Create and Run AWS ECS Task programmatically using .NET 5, C# & AWS ECS SDK
Hello folks! In this story we will learn how to programmatically deploy a dockerized Web API to an AWS ECS Task, run it, access and test it, all in .NET 5 and C#.
Prerequisites
You should have basic knowledge of AWS EC2, ECR, ECS Cluster, ECS Tasks and CloudWatch Logs. Refer to AWS documentation for a thorough understanding of AWS ECS and its components.
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html
You should have an AWS account with ECS cluster created with a VPC and appropriate security groups and subnets that can be accessed through Internet (to test our Web API). You also need an IAM user with programmatic access through Api Key and Secret Key with permissions to manage AWS ECS services and AWS CloudWatch Logs of your AWS account.
The Story…
This sample Visual Studio 2019 solution has two projects. A simple ASP.NET Core Web API project with a simple controller, Echo, which has a HTTP Get endpoint to echo the message passed on to it. This ASP.NET Core Web API project has a docker file, which is used to build the docker image for the API. Second project is console application and is the core sample, which demonstrates the following…
- Create AWS ECR Repository using AWS ECR SDK
- Push Web API docker image to the AWS ECR Repository
- Create a CloudWatch Log Group using AWS CloudWatchLogs SDK
- Create a ECS Task definition in the configured ECS Cluster using AWS ECS SDK. This Task definition uses the ECR repository reference and the log group reference
- Launch/Start the ECS Task within the configured subnet and with configured security group (Enable Public IP for the Task while launching)
- Get the Public IP of the running task container using AWS EC2 SDK
- Call the echo endpoint with a custom message, which will be echoed back to our program
- Stop the task container
Here is the GitHub link to the sample…you have to put your AWS related Api & Secret Keys and other settings in the appsettings.json file in the console application project, based on your AWS account configuration.
Step 1 & 2:
Create AWS ECR Repository using AWS ECR SDK.
Push Web API docker image to the AWS ECR Repository.
These steps are explained in detail in our other story (link given below).
Step 3: Create a CloudWatch Log Group using AWS CloudWatchLogs SDK.
We want to enable CloudWatch Logs by default on any task to monitor and analyze it. Hence we need a Log group to be associated with a task definition. The code snippet below demonstrates creating a log group using AWS CloudWatchLogs SDK.
Step 4: Create a ECS Task definition in the configured ECS Cluster using AWS ECS SDK. This Task definition use the ECR repository reference and the log group reference.
Creating a ECS Task definition requires the reference to the AWS ECR Repository where the docker image exists, from which the task container has to run. Task definition also requires the log group name (the log group should already exists, see Step 3). We will be creating a FARGATE Task, where the sourcing of appropriate compute resources will be taken care by ECS infrastructure. The code snippet below demonstrates this step.
Step 5 & 6:
Launch/Start the ECS Task within the configured subnet and with configured security group (Enable Public IP for the Task while launching).
Get the Public IP of the running task container using AWS EC2 SDK.
Now that we have the task defined and our docker image available in the AWS ECR, we can go ahead and launch the Task. When we launch a Task, ECS will create an instance of the docker container where our Web API docker image will be run. This is similar to having a small computer with a public IP running our Web API application. After launching the task, we wait till the Task is running and collect the Public IP assigned to our task container. Below code snippet demonstrates these two steps.
Step 7 & 8:
Call the echo endpoint with a custom message, which will be echoed back to our program.
Stop the task container.
We make a simple HTTP client call into our Web API echo endpoint running inside our task container. In Step 6, we already obtained the task container public IP, so we just form appropriate URL and call it using the .NET HttpClient. Once we are done with the API call, we stop the task so that we don’t get billed by AWS, while we are not using the task container!! Below code snippet demonstrates these steps.
Voila, we are done with one nice task of dynamically spinning up containers with our Web API in cloud (AWS).
Happy AWS coding!
PS: There are better ways to manage Web API in AWS. We will cover those as improvements to what we saw here. But understanding the contents of this story will enable you to think of improvisations, and this story covers fundamental concepts that you need to be aware of as a AWS Cloud Native developer.
