Setup AWS VPC For Fargate
This article provides you with the basic knowledge of setting up VPC for AWS Fargate Service. It will pave the foundation for building VPC, subnet, security group, and all related services for perfect working of AWS fargate. Before digging further we first need to know about what is VPC and AWS Fargate in AWS.
AWS Fargate
AWS Fargate is a famous serverless computing service offered by AWS known as AWS Lambda. AWS Lambda gives you the flexibility to run your code without worrying about the provisioning of resources. In the same way, AWS Fargate gives you the flexibility of running your docker container without worrying about the provisioning of resources. AWS Fargate is compatible with both AWS ECS and AWS EKS¹.
VPC
If you are working in an organization you may notice that there is a local network used in your organization. This network is local to your organization and the outside world doesn’t know about it. This allows an organization to use its resources in a secure and efficient way. Similarly, when we are working in the cloud we create a Virtual Private Cloud and launch various resources or services in this VPC.
AWS VPC is specific to region and inside VPC you create subnets. These subnets can be public and private based on the business requirements. In easy words, it is a range of IP addresses in your VPC². This diagram illustrates the structural detail of a VPC.
Setup VPC for AWS Fargate
Now that we know about AWS Fargate and VPC it’s time to set up VPC for AWS. Following are the steps we are going to perform
- Create VPC
1.1. Create Subnets
1.2. Create Internet Gateway
1.3. Create Routing Table
1.4. Network ACLs - Create Security Groups
1. Setting up VPC and associated resources
Login to your AWS account and navigate to AWS VPC. Click “Create VPC” and you will be redirected to the “Create VPC” page. Click “VPC and more”. Give your VPC a unique name by replacing it with an auto-generated project field. Insert “10.0.0.0/24” in the IPv4 CIDR block. You can specify the size of your VPC based on your needs. But for this tutorial, 256 IPs are enough. Select 1 as a number of availability zones.
Select 1 for a number of public subnets, and 0 for private subnets because we don’t need this for now. Leave NAT gateway to None, and change VPC endpoints to None as well.
Your VPC Preview will somehow look like this.
Click “Create VPC” and it will create all the relevant resources without creating them manually. If you are familiar with VPC then you can create VPC only and create associated services on your own.
2. Security Groups
By default, VPC creates a security group and associates it with VPC. But this security group is not enough according to our requirements. We need to create another security group because the default security group is for communication inside VPC only. We need to create another security group that allows us to communicate with our AWS Fargate deployment from outside the AWS cloud.
Type “Security Groups” in the search bar and navigate to the Security Groups page. Click “Create Security Groups” in the top right corner. Provide the name of your security groups and give VPC-Id in the VPC field. This security group will attach to the provided VPC. In the inbound rules sections, select “Custom TCP” from the Types drop-down. Specify 80 in the Port range and Select “Anywhere” in Source.
NOTE: Do not provide “Anywhere” for your production environment as it is not suggested.
Provide the same details for the Outbound Section and click “Create Security Group”.
This second security group will allow us to communicate with our AWS Fargate launch-type deployment in ECS. If you hosted a frontend app in ECS with Fargate Launch type then you can see your hosted app by giving a public IP in the top search bar of a browser. If you haven’t created this security group then you cannot see it by giving a Public IP in your link even though your docker container is running fine.
Conclusion
AWS forces you to deploy your AWS resources in VPC for better organization and security of your resources. In the same way, your Fargate Launch type docker container will reside in a VPC. If you fail to set up the necessary components for VPC then your Fargate-based app is unable to communicate with AWS resources and also with the external world. Above steps will help you in the smooth deployment of your docker container using AWS Fargate.
About Author
I am Muhammad Umar Amanat working as Sr. Data & AI Consultant. I have more than 5 years of experience in the Data & AI domain. I have been working with AWS services since 2018 and successfully deployed several projects on the AWS platform. I learned a lot from the open-source community and now I am trying my best to pay back to the community.
Follow me on Medium to keep updated with new articles. You can also find me on LinkedIn.
Need advice on the AWS platform? You can book a 1:1 call with me.
