AWS Platform Services (Beanstalk, App Runner)
Chapter 10: AWS Elastic Beanstalk & App Runner
Section titled “Chapter 10: AWS Elastic Beanstalk & App Runner”Simplified Application Deployment Platforms
Section titled “Simplified Application Deployment Platforms”10.1 Overview
Section titled “10.1 Overview”AWS provides platform services that simplify application deployment, reducing the operational overhead of managing infrastructure.
AWS Platform Services+------------------------------------------------------------------+| || +------------------------+ || | Platform Services | || +------------------------+ || | || +---------------------+---------------------+ || | | | || v v v || +----------+ +----------+ +----------+ || | Elastic | | App | | Lightsail| || |Beanstalk | | Runner | | | || | | | | | | || | Full | | Container| | Simple | || | Control | | Native | | VPS/ | || | PaaS | | Serverless| | Containers| || +----------+ +----------+ +----------+ || || Elastic Beanstalk: Traditional apps with full control || App Runner: Modern containerized apps, fully managed || Lightsail: Simple, predictable pricing for small projects || |+------------------------------------------------------------------+10.2 AWS Elastic Beanstalk
Section titled “10.2 AWS Elastic Beanstalk”Architecture Overview
Section titled “Architecture Overview” Elastic Beanstalk Architecture+------------------------------------------------------------------+| || +------------------------+ || | Elastic Beanstalk | || | Application | || +------------------------+ || | || +---------------------+---------------------+ || | | | || v v v || +----------+ +----------+ +----------+ || |Environment| | Versions | | Configs | || +----------+ +----------+ +----------+ || || Environment: Collection of AWS resources || Versions: Deployable application code || Configs: Environment settings and options || |+------------------------------------------------------------------+Environment Tiers
Section titled “Environment Tiers” Elastic Beanstalk Environment Tiers+------------------------------------------------------------------+| || Web Server Environment || +----------------------------------------------------------+ || | | || | Internet | || | | | || | v | || | +----------+ +----------+ +----------+ | || | |Route 53/ | | ALB | | EC2 | | || | |CloudFront|---->|(Load |---->| Instances| | || | +----------+ |Balancer)| +----------+ | || | +----------+ | | || | v | || | +----------+ | || | | RDS | | || | | Database | | || | +----------+ | || | | || | Use Case: Web applications, APIs | || | Scaling: Auto Scaling enabled | || +----------------------------------------------------------+ || || Worker Environment || +----------------------------------------------------------+ || | | || | SQS Queue | || | +----------+ | || | | Messages | | || | +----------+ | || | | | || | v | || | +----------+ +----------+ | || | | Worker | | EC2 | | || | | Daemon |---->| Instances| | || | +----------+ +----------+ | || | | || | Use Case: Background processing, scheduled tasks | || | Scaling: Based on queue depth | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+Supported Platforms
Section titled “Supported Platforms” Elastic Beanstalk Platforms+------------------------------------------------------------------+| || Platform | Versions || ----------------------|---------------------------------------|| Node.js | 12, 14, 16, 18 || Python | 3.7, 3.8, 3.9, 3.10, 3.11 || Java | 8, 11, 17 || .NET | 6.0, 7.0 || PHP | 7.4, 8.0, 8.1, 8.2 || Ruby | 2.7, 3.0, 3.1, 3.2 || Go | 1.18, 1.19, 1.20 || Docker | Multi-container (ECS) || Tomcat | 8.5, 9.0 || |+------------------------------------------------------------------+Deployment Policies
Section titled “Deployment Policies” Elastic Beanstalk Deployment Policies+------------------------------------------------------------------+| || 1. All at Once || +----------------------------------------------------------+ || | | || | Old Version New Version | || | +----+ +----+ +----+ +----+ +----+ +----+ | || | | I1 | | I2 | | I3 | | I1 | | I2 | | I3 | | || | +----+ +----+ +----+ +----+ +----+ +----+ | || | | | | | | | | || | +------+------+ +------+------+ | || | | | | || | v v | || | [Downtime] [All new at once] | || | | || | Pros: Fastest deployment | || | Cons: Downtime during deployment | || +----------------------------------------------------------+ || || 2. Rolling || +----------------------------------------------------------+ || | | || | Batch 1: Batch 2: Batch 3: | || | +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+| | |New | |Old | |Old | |New | |New | |Old | |New | |New | |New || | +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+| | | || | Pros: No downtime, gradual rollout | || | Cons: Mixed versions during deployment | || +----------------------------------------------------------+ || || 3. Rolling with Additional Batch || +----------------------------------------------------------+ || | | || | Old: 3 instances | || | New: 4 instances (temporary) | || | | || | Pros: Full capacity during deployment | || | Cons: Additional cost during deployment | || +----------------------------------------------------------+ || || 4. Immutable || +----------------------------------------------------------+ || | | || | Old Environment New Environment | || | +----+ +----+ +----+ +----+ +----+ +----+ | || | | I1 | | I2 | | I3 | | I4 | | I5 | | I6 | | || | +----+ +----+ +----+ +----+ +----+ +----+ | || | | || | Pros: Safest, easy rollback | || | Cons: Slowest, highest cost | || +----------------------------------------------------------+ || || 5. Blue/Green || +----------------------------------------------------------+ || | | || | Blue Environment Green Environment | || | (Current) (New Version) | || | +----+ +----+ +----+ +----+ +----+ +----+ | || | | I1 | | I2 | | I3 | | I4 | | I5 | | I6 | | || | +----+ +----+ +----+ +----+ +----+ +----+ | || | | || | Switch: Route 53 or swap CNAMEs | || | | || | Pros: Instant rollback, full testing | || | Cons: Double resources during transition | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+.ebextensions Configuration
Section titled “.ebextensions Configuration”option_settings: aws:autoscaling:asg: MinSize: 2 MaxSize: 10 Cooldown: 300 aws:autoscaling:launchconfiguration: InstanceType: t3.medium IamInstanceProfile: ec2-role EC2KeyName: my-key-pair aws:elb:listener:443: ListenerProtocol: HTTPS InstancePort: 80 SSLCertificateId: arn:aws:acm:us-east-1:123456789012:certificate/abc123 aws:elasticbeanstalk:application:environment: ENVIRONMENT: production DB_TABLE: users aws:elasticbeanstalk:healthreporting:system: SystemType: enhanced aws:elasticbeanstalk:managedactions:platformupdate: UpdateLevel: minor InstanceRefreshEnabled: true
# .ebextensions/nginx.configfiles: "/etc/nginx/conf.d/proxy.conf": mode: "000644" owner: root group: root content: | upstream nodejs { server 127.0.0.1:8081; keepalive 256; }
server { listen 8080;
location / { proxy_pass http://nodejs; proxy_set_header Connection ""; proxy_http_version 1.1; } }10.3 AWS App Runner
Section titled “10.3 AWS App Runner”Architecture Overview
Section titled “Architecture Overview” App Runner Architecture+------------------------------------------------------------------+| || +------------------------+ || | App Runner | || | Service | || +------------------------+ || | || +---------------------+---------------------+ || | | | || v v v || +----------+ +----------+ +----------+ || | Source | | Build | | Deploy | || | | | | | | || | - ECR | | - Auto | | - Auto | || | - GitHub | | Build | | Scale | || | - Code | | | | | || +----------+ +----------+ +----------+ || || Fully managed container service || Automatic builds and deployments || Built-in load balancing and encryption || |+------------------------------------------------------------------+App Runner Features
Section titled “App Runner Features” App Runner Key Features+------------------------------------------------------------------+| || 1. Source Options || +----------------------------------------------------------+ || | | || | Container Image (ECR) | || | - Pre-built Docker image | || | - Manual or automatic deployments | || | | || | Source Code (GitHub) | || | - Connect GitHub repository | || | - Automatic builds on push | || | - App Runner builds the container | || +----------------------------------------------------------+ || || 2. Automatic Scaling || +----------------------------------------------------------+ || | | || | Min instances: 1 (default) | || | Max instances: 25 (default, adjustable) | || | | || | Scaling metric: | || | - Concurrent requests per instance | || | - Default: 100 concurrent requests | || | | || | Scale out: When concurrent requests exceed threshold | || | Scale in: When traffic decreases | || +----------------------------------------------------------+ || || 3. Built-in Features || +----------------------------------------------------------+ || | | || | - Load balancer (automatic) | || | - TLS/SSL (automatic) | || | - Custom domain support | || | - Health checks | || | - Logging to CloudWatch | || | - VPC access (optional) | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+App Runner Configuration
Section titled “App Runner Configuration”{ "ServiceName": "my-app", "SourceConfiguration": { "AuthenticationConfiguration": { "ConnectionArn": "arn:aws:apprunner:us-east-1:123456789012:connection/my-github-connection" }, "AutoDeploymentsEnabled": true, "CodeRepository": { "RepositoryUrl": "https://github.com/myorg/myapp", "SourceCodeVersion": { "Type": "BRANCH", "Value": "main" }, "CodeConfiguration": { "ConfigurationSource": "API", "CodeConfigurationValues": { "Runtime": "PYTHON_311", "BuildCommand": "pip install -r requirements.txt", "StartCommand": "python app.py", "Port": "8080", "RuntimeEnvironmentVariables": { "ENVIRONMENT": "production" } } } } }, "InstanceConfiguration": { "Cpu": "1024", "Memory": "2048", "InstanceRoleArn": "arn:aws:iam::123456789012:role/AppRunnerRole" }, "HealthCheckConfiguration": { "Protocol": "HTTP", "Path": "/health", "IntervalInSeconds": 10, "TimeoutInSeconds": 5, "HealthyThreshold": 3, "UnhealthyThreshold": 5 }}10.4 Comparison: Elastic Beanstalk vs App Runner
Section titled “10.4 Comparison: Elastic Beanstalk vs App Runner” Platform Service Comparison+------------------------------------------------------------------+| || Feature | Elastic Beanstalk | App Runner || ---------------------|-------------------|---------------------|| Infrastructure | EC2 instances | Fully managed || Control | Full access | Limited || SSH Access | Yes | No || Custom AMI | Yes | No || ---------------------|-------------------|---------------------|| Deployment | Multiple policies | Automatic || Rollback | Manual/Auto | Automatic || Blue/Green | Yes | No || ---------------------|-------------------|---------------------|| Scaling | Auto Scaling | Built-in || Load Balancer | ALB/NLB | Built-in || SSL/TLS | Configure | Automatic || ---------------------|-------------------|---------------------|| Database | RDS integration | External only || VPC Access | Full | Optional || ---------------------|-------------------|---------------------|| Use Case | Traditional apps | Containerized apps || Complexity | Medium | Low || Pricing | EC2 + services | Per-instance || |+------------------------------------------------------------------+10.5 Practical Commands
Section titled “10.5 Practical Commands”Elastic Beanstalk CLI
Section titled “Elastic Beanstalk CLI”# Initialize EB CLIeb init --region us-east-1
# Create environmenteb create production --env-tier webserver --instance-type t3.medium
# Deploy new versioneb deploy production
# Open application in browsereb open
# Check environment statuseb status production
# View logseb logs production
# Set environment variableseb setenv DB_TABLE=users LOG_LEVEL=INFO
# Create blue/green deploymenteb clone production production-v2
# Swap environment URLseb swap production-v2 --destination-name production
# Terminate environmenteb terminate productionApp Runner CLI
Section titled “App Runner CLI”# Create service from ECRaws apprunner create-service \ --service-name my-app \ --source-configuration '{"ImageRepository":{"ImageIdentifier":"123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app:latest","ImageRepositoryType":"ECR"}}' \ --instance-configuration '{"Cpu":"1024","Memory":"2048"}'
# Create service from GitHubaws apprunner create-service \ --service-name my-app \ --source-configuration file://source-config.json
# Update serviceaws apprunner update-service \ --service-arn arn:aws:apprunner:us-east-1:123456789012:service/my-app/abc123 \ --source-configuration '{"AutoDeploymentsEnabled":true}'
# Start deploymentaws apprunner start-deployment \ --service-arn arn:aws:apprunner:us-east-1:123456789012:service/my-app/abc123
# Describe serviceaws apprunner describe-service \ --service-arn arn:aws:apprunner:us-east-1:123456789012:service/my-app/abc123
# Delete serviceaws apprunner delete-service \ --service-arn arn:aws:apprunner:us-east-1:123456789012:service/my-app/abc12310.6 Best Practices
Section titled “10.6 Best Practices” Platform Services Best Practices+------------------------------------------------------------------+| || Elastic Beanstalk || +----------------------------------------------------------+ || | 1. Use .ebextensions for configuration | || | 2. Use immutable deployments for production | || | 3. Enable enhanced health reporting | || | 4. Use managed platform updates | || | 5. Configure proper IAM roles | || | 6. Use Blue/Green for zero-downtime deployments | || +----------------------------------------------------------+ || || App Runner || +----------------------------------------------------------+ || | 1. Use health check endpoints | || | 2. Configure appropriate instance size | || | 3. Use VPC connector for private resources | || | 4. Enable auto-deployments for CI/CD | || | 5. Use Secrets Manager for sensitive data | || | 6. Configure custom domains with TLS | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+10.7 Why This Matters in DevOps/SRE
Section titled “10.7 Why This Matters in DevOps/SRE”Platform services are the fastest path from code to production for many teams. Understanding when to use Beanstalk vs App Runner vs ECS/EKS is a key DevOps decision.
