From Docker to AWS: Step-by-Step Guide — Push to ECR and Deploy on ECS

🚀 Goal

Build a Docker image locally, push it to Amazon ECR, and deploy it to Amazon ECS (Fargate or EC2) behind an Application Load Balancer, with autoscaling and health checks.

Prerequisites

• AWS account with permission to use ECR, ECS, IAM, ALB, and (optional) CloudWatch/Autoscaling.

• AWS CLI installed and configured (aws configure) or access to AWS Console.

• Docker installed locally.

• Basic app packaged with a Dockerfile.

1. AWS CLI & IAM setup
What to do: Ensure your local environment has AWS credentials and an IAM user/role with permissions for ECR and ECS.

aws configure → enter AWS Access Key ID, Secret Access Key, region, and output format.

(Optional) Create an IAM policy/role for CI system later (CodePipeline/GitHub Actions).

Tip: For production, use fine-grained roles (ECR read/write, ECS create/update, ALB modify). Avoid using root credentials.

Step 1: Create an ECR Repository

If you haven’t already created it:

Option 1 – Using CLI:

aws ecr create-repository --repository-name priyanka-repo --region us-east-1

Option 2 – Using Console:

Go to AWS Management Console → ECR → Create repository

Name it priyanka-repo

Copy the repository URI, something like:

157168991173.dkr.ecr.us-east-1.amazonaws.com/priyanka-repo

_ Step 2: Authenticate Docker to ECR_

Run this command to log in to your ECR registry:

aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 157168991173.dkr.ecr.us-east-1.amazonaws.com

This lets Docker push/pull images from your private ECR.

_ Step 3: Build the Docker Image_

If you have a Dockerfile in your project directory, build the image:

docker build -t priyanka-repo .

_ Step 4: Tag the Docker Image_

Tag it with your ECR repository URI:

docker tag priyanka-repo:latest 157168991173.dkr.ecr.us-east-1.amazonaws.com/priyanka-repo:latest

Step 5: Push the Image to ECR

Finally, push your image:

docker push 157168991173.dkr.ecr.us-east-1.amazonaws.com/priyanka-repo:latest

✅ After Success:
You’ll see your image appear in the AWS Console → ECR → Repositories → priyanka-repo → Images.

6.Create an ECS cluster

Decide between Fargate (serverless) or EC2 (you manage instances).

Console: AWS → ECS → Clusters → Create cluster → choose Networking only (Fargate) or EC2 Linux + Networking.

What this provides: a logical grouping for tasks/services.

7. Create a Task Definition

A task definition declares how containers run (image, CPU, memory, ports, env vars, log config).

Console: Task Definitions → Create new Task Definition → Fargate (or EC2).

Main fields:

Task Role / Execution Role – IAM role for AWS API access / pulling from ECR.

Container Definition:

Image: ECR URI (.../my-app:latest)

Port mappings: container port (e.g., 80 or 5000)

Environment variables (if required)

Health check command (optional)

Log configuration (CloudWatch Logs)

Quick example JSON snippet (conceptual):

{
  "family": "my-app-task",
  "networkMode": "awsvpc",
  "containerDefinitions": [
    {
      "name": "my-app",
      "image": "<aws_account_id>.dkr.ecr.<region>.amazonaws.com/my-app:latest",
      "portMappings": [{"containerPort": 80, "protocol": "tcp"}],
      "essential": true,
      "memory": 512,
      "cpu": 256
    }
  ],
  "requiresCompatibilities": ["FARGATE"],
  "cpu": "256",
  "memory": "512"
}

8. Create ECS Service
A Service ensures a desired number of task instances are running and manages deployment/rolling updates.

Console: Clusters → Select cluster → Create → Create Service
Key options:

Launch type: Fargate (recommended) or EC2.

Service name (e.g., my-app-service).

Number of tasks (desired count): initial minimum (e.g., 2).

Deployment options: Rolling update (default).

Assign public IP? If tasks need internet access and you’re using public subnets.

Important: Choose the same subnets/security groups as your ALB target group (for network reachability).

9. Create Application Load Balancer (ALB) & Target Group

ALB will route incoming traffic to ECS tasks.

Steps:

Create Target Group (Console → EC2 → Target Groups)

Type: ip (for Fargate) or instance (for EC2).

Protocol: HTTP, Port: 80 (or your app port).

Health check path: / or /health (whatever your app exposes).

_Create ALB _(Console → EC2 → Load Balancers)

Scheme: internet-facing (for public app) or internal.

Select public subnets across AZs for high availability.

Security group allowing inbound HTTP/HTTPS.

Register Targets

When you configure ECS Service, you can choose the ALB & target group so ECS automatically registers tasks as targets.

Health check: configure a path and thresholds (healthy threshold, unhealthy threshold, timeout, interval). For example: path /health with status 200.

10. Hook ALB to ECS Service

During service creation:

Choose Load balancing: Application Load Balancer.

Attach previously created ALB and target group.

ECS will create an ENI for each task (Fargate) and register it to the target group.

Result: Requests to ALB are forwarded to running containers.

10. Configure Autoscaling (optional but recommended)

Autoscaling adjusts the number of tasks automatically.

Steps:

In your ECS Service → Auto Scaling → Create scale policy.

Define Minimum and Maximum tasks (e.g., min 2, max 10).

Set scaling triggers, e.g.:

Target tracking policy: keep CPU utilization at 50%

Or using CloudWatch metrics (Request count per target)

Tip: Start with conservative min=2, max=10 and tune over time

11. Verify Deployment

Go to ALB → Listeners → copy the DNS name and open in a browser.

Check Task status in ECS cluster (should be RUNNING).

Check Target Group health — targets should show healthy.

Troubleshooting:

If targets are unhealthy, check container health endpoint and security groups.

Ensure container port mapping matches target group settings.

Check CloudWatch logs for container startup errors.

12. Rolling updates and new image versions

Workflow to update:

Build a new image version and tag it (e.g., :v2).

Push to ECR.

Update Task Definition to point to the new image (new revision).

Update ECS Service to use the new task definition → ECS performs a rolling deployment.

Automation tip: Use CI/CD (GitHub Actions / Jenkins / CodePipeline) to:

Build image → push to ECR.

Register new Task Definition revision (or update service).

Trigger ECS service update for zero-downtime deployments.

✅ Summary (mapping to your original notes)

aws configure ✔️

Create ECR repo ✔️

Build and push Docker image ✔️

Create cluster (ECS) & task definition ✔️

Create service with task & Fargate/EC2 ✔️

Add ALB → configure target group + health checks ✔️

Add autoscaling (min 2, max 10) ✔️

Service created → check ALB DNS for app ✔️