Open in app

Sign in

Write

Sign in

Using Terraform to deploy a Centos image in a ECS.

Dana Gibson
Nerd For Tech
Published in
7 min readJun 29, 2022

This week I was asked to push a Centos image to ECS using Terraform. This was my first time working with ECS, so the first thing I always do when asked to complete a task I have never done before is try to run through the steps in the AWS console.

After I logged in, navigated to the ECS, and created a cluster, I was immediately faced with a decision…which template should I choose. Fargate?EC2 ? I’d never heard of Fargate, so I started doing a little research about what exactly Fargate was and why I might choose to use it.

Fargate is a serverless environment that removes the need for users to own, run and manage their infrastructures. Fargate will provision, configure, and scale clusters of virtual machines to run containers. When you use Fargate, the only requirement is that you create a cluster, creating a VPC and subnets are optional.

Today’s task was a fairly minor task that didn’t really need EC2 instances, so I opted to try Fargate. I went through and made the appropriate choices, however, I hit my first bump…how do I push my image/container into ECS?? I wasn’t sure so…back to research.

ECR!! I can easily push my container from the AWS CLI to ECR and define my ECR repo in my ECS task definition. Perfect!

After I pushed my container to ECR, I went over to ECS and created a new task (making sure to define my ECR repo in the task). Viola! My image was deployed to ECR…technically my project was complete…but I noticed that the image wouldn’t stay in active state, it stayed in the pending state, until it timed out, in which it would stop. I explored into the details of the stopped container and realized it was because ECS could not pull my container…more research. And I found this:

https://aws.amazon.com/premiumsupport/knowledge-center/ecs-task-stopped/

I need to adjust my permissions in my Task Execution Role. I went back and reran a new task, however, added the AmazonECSTaskExecutionRolePolicy to the Task Execution Role….bingo! Success….now lets recreate it in Terraform!!

Actual Task that was Assigned:

Your team needs you to deploy a Docker container with a CentOS image-

  1. Pull a CentOS image from the Docker registry.
  2. Create an ECS cluster using the docker image with Terraform.

Pre-requisites:

  1. An IDE . I am using AWS Cloud9.
  2. Terraform installed on your IDE.
  3. AWS CLI should be configured within your terminal. This is required so your can use your credentials to move through the script. Otherwise you will need to list your access code and secret access code within your files. This is a dangerous choice as it can be easily copied.

I choose to stick with the monolithic setup today, primarily because there shouldn’t be too many resources to add! (my first mistake thinking this was going to be a quick project). I only used the “main.tf” file, however, you could break the script into multiple .tf files if you choose.

Step 1: Create a directory, “main.tf” file, and cd into that directory.

I have created a directory with the name “ECS-Centos image” and created a file within that directory called “main.tf”. Any file within this directory that ends with .tf will be read when we apply the terraform script.

I will now change into my newly created directory.

$ cd ECS-Centos image

Step 2: Create “main.tf” file.

The link to my ‘main.tf’ file can be found here. I will break it down however, by each section.

First we will list our providers, Docker and AWS.

Next we will create a VPC resource along with our subnets.

I opted to include an internet gateway within my VPC. You could skip this step if you would like, but if you do not include an Internet Gateway, you should probably include a Nat Gateway.

Now we can create our ECS resource. Lines 56 -59 will create a name for the ECS Cluster, lines 61–71 contain the ECS cluster resources and lines 73–109 contain the Fargate module.

MY RABBIT HOLE

This is the point where I got lost….spent endless hours…and honestly still don’t really have a great solution. I have set up my Trraform providers, created the ECS cluster, but am left with pushing my container to ECR….using Terraform.

Pushing an image to ECR is not difficult, in fact AWS gives you the commands to run once your have created your repository (which is also a fairly easy task to do in Terraform). The problem is that there is no nice way to push your container to ECR using Terraform. Every article I read stated Terraform was not made to run the commands to push a container to ECR. I spent two days researching just to be sure that I was not missing something, there are ways you can “create” a work around, but I’m creating this article/project for beginners, and again, this is suppose to be a fairly minor task.

After days of research…I waved the white flag. I know that if I deploy my Terraform infrastructure, the Centos image will be in the ECS cluster (which “technically” is the terms of my project)…however…the container never stays in an active state.

It was not easy for me to walk away from this project at the state it was in, however, the amount of knowledge that I had gained in my two days of research, trial and errors, and conversations with my peers made it manageable. I went from never using ECS, ECR, or Fargate to having a foundational understanding of their capabilities/inabilities and how to navigate through them.

I hope to someday come back to this article and post a part two…but lets continue. (update at the bottom of the article!)

Step 3: Deploy the Terraform Infrastructure.

Now that our main.tf file is complete, we can run the steps of deploying the Terraform infrastructure. We will begin by initializing the backend:

$ terraform init

I like to be sure my code is formatted correctly, so I will run

$ terraform fmt

Now I can run my terraform plan command. This will evaluate the Terraform configuration and make an execution plan.

$ terraform plan

Once we agree with all the changes that will take place and are satisfied with our code, we can apply the configuration and build the infrastructure. .

$ terraform apply

You will need to confirm with a “yes” you want to perform the following actions.

If everything has created correctly, you will receive a message that confirms completion.

Step 4: Verify in the AWS console everything worked correctly

Lets head over to the AWS console and see what we accomplished.

We can see above, the cluster, ‘w20_ecs’, from line 57/58 of our code was created.

If we click on that cluster name, we can see that our ‘ecs-fargate-w20_fargate’ (line 74 was created).

Lastly, if we select Tasks, and select the “task id”, we can see where our Centos image (from line 84) was used to create the ECS cluster.

The image stays in the PENDING state for about 5 minutes, until it times out and moves to the STOPPED status.

Step 5: Tear Down the Infrastructure

Now that we have created the resources, verified that they are working, we need to tear down the infrastructure to avoid charges. We can do this with the command:

$ terraform destroy

Like with terraform apply, we will have to confirm that we would like to destroy the infrastructure.

Once everything has been destroyed, you will get a confirmation.

Technically, the task is complete, we have created an ECS cluster using a centos docker image.

**update…ECR is not indeed needed! Here is an article that I found that does indeed finish the task without ECR! https://medium.com/@jamesaaronbanks/creating-an-ecs-cluster-using-a-centos-image-from-docker-with-terraform-166bd535051b

--

--

Dana Gibson
Nerd For Tech

Written by Dana Gibson

149 Followers
Writer for

DevOps Engineer #LevelUpInTech

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams