- What is Amazon ECS?
- Creating an ECS Cluster
- Creating an Application Load Balancer (ALB)
- Setting up an Application in the ECS cluster
- Adding a Domain to ALB
- Testing the Application
What is Amazon ECS?
I will not explain too much about it here. It's not the main point of this tutorial. Please read the quote below to get some idea what it is. 😆
Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service. Customers such as Duolingo, Samsung, GE, and Cook Pad use ECS to run their most sensitive and mission critical applications because of its security, reliability, and scalability.
Reference: Amazon ECS
Creating an ECS Cluster
Go to the ECS service and click "Create Cluster".
Select the "EC2 Linux + Networking" template. Don't worry if we don't see AWS Fargate here, we can set it later.
Fill in the information below. If we want to SSH into the EC2 instance, we need to specify the key pair. In this tutorial, we don't need it.
For networking, let's create a new VPC.
Use the default IAM role
ecsInstanceRole. Specify the tags, so we can track the bill and keep our resources organized.
Once we finish, we should see the launch status as shown in the screenshot below.
We can then view the newly created cluster.
Creating an Application Load Balancer (ALB)
We need a load balancer to route requests to the destination. Let's create one. Go to the EC2 service then find the "Load Balancer" on the menu on the left. Click "Create Load Balancer".
Choose the Application Load Balancer.
Configure the ALB and choose the VPC we created from above in the Availability Zone section. Again, don't forget to add the tags.
In the step 2, we need a SSL certificate for it. We can set it later and can skip this for now.
For the security group, just create a new one.
For the routing configuration, create a new target group.
We can skip the register targets step. ECS will do it for us when we create a new service in ECS.
Wait until the ALB is provisioned.
Once the provision is finished, what we need to do is to update the security group rule on the EC2 instances where containers will run in the ECS cluster, so the ALB can access.
Go back to the ECS console, select the cluster, click on the tab "ECS Instances". We will see an instance is running. Click the ECS instance ID.
Click on the security group name.
Edit the inbound rule.
Select the security group previously created for the ALB. We're allowing all the traffic from the ALB to the instances since when working with ECS we can use a dynamic port mapping feature in order to run more containers with the same image in the same EC2 instances, so when starting our task, we won't specify any port to run applications and the ECS will do it for us.
Setting up an Application in the ECS cluster
In order to set up an application in the ECS cluster, we need to:
- Create a task definition;
- Create a service.
Go to the ECS console and click the "Task Definitions" on the left menu.
Choose the EC2 launch type.
Configure the task and container definitions.
Click "Add container" then.
To make it simple, we're using this public Docker image in this tutorial. Note that we can actually use any Docker image from either a public or private Docker image repository here.
We intentionally set the host port to 0 since it will be used to facilitate dynamic port allocation. The ALB dynamically allocate a port during the task placement.
Add the tags.
Check the "Auto-configure CloudWatch Logs", so we can view the log in CloudWatch. Just keep the default settings.
After that, we add the container and create the task definition.
Let's create a service. This allow us to run and maintain a specified number of instances of a task definition simultaneously in the ECS cluster.
Configure the service.
For Load balancing, choose the Application Load Balancer. Click "Add to load balancer" to add the container to the load balancer.
Configure the container settings as follows.
Uncheck the "Enable service discovery integration" option. This is not necessary for now since we won't do anything in the Route 53 now.
After that, create the service.
Our application should be up and running soon.
Adding a Domain to ALB
This is the last step before we can access our application from the Internet. Go to our ALB and edit rules.
Create a new rule or edit the existing one like this. In this tutorial, choose the host header for the condition, then we set the domain
Testing the Application
If we have our own domain, we can point it to the ALB's DNS name.
If not, we can modify our hosts file. Get the ALB's IP with
Modify the hosts file.
If we want to add a new application, just repeat the step 3 to 5 again. 😉
I've drawn a simple diagram to show how it will look like after complete those steps above. 👇
Hope this helps! 😇