This is a summary of the differences, Pros and Cons between AWS App Runner and ECS Fargate. This article is current as of Beginning of July 2023.
Assumptions
The following Pros and Cons are described based on AWS App Runner features.
The Pros of App Runner are those not found in ECS Fargate, and the Cons of App Runner are those found in ECS Fargate.
Pros of AWS App Runner
- Simplified CI/CD
- (1) Easy CI/CD execution through integration with GitHub.
-
Automatic deployment triggered by code push.
- No Dockerfile required.
- Supported languages (runtime)
- Python 3
- Node.js 12/14/16
- Java (Corretto 8, Corretto 11)
- PHP 8.1
- Go 1.18
- Net 6
- Ruby 3.1
- Monorepos also available
-
Automatic deployment triggered by code push.
- (2) Easy CI/CD with ECR integration
- Automatic deployment triggered by image push.
- Dockerfile is required, but can be used with languages other than the above
- Automatic deployment triggered by image push.
- (1) Easy CI/CD execution through integration with GitHub.
-
Hiding VPC and ELB resources
- Allows provisioning of apps without creating VPCs or ELBs
- Access to existing VPC resources is also possible (VPC Connector)
- Automatic Creation of Log Groups
- The following three types of logs are automatically created
- Application log
- Deployment log
- Event log
- The following three types of logs are automatically created
- Security Group Hiding
- For ECS, ELB
- Simplified AutoScaling policy
- No need for CloudWatch Alarm like with ECS Fargate
- But separate configuration is required (items are slightly different from ECS)
- SSL Certificate Issuance
- No need to configure and manage in ACM
- But the same steps need to be done
-
No vCPU fees when not processing requests (i.e., inactive).
- Provisioned container instances
- Charged per memory (GB)
- Container instances that are active (requests are being processed)
- Per memory (GB) + per vCPU
- vCPU fee = 9x memory fee (Tokyo Region)
- see doc
- Provisioned container instances
Cons of AWS App Runner
Supported
-
AWS WAF cannot be attached- Feb. 24, 2023: AWS WAF supported!!
-
Cannot handle secret environment variables!- Jan. 06, 2023: Getting secrets from AWS Secrets Manager and AWS Systems Manager is now supported!!!
-
ALIAS record not supported in Custom Domain Settings- Aug. 30, 2022: ALIAS record supported!
-
Fewer specs(following CPU, Memory combinations)- Apr. 05, 2023: 11 different spec combinations now!
| vCPU(CPU) | GB(Memory) |
|---|---|
| 0.25 vCPU | 0.5 GB |
| 0.25 vCPU | 1 GB |
| 0.5 vCPU | 1 GB |
| 1 vCPU | 2 GB |
| 1 vCPU | 3 GB |
| 1 vCPU | 4 GB |
| 2 vCPU | 4 GB |
| 2 vCPU | 6 GB |
| 4 vCPU | 8 GB |
| 4 vCPU | 10 GB |
| 4 vCPU | 12 GB |
-
AutoScalingConfiguration is not yet supported by CloudFormation!- Jun. 22, 2023: CloudFormation for AutoScalingConfiguration is now supported!
Not supported
- Arm (Graviton) image not supported
- Cannot attach a security group to control inbound to App Runner.
- Currently, the security group attached to App Runner is used for outbound.
- The only scaling criterion is number of concurrent runs.
- Scaling by other metrics is currently not possible.
- AutoScaling minimum cannot be set to 0
- However, if there is no access, the number of active instances is treated as 0 and there is no vCPU charge.
- Memory charges are incurred for both active and provisioned instances
- It is not possible to know how many units are up and running (difficult to tell)
- Periods of time when no accesses are coming in, the Active Instances metric is 0, so
- Most of the charges (vCPU charges) are incurred due to Active Instances (not if 0), so there is a place where you don't have to know strictly compared to Fargate
- Auto-deploy with ECR integration requires actually fixed latest tag operation
- Auto-deployment requires a fixed tag to trigger a push of a specific image tag
- Tags cannot be immutable.
- ECR has immutable tag feature.
- Cannot generate access logs.
- Logs like ELB access logs.
- I voted for it because I really wanted it.
- Cannot incorporate Sidecar Containers
- Can't get ECS Container Insights level metrics
- Can't do ECS Exec
- Custom domains are not supported by CloudFormation
- Requires CLI or custom resources
- EFS not supported
- Windows Containers not supported
To remain the same in either
- Source code or Dockerfile (for ECR integration) management
- Need to specify specs
- CPU
- Memory
- AutoScaling rule definition
- Minimum number of units
- Maximum number of units
- Scale-out threshold
- For App Runner, number of concurrent connections (default: 100)
- Health check rule definition
- IAM role management
- App Runner is a little easier
- No need for policies to CloudWatch Logs, etc.
- App Runner is a little easier
- Manage ports and environment variables
- You don't have to do it
Finally
App Runner is the most promising service available today!
Top comments (4)
Awesome article! I keep the same mental note in my mind.
Do you plan to keep the article up to date with the service changes?
PS. At this point, I view AWS Apprunner as a crippled brother of GCP CloudRun.
Thanks!!
Yes, I will add as much as I can.
The same article is written in Japanese and added each time a feature is updated.
So I think it is possible in this article (DEV).
go-to-k.hatenablog.com/entry/2022/...
Thanks for your article. did you check what's the price difference between AppRunner and ECS Fargate ?
Thanks for comments!
Yes, App Runner is about 1.5 to 2 times more expensive than ECS Fargate. However, App Runner is cheaper for some use cases because it does not charge vCPU fees while there are no requests.
Also, ECS Fargate has real ELB fees, etc., so App Runner is not that expensive when those fees are taken into account.