Container Orchestration Platform

Containers have become the standard deployment unit for microservices, but running them reliably at scale requires a sophisticated orchestration platform. In this challenge, you will design a container orchestration platform on AWS that supports multiple development teams running dozens of microservices with independent deployment cycles. The platform uses Amazon ECS with Fargate for serverless container execution — you will evaluate the trade-off versus EC2-backed ECS clusters (cost vs. control) and justify the choice for different workload profiles. The networking layer uses AWS Cloud Map for service discovery, enabling services to find each other via DNS without hardcoded endpoints. Each service runs behind an internal Application Load Balancer with path-based routing, and external traffic enters through a public-facing ALB with WAF integration. The compute configuration uses Fargate Spot for non-critical workloads (batch processing, dev environments) and regular Fargate for production services, with capacity providers managing the mix. Auto-scaling uses ECS Service Auto Scaling with target tracking on CPU, memory, and custom CloudWatch metrics like queue depth. The platform includes a shared observability stack: FireLens for log routing to CloudWatch Logs and OpenSearch, X-Ray sidecars for distributed tracing, and Container Insights for cluster-level metrics. Secrets management uses AWS Secrets Manager with ECS secret references, rotating database credentials without container restarts. The deployment pipeline supports rolling updates with circuit breaker enabled, automatically rolling back deployments where tasks fail to stabilize. You will also design the multi-tenant isolation model using ECS task IAM roles, security groups, and namespace-based Cloud Map separation. This challenge teaches container orchestration patterns, service mesh concepts, and platform engineering for development teams.