Simplifying Application Containerization with EC2, ECR, ECS, Fargate and Load Balancing

Key AWS Services for this project would be ECS (Fargate), ALB, Security groups, IAM Role.

Do you want to use AWS to launch containerized apps without having to deal with Kubernetes' intricacy? Scalability and high availability are provided by AWS Elastic Container Service (ECS), a fully managed solution that streamlines container orchestration.

If you are new to containers, this step-by-step tutorial will show you how to leverage ECS to deploy containerized applications with load balancing, high availability, and proper database integration.

AWS offers two choices if you wish to put a container-based application into production.

1. Amazon Elastic Container Service, or ECS, is the best option for customers seeking a more straightforward and completely managed container orchestration solution.
2. Amazon Elastic Kubernetes Service, or EKS, is a superior option for consumers who need Kubernetes' scalability and flexibility for container orchestration.

WHAT IS AWS ECS?

AWS ECS is a fully managed container orchestration service that allows you to run Docker containers in a scalable and highly available manner.

Features of AWS ECS

• ECS enables you to run and manage Docker containers on a cluster of EC2 instances or Fargate(Serverless compute)

• ECS distributes containers across multiple Availability Zones within a region to ensure high availability and fault tolerance.

• ECS integrates seamlessly with other AWS services ELB, VPC, IAM, AWS CloudWatch, and AWS CodePipeline, enabling you to build comprehensive and scalable applications.

• ECS Provides built-in auto-scaling capabilities.

Understanding AWS ECS Architecture and Components

ECS architecture comprises key components working together for container deployment and management:

1. Clusters: An ECS cluster is a logical grouping of tasks or services.

2. Tasks: Fundamental unit of ECS, tasks run containerized applications on EC2 instances or Fargate tasks.

3. Task definition: It is a blueprint for your application. You define parameters like Docker image, CPU, memory, networking, and dependencies.

4. Service: Maintain desired task count in a cluster, scaling automatically. Ensures high availability by distributing tasks and restarting failed ones.

5. Container Instances: EC2 instances or Fargate tasks running Docker daemon and hosting ECS containers.

ECS allows you 3 options to run your container-based application.

• AWS Fargate — AWS manages the underlying infra where your containers will be running. It is serverless.

• AWS EC2 instances — You run containers on the EC2 instances that you manage.

• On-prem VM — You run your containers on on-prem VMs.

In this project, I would be doing the following things to achieve my desired result.

a. Containerize an application.

b. Create an Elastic Container Repository (ECR).

c. Build a Docker image and push it to my ECR.

d. Create an Elastic Container Service with Task Definitions, create a Cluster and a Service.

e. Create a Task Role for the ECS.

f. Create my Access Key and Security Key.

g. Create Load Balancer.

Let’s get started with the project.

CREATE AN EC2 INSTANCE

1. If you need help with creating an EC2 instance, see Quick Guide to Deploying a Linux EC2 Instance on AWS for guidance.

   While creating your instance, you need to edit the Network settings. Create a new Security group and add an inbound rule. For Type, select HTTP and select 0.0.0.0/0 for the source.

   Now go ahead and Launch Instance.

2. CONNECT TO YOUR INSTANCE EITHER THROUGH INSTANCE CONNECT OR SSH CLIENT

   If you are connecting through Instance Connect, just click on it and it opens a new tab but if you choose to use SSH Client, you would be needing a key pair which I believe you must have created while creating your EC2 instance.

   If you are connecting via SSH Client, open PowerShell and input the ssh command.

   I connected via ssh as demonstrated in the diagram below.

   

   Next, type the commands as seen in the diagram. The sudo su command takes you to the root user and yum update -y, updates your Amazon Linux.

   

3. INSTALL DOCKER

   To install docker, you have to run the following commands. curl -fsSL https://get.docker.com -o get-docker.sh. Next, run yum install docker -y

After successfully installing docker, we use the systemctl start docker to start docker and systemctl status docker to know the status of docker.

From the diagram below, you would realize that docker is started, active and running.

To leave continue with your commands, type Q and it takes you to the root folder again.

a. At this stage, we need to create a directory with the mkdir command and cd into the directory.

b. Type vi Dockerfile and input this command in the dockerfile.

c. Type vi Index.html to create your html file. Put in your code, save and exit.

d. Login to your docker account by typing docker login and inputting all the necessary information.

e. Go to the AWS Console - IAM - User - Create access keys - Use Case (choose CLI) - Select confirmation box - Next - Create access keys.

f. Return to PowerShell and type aws configure

4. CREATE AN ELASTIC CONTAINER REGISTRY

a. You can do this by typing aws ecr create-repository —repository-name <repository name>

b. After creating the repository, you can confirm on AWS Console. Click on the repository that has just been created. Next, click View Push Commands and a dialog box would be opened.

c. Copy these commands one after the other and run them on Powershell.

aws ecr get-login-password --region ca-central-1 | docker login --username AWS --password-stdin 241533137938.dkr.ecr.ca-central-1.amazon.com

d. Create a container to run Your image by running the command in the diagram below.

5. CREATE A LOAD BALANCER

a. Go to the EC2 instance dashboard and select Load Balancing - Load Balancers - Create load balancer.

b. Give your load balancer a name. Leave the other parts as default and move to Network mapping.

c. Under Network mapping, select the VPC. In my case, it was the default VPC and I selected 3 AZs which automatically attached the subnets.

d. Under Security groups, click on the drop down arrow and select the security group you created when creating the EC2.

e. Under Listeners and routing, select Create Target group.

f. Give the Target group a name.

g. Move to Advanced health check settings and scroll to Healthy threshold.

g. Click Next

h. Select your instance, next select Create Target group.

i. Return to Listener and routing so that you can add the load balancer.

j. Select Create

6. CREATE A TASK ROLE

a. Open IAM - Roles - Create role.

b. Under Trusted entity type, choose AWS Service.

7. CREATE ELASTIC CONTAINER SERVICE

a. Search ECS - Task Definition - Create new task definition.

b. Under Infrastructure requirements, go to Task Role and Task execution role and select the role you created for ECS.

c. Go ahead to Container-1, give the container a name. Go to ECR and copy the URL of your image and paste here as shown in the diagram.

d. Click Create.

e. Click Clusters - Create Cluster

f. Leave every other sections as default and click Create.

g. Click the cluster that you have just created, scroll down and click Services - Create.

h. Leave Environment section as default and head to Deployment configuration. Choose the Task definition you created under Task definition family. Next give a Service name.

i. Under Desired tasks, choose 2.

j. Move to Networking - Security group - use existing security group - select the security group you created.

k. Head to the Load balancing section

l. Click Create.

From the images above, every deployment was successful.

Now I picked the IPv4 address of my EC2 instance and opened it and the result,

I went ahead to get the DNS of my load balancer and boom, error.

To correct the error, I went back to my target group and I noticed the instance did not have any target group attached to it as you can see in the diagram below.

I went back to check my load balancer. Target group for the instance was initially 0 but after the amendment done, it changed to 1. That means the target group is finally associated with the instance.

Now let’s go back and check with the DNS names. And there we have it.

Thank you for stopping by my blog post and I hope I was able to put you through the process nicely.

Like, follow and drop a comment and let me know what you think about this project.