Deploy Container in AWS ECS

Sunday early, waiting for sun goes up, thinking of cup of coffee…, well…, what about drinking from a container. Where should I get that container? Made up my mind to get that container full of morning coffee in the ECS.

This article shares my experience with steps running the a cup of coffee in an AWS ECS and deploy with Rolling Update using AWS CLI.

Docker Image

Let’s start with preparing the coffee ingredient.

Write the content of the coffee in HTML

<h1>Morning coffee</h1>
<img
    src="https://plus.unsplash.com/premium_photo-1669374537810-f88d8ad82818?ixlib=rb-4.0.3&ixid=M3wxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8fA%3D%3D&auto=format&fit=crop&w=1170&q=80" />

Mix it up in Dockerfile

FROM nginx:alpine
COPY . /usr/share/nginx/html

Finally brew it in build.sh

#!/bin/bash

docker build -t fkarnagi/morningcoffee:1.0.0 .
docker push fkarnagi/morningcoffee:1.0.0

The ready to serve coffee can be found as Container Image here https://hub.docker.com/repository/docker/fkarnagi/morningcoffee

Full source code can be found here https://github.com/fernandokarnagi/morningcoffee

Let’s taste that coffee

docker run -d -p 80:80 --name morningcoffee fkarnagi/morningcoffee:1.0.0

Now, my coffee is ready. It is time to deliver to everybody, use ECS Service.

ECS Cluster

Let’s create ECS Cluster for this.

The cluster is created

Let’s check the infrastructure

See the EC2 instance created for it

We can SSH login to this instance

ECS IAM Role

Let’s create IAM Role to run the ECS Service

ECS Task Definition

Let’s create ECS Task Definition, save it under ‘task-definition.json’

{
    "family": "morningcoffee-taskdef",
    "containerDefinitions": [
        {
            "name": "morningcoffee-container",
            "image": "fkarnagi/morningcoffee:1.0.0",
            "cpu": 128,
            "memoryReservation": 128,
            "portMappings": [
                {
                    "containerPort": 80,
                    "protocol": "tcp"
                }
            ],
            "essential": true
        }
    ]
}

Create the task definition with AWS CLI

# update
aws ecs register-task-definition --cli-input-json file://ecs/task-definition.json

Check the task definition in the AWS ECS Task Definition console

ECS Security Group

Security groups are needed for the load balancer and the ECS service

aws ec2 create-security-group --group-name morningcoffee-ecs-sg --description morningcoffee-ecs-sg
aws ec2 create-security-group --group-name morningcoffee-elb-sg --description morningcoffee-elb-sg

Allow inbound access from ELB to the ECS Security Group

aws ec2 authorize-security-group-ingress --group-name morningcoffee-ecs-sg --protocol tcp --port 1-65535 --source-group morningcoffee-elb-sg

Let’s add additional InBound rule on the ELB Security Group

ECS Target Group

Let’s create target group to be used by Load Balancer and this use the ECS Service as the target listener.

Then DO NOT select any target (because we are going to use ECS Service later as the target)

Application Load Balancer

ALB is used to front the Target Group created above

Choose ALB

Map to VPC and all subnets

Select the Security Group

Select Listener

ALB is created

ECS Service

Last step, create ECS Service. Let’s prepare the ECS service definition under ‘ecs-service.json’

{
    "cluster": "morningcoffee",
    "serviceName": "morningcoffee-service",
    "taskDefinition": "morningcoffee-taskdef",
    "loadBalancers": [
        {
            "targetGroupArn": "arn:aws:elasticloadbalancing:ap-southeast-1:360909125965:targetgroup/morningcoffee-target-group-ecs-1/70c86ef5db8d66f2",
            "containerName": "morningcoffee-container",
            "containerPort": 80
        }
    ],
    "desiredCount": 1,
    "role": "morningcoffee-role-ecs"
}

Register service using CLI

aws ecs create-service --cli-input-json file://ecs-service.json

ECS Service is created

Test using Load Balancer

Update Container Image

Let’s update the container image

Update the HTML file

<h1>Morning coffee</h1>
<h2>with roti prata</h2>
<img
    src="https://plus.unsplash.com/premium_photo-1669374537810-f88d8ad82818?ixlib=rb-4.0.3&ixid=M3wxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8fA%3D%3D&auto=format&fit=crop&w=1170&q=80" />

Rebuild the image

#!/bin/bash

docker build -t fkarnagi/morningcoffee:1.0.1 .
docker push fkarnagi/morningcoffee:1.0.1

The image can be found in Docker Hub

Let’s update the task definition

{
    "family": "morningcoffee-taskdef",
    "containerDefinitions": [
        {
            "name": "morningcoffee-container",
            "image": "fkarnagi/morningcoffee:1.0.1",
            "cpu": 128,
            "memoryReservation": 128,
            "portMappings": [
                {
                    "containerPort": 80,
                    "protocol": "tcp"
                }
            ],
            "essential": true
        }
    ]
}

Re-register the task definition

aws ecs register-task-definition --cli-input-json file://task-definition-v2.json

Task definition is updated

Now, update the ECS Service to use this task definition version

aws ecs update-service --cluster morningcoffee --service morningcoffee-service --task-definition morningcoffee-taskdef:3

The ECS service is updated

Let’s see the output, it is updated

Finally I serve myself and my family with several nice cups of coffee. Reach out to me, let me know the taste of my self-brewed coffee :)