loading...

Setting Up a Minimal Amazon ECS Cluster to Manage Multiple Applications

zkan profile image Kan Ouivirach Updated on ・6 min read

Outline

  1. What is Amazon ECS?
  2. Creating an ECS Cluster
  3. Creating an Application Load Balancer (ALB)
  4. Setting up an Application in the ECS cluster
  5. Adding a Domain to ALB
  6. Testing the Application

What is Amazon ECS?

I will not explain too much about it here. It's not the main point of this tutorial. Please read the quote below to get some idea what it is. 😆

Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service. Customers such as Duolingo, Samsung, GE, and Cook Pad use ECS to run their most sensitive and mission critical applications because of its security, reliability, and scalability.

Reference: Amazon ECS

Creating an ECS Cluster

Go to the ECS service and click "Create Cluster".

Alt Text

Select the "EC2 Linux + Networking" template. Don't worry if we don't see AWS Fargate here, we can set it later.

Alt Text

Fill in the information below. If we want to SSH into the EC2 instance, we need to specify the key pair. In this tutorial, we don't need it.

Alt Text

For networking, let's create a new VPC.

Alt Text

Use the default IAM role ecsInstanceRole. Specify the tags, so we can track the bill and keep our resources organized.

Alt Text

Once we finish, we should see the launch status as shown in the screenshot below.

Alt Text

We can then view the newly created cluster.

Alt Text

Creating an Application Load Balancer (ALB)

We need a load balancer to route requests to the destination. Let's create one. Go to the EC2 service then find the "Load Balancer" on the menu on the left. Click "Create Load Balancer".

Alt Text

Choose the Application Load Balancer.

Alt Text

Configure the ALB and choose the VPC we created from above in the Availability Zone section. Again, don't forget to add the tags.

Alt Text

In the step 2, we need a SSL certificate for it. We can set it later and can skip this for now.

Alt Text

For the security group, just create a new one.

Alt Text

For the routing configuration, create a new target group.

Alt Text

We can skip the register targets step. ECS will do it for us when we create a new service in ECS.

Alt Text

Wait until the ALB is provisioned.

Alt Text

Once the provision is finished, what we need to do is to update the security group rule on the EC2 instances where containers will run in the ECS cluster, so the ALB can access.

Go back to the ECS console, select the cluster, click on the tab "ECS Instances". We will see an instance is running. Click the ECS instance ID.

Alt Text

Click on the security group name.

Alt Text

Edit the inbound rule.

Alt Text

Select the security group previously created for the ALB. We're allowing all the traffic from the ALB to the instances since when working with ECS we can use a dynamic port mapping feature in order to run more containers with the same image in the same EC2 instances, so when starting our task, we won't specify any port to run applications and the ECS will do it for us.

Alt Text

Setting up an Application in the ECS cluster

In order to set up an application in the ECS cluster, we need to:

  1. Create a task definition;
  2. Create a service.

Creating a Task Definition

Go to the ECS console and click the "Task Definitions" on the left menu.

Alt Text

Choose the EC2 launch type.

Alt Text

Configure the task and container definitions.

Alt Text

Alt Text

Click "Add container" then.

To make it simple, we're using this public Docker image in this tutorial. Note that we can actually use any Docker image from either a public or private Docker image repository here.

Alt Text

We intentionally set the host port to 0 since it will be used to facilitate dynamic port allocation. The ALB dynamically allocate a port during the task placement.

Add the tags.

Alt Text

Check the "Auto-configure CloudWatch Logs", so we can view the log in CloudWatch. Just keep the default settings.

Alt Text

After that, we add the container and create the task definition.

Alt Text

Creating a Service

Let's create a service. This allow us to run and maintain a specified number of instances of a task definition simultaneously in the ECS cluster.

Alt Text

Configure the service.

Alt Text

For Load balancing, choose the Application Load Balancer. Click "Add to load balancer" to add the container to the load balancer.

Alt Text

Configure the container settings as follows.

Alt Text

Uncheck the "Enable service discovery integration" option. This is not necessary for now since we won't do anything in the Route 53 now.

Alt Text

After that, create the service.

Alt Text

Our application should be up and running soon.

Adding a Domain to ALB

This is the last step before we can access our application from the Internet. Go to our ALB and edit rules.

Alt Text

Create a new rule or edit the existing one like this. In this tutorial, choose the host header for the condition, then we set the domain my-test-zkan-bkk.prontotools.io.

Alt Text

Click "Update".

Testing the Application

If we have our own domain, we can point it to the ALB's DNS name.

Alt Text

If not, we can modify our hosts file. Get the ALB's IP with nslookup.

Alt Text

Modify the hosts file.

Alt Text

Done! 🍻🎄🎉

Alt Text

If we want to add a new application, just repeat the step 3 to 5 again. 😉

I've drawn a simple diagram to show how it will look like after complete those steps above. 👇

Alt Text

Hope this helps! 😇

Discussion

pic
Editor guide