amila-ku/aws-ecs-fargate

ECS fargate application deployment with AWS VPC

Containerized Application Deployment on AWS ECS

What you need to get started

1. Install Terraform

brew install terraform

2. Create AWS account Create account and create user

3. Create a S3 bucket

aws s3api create-bucket --bucket terraform-backend-store-<your_projectname> --region eu-central-1 --create-bucket-configuration LocationConstraint=eu-central-1

4. Set credential for AWS user If you want to use existing user add aws access keys in ~/.aws/credentials and set the profile to use

export AWS_PROFILE=terraformuser

Information about use of named profiles is here

Resources that get created

1. AWS VPC
2. Internet Gateway and Nat Gateway
3. Subnets, RouteTables and routes
4. ECS Cluster(Fargate)
5. Secrets in secret manager
6. Aurora Serverless databaase
7. ALB TargetGroups
8. ECS service which is spread accross multiple AZ with Autoscaling
9. Security Groups

Creating the environment

1. Initialize the modules

cd dev
terraform init

2. Create Secrets file

echo 'application-secrets = {
  "VTT_DBUSER"            = "postgres"
  "VTT_DBPASSWORD"        = "abcd123#$"
}
' > secrets.tfvars

3. Plan resources

terraform plan -var-file="secrets.tfvars"

4. Create resources

terraform apply -var-file="secrets.tfvars"

Decisions made

1. VPC module is created from scratch to make it easier to go through the different components involved.
2. ECS with Fargate is used instead of EKS to reduce complexity of managing and considering cost savings of not having to pay for cluster, since need to complex scaling or multi cloud requirements were not there ECS would be the simpler solution.
3. ECS and ECS service module is created to have control over setup and be able to use it as a single module to make applying changes simple.
4. RDS module from terraform registry is used to create highly available Aurora Serverless database.
5. RDS on graviton used to reduce cost.

Improvements

1. Run on graviron2 for fargate
2. CI pipeline