Platform Service Decision Tree+------------------------------------------------------------------+| || Choosing the Right Platform: || || Need full infra control? (SSH, custom AMI, SG tweaks) || ├── YES → Elastic Beanstalk || └── NO → || Container-native app with simple scaling? || ├── YES → App Runner || └── NO → || Complex microservices with service mesh? || ├── YES → ECS/EKS || └── NO → || Predictable traffic, small team? || └── YES → App Runner (simplest) || |+------------------------------------------------------------------+10.8 Linux Systems Perspective
Section titled “10.8 Linux Systems Perspective”Platform Service Management from Arch Linux
Section titled “Platform Service Management from Arch Linux”# Install EB CLI on Arch Linuxsudo pacman -S python-pippip install awsebcli --user# Or via AURyay -S aws-elastic-beanstalk-cli
# Quick EB deployment workflow#!/bin/bash# ~/bin/eb-deploy.shset -euo pipefail
ENV="${1:-production}"echo "🚀 Deploying to Elastic Beanstalk: $ENV"
# Check environment health firstHEALTH=$(aws elasticbeanstalk describe-environment-health \ --environment-name "$ENV" \ --attribute-names HealthStatus \ --query 'HealthStatus' --output text)
if [ "$HEALTH" != "Ok" ]; then echo "⚠️ Environment health is $HEALTH - proceed? (y/n)" read -r confirm [ "$confirm" != "y" ] && exit 1fi
eb deploy "$ENV" --timeout 20echo "✅ Deployment complete"
# App Runner service monitoringaws apprunner list-services \ --query 'ServiceSummaryList[*].{Name:ServiceName,Status:Status,URL:ServiceUrl}' \ --output table10.9 Troubleshooting Guide
Section titled “10.9 Troubleshooting Guide”| Issue | Cause | Solution |
|---|---|---|
| EB deployment stuck | Health check failing | Check /health endpoint, review EB logs |
| EB environment degraded | Instance unhealthy | Check eb health, review CloudWatch metrics |
| App Runner build fails | Dockerfile or buildspec error | Check build logs in CloudWatch |
| App Runner 502 errors | App not listening on correct port | Ensure app listens on port from PORT env var |
| EB rolling deployment stuck | Instance failing health check | Increase health check grace period |
# Debug EB issueseb logs --alleb health --refresh
# Debug App Runneraws apprunner list-operations \ --service-arn <SERVICE_ARN> \ --query 'OperationSummaryList[*].{Type:Type,Status:Status,EndedAt:EndedAt}'10.10 Interview Questions
Section titled “10.10 Interview Questions”-
Q: When would you choose Elastic Beanstalk over App Runner?
- A: Beanstalk when you need: SSH access to instances, custom AMIs, worker environments with SQS, .ebextensions for fine-grained config, Blue/Green deployments, or multi-container Docker. App Runner when you want: zero infrastructure management, automatic builds from GitHub, simplest possible container deployment, and pay-per-request pricing.
-
Q: How does Elastic Beanstalk achieve zero-downtime deployments?
- A: Multiple strategies: (1) Rolling — updates instances in batches, maintaining capacity, (2) Rolling with Additional Batch — adds extra instances during deployment to maintain full capacity, (3) Immutable — creates entirely new instances in new ASG, validates health, then swaps, (4) Blue/Green — creates separate environment, validates, then swaps CNAME.
10.11 Exam Tips
Section titled “10.11 Exam Tips”
- Elastic Beanstalk: PaaS for traditional applications, full control
- App Runner: Serverless containers, fully managed
- Deployment Policies: All-at-once (fastest), Rolling (gradual), Immutable (safest)
- Blue/Green: Separate environments, instant switch
- .ebextensions: Configuration files in application source
- Worker Environments: Background processing with SQS
- App Runner Scaling: Based on concurrent requests
- Platform Updates: Managed updates for security patches
Next Chapter
Section titled “Next Chapter”Chapter 11: Amazon VPC - Virtual Private Cloud
Last Updated: March 2026