom domain)…

Notice that we have a TLS certificate automatically deployed providing secure communication to our website…

Well, that is amazing! Why isn’t everyone using this yet?

What cloud providers do is try and build services for each particular use case, and what AWS App Runner is trying to solve is the problem of quickly hosting containerised web-based applications – and it does this very well. However, this particular service does have its limitations – the primary one being flexibility.

In order to create a service that can rapidly deploy applications and remove the complexity of infrastructure design and management – some assumptions about how your infrastructure should be provisioned have been made. For example, as of today, there is no option to use security groups to limit traffic into the application OR connect to other App Runner services – for this you need a container orchestration platform such as ECS or EKS.

AWS App Runner is competitively priced – AWS claim you can run a development/test application for $5 a month and a high volume production application for $102. Now for the odd standalone application, this seems attractive, but when you start to scale I imagine EKS/ECS pricing will be more appetising when you can start grouping containers together to save costs, use spot technology and AWS Savings Plans.

So in summary, AWS App Runner is an exciting new service that promises to ease the pain of developers wishing to deploy containerised web applications on AWS in rapid time. It offers some security best practices built-in, manages your infrastructure and automatically provisions load balancers with certificates coupled with autoscaling. It’s a great service to deploy small numbers of web applications that don’t require complex setups with minimal integration with existing AWS services. However, if your setup requires more flexibility or deeper integration then ECS or EKS will be better suited.

For more information on AWS App Runner, see the FAQ.

Enterprise and public sector trust Mobilise to securely transform their tech, teams and how they do business.

Say hello to your independence with our project enablement approach.