This post noted some steps for configuring AWS API Gateway work with ECS to work with microservices. Some AWS services are used like API Gateway, ELB, ECS, VPC.
In summary, the steps contain of:
- Create VPC.
- Create ECS service target group and attach it with ALB.
- Create ECS cluster and run services.
- Create ALB target group and attach to NLB.
- Create API gateway for REST API, and point the gateway to NLB using VPC Link.
1. Create VPC
Create a VPC with 2 public and 2 private subnets, 1 internet gateway and 1 NAT gateway
Check the route table of both private subnets to make sure an instance of the private subnet can go to the internet through the NAT gateway. Correctly, route table will have a route for destination is 0.0.0.0/0.
2. Create ECS service target group and attach it with ALB
Create a Target Group with IP addresses target type, place the group to created VPC. Other options are leave by default. One target group correspond with one microservice, you need to create many target group and configure each target group with a rule on listener of ALB.
Next, create an ALB with internal scheme, point the listener on port 80 to the created target group. Make sure the ALB nodes are placed at 2 private subnets, and using the default security group.
3. Create ECS cluster and run services
Create an ECS cluster with Fargate launch type. Next, create a task definition which has one container for demo purpose, using the Nginx docker image. In real world, this docker image will be replicated by a microservice docker image.
The task definition has Fargate launch type, Linux/X86_64 OS, 0.5 CPU and 1 GB RAM. Task also has some specific configurations, follow the below images. Others are to leave by default.
After creating task definition, we create a service for cluster. At environment, choose Launch type for Compute option. At deployment configuration, choose Service for Application type. Then open the net work configuration, choose created VPC and exclude 2 public subnets, only use 2 private subnets. Security group is default.
Next, open the Load Balancing and attach this service with created target group and ALB.
After creating service, it takes some time for status will be changed to Active. Then, checking the target group associate with ALB, we will see one healthy target.
4. Create ALB target group and attach to NLB
We create another target group with target type is ALB, place it to created VPC. Then we register the created ALB to target group. Next, we create NLB and associate NLB to the created ALB target group.
For network configuration, we also use created VPC and 2 private subnets.
Checking the ALB target group, we have one healthy target.
5. Create API gateway for REST API, and point the gateway to NLB using VPC Link
Move to the API Gateway and create a Rest API, choose new API and REST protocol. Then go to the VPC and create a new one, point it to created NLB.
We need to wait for the status change to Available. At this time, we go to the API and create a proxy resource with GET method and setup request integration. In the real world, you need to add the {proxy+} to your endpoint URL to match with context path of API endpoint. Proxy resource help ALB distribute request to correct microservice host on ECS cluster.
Then we deploy gateway to a stage, on this stage we configure some variable.
If the VPC Link status changed to Available, we go back to the NLB and update the security group to allow request from API gateway to NLB.
Creating a new security group and add one inbound rule
At NLB security configuration, attach the created security group to it and uncheck the Enforce inbound rule on PrivateLinks traffic.
Finally, go to the API Gateway and take the link of the stage. Open this link on a new browser tab and add /nginx path to the link, we will see the ECS service response.
Top comments (0)