DEV Community

Budiono Santoso for AWS Community Builders

Posted on • Edited on

Containers on AWS — Amazon Elastic Container Service (ECS) on Amazon EC2

Architecture

Hello everyone. When I try Amazon ECS on Amazon EC2, I get challenged on how to use a load balancer and auto-scaling. Finally, I can deploy a web application to Amazon ECS on Amazon EC2. If you want to read about Amazon ECS on AWS Fargate, you can see the link.

Before creating the ECS cluster, create VPC for the ECS cluster. You can see the link to read how to create VPC. But I change the VPC configuration — the number of Availability Zone (AZ) is 2, public subnets are 2, and private subnets also 2.

SUBNETS IN VPC.

Create 2 security groups for VPC — security group for the load balancer and EC2. But the security group for the load balancer and EC2 is different. The security group for EC2 connects to the security group for the load balancer.

SECURITY GROUP FOR LOAD BALANCER

SECURITY GROUP FOR LOAD BALANCER

SECURITY GROUP FOR EC2

SECURITY GROUP FOR EC2

When security group for EC2, the source associated with security group for load balancer (secg-for-elb with ID sg-…58ec1)

SECURITY GROUP IN VPC

After creating VPC and security group in VPC, go to Amazon ECS and create an ECS cluster. Choose EC2 Linux + Networking.

Fill the ECS cluster and choose on-demand instance, choose EC2 instance type or also can fill the EC2 instance type with click manually enter desired instance type.

NOTE: EC2 instance type changed from c4.large to t2.large.

For networking, use VPC that already created. Then, choose 2 public subnets for the subnets. Enable auto-assign public IP. For security group, use security group for EC2.

Create an IAM role for the container instance. (Optional) Enable container insights and see insight results in Amazon CloudWatch. And click Create. Waiting until can click View Cluster. The ECS cluster on EC2 was created with the CloudFormation stack.

After creating the ECS cluster, create a task definition for add a container from Amazon ECR private. Choose EC2 for task definition.

Fill in the task definition name. Create IAM role for ECS task execution.

Click Add container.

Fill in the container name. For image, you can see my article about Amazon ECR with the link.

When after add container, can see the container name webapp is added. And click Create task.

After creating the ECS task definition, create an ECS service on EC2. Choose task definition and version (revision) then choose cluster.

Fill in the service name. For service type, can read different between replica and daemon with the link.

For load balancer, choose Application Load Balancer. If you don’t have ALB, you must create ALB in EC2. Click the EC2 console and automatically open to load balancer page.

Load balancer in EC2 has 3 types:

  1. Application Load Balancer — for applications with HTTP and HTTPS and target to the application like EC2 instances, IP address, Lambda function, and Network Load Balancer (NLB). ALB works in AWS Region, local zone, and AWS Outposts.

  2. Network Load Balancer — same as ALB but needs AWS PrivateLink. NLB works in AWS Region only.

  3. Gateway Load Balancer.

Choose Application Load Balancer to create a load balancer.

Because use an Application Load Balancer, I screenshot how ALB work for the application.

Fill in the load balancer name, choose internet-facing for target group.

Choose VPC that has already been created. Mappings can use a public subnet. Mappings must require two AZ and one subnet per AZ.

For the security group on ALB, can choose a security group for ALB that has already been created.

For listeners, fill 8080 for the port. Click create target group. The target group for connecting to EC2 instances. If the target group is already created, click refresh and show the target group.

Choose instances because targeted to EC2 instances that have already been created. Fill in the target group name, choose VPC and click Next.

When instances are available, checklist all EC2 instances. Fill 8080 in the port and click include as pending below.

You can see review targets before click create target group. The EC2 instances has health status is pending. Click create target group.

After creating a target group, click the target group name and can see if the healthy status is unused.

Back to Listeners. Click refresh again and choose the target group that has already been created.

You can see the summary and click create the load balancer. The application load balancer is successfully created. View load balancer. Waiting for application load balancer until status is active.

When the application load balancer is active, check again the target group already healthy or unhealthy. The results are healthy.

BACK TO THIS

After creating a load balancer, click refresh again and choose the load balancer that has already been created. Also select the target group.

Create auto scaling. Auto scaling work for add or remove EC2 instances that match needs.

Create an auto scaling policy. Choose scaling policy type with target tracking. The ECS service metric is based on average CPU utilization. If all settings are ready, can click Create service. After services have already been created, click View service.

The services already active and running.

Click details. Details are explaining the services have load balancer and also target group with container name and port. Click also events. Events are explaining during services are process creating.

Check tasks are running or not.

Then go to the load balancer in EC2, click DNS name, copy and paste to a new tab.

LOAD BALANCER IN EC2

Aaaaaaa, load balancer is successful and can running.

When creating an ECS cluster, I want 2 EC2 instances. Go to EC2. I want to test auto scaling is running or not. When I try to terminate one EC2 instance, the ECS cluster now has one EC2 instance only. Waiting a few minutes and new EC2 instances are created.

Thank you very much that already read this tutorial! :)

Top comments (0)