Containing the Chaos Part 3 of 3: Amazon Elastic Container Service (EC2) | Amazon Elastic Load Balancing (ELB) | Terraform

This article is part of a three-part series:

Containing the Chaos Part 1 of 3: Docker | Amazon Elastic Container Registry (ECR)
In part 1, the application will be placed into a container image. The container image will then be stored in the Amazon Elastic Container Registtry (ECR).

Containing the Chaos Part 2 of 3: Amazon DynamoDB | Amazon Simple Storage Service (S3) | Amazon Elastic Container Services (ECS) | AWS Fargate | Terraform
In part 2, the DynamoDB table and Amazon S3 buckets will created using Terraform. Further the Amazon Elastic Container Services (EC2) cluster will be initiated on AWS Fargate.

Containing the Chaos Part 3 of 3: Amazon Elastic Container Service (EC2) | Amazon Elastic Load Balancing (ELB) | Terraform
In part 3 (the final part), the task definition will be created for the cluster. A service will be created to handle running the defined tasks. The application will then be tested. Finally, will decommission the resources.

For background on this series, go here:

Containing the Chaos! | A Three-Part Series Demonstrating the Usefulness of Containerization to HumanGov

1 of 11. Grab some information to be prepared.

Terraform apply output: S3 bucket name. Terraform apply output: dynamodb table name. ECR repository for app: public URI. ECR repository for nginx: public URI. EC2 security group that permits port 80 to the VPC containing the containers: security group ID.

2 of 11. Create Task definision

Here, will use the URIs, buckets, and table names you noted earlier.

Amazon Elastic Container Service -/- Task definitions -/- [Create new task definition] -/- [Create new task definition] - Task definition family: humangov-fullstack - Launch type: AWS Fargate - OS: Linux/x86/64 - Task size: 1 vCPU / 3 GB - Task role: HumanGovECSExecutionRole - Task execution role: HumanGovECSExecutionRole - Container 1: - Name: app - Image URI: public.ecr.aws/i7y0m4q9/humangov-app - Essential container: yes - Container port: 8000 - Protocol: TCP - Port name: Keep auto-generated - App protocol: HTTP - Environment variables [Add environment variables] [KEY] [VALUE] - AWS_BUCKET = humangov-california-s3-nlge - AWS_DYNAMODB_TABLE = humangov-california-dynamodb - AWS_REGION = us-east-1 - US_STATE = california [Add more containers] - Container 2: - Name: nginx - Image URI: public.ecr.aws/i7y0m4q9/humangov-nginx - Essential container: no - Add port mapping: - Container port: 80 - Protocol: TCP - Port name: Keep auto-generated - App protocol: HTTP [Create]

3 of 11. Create service.

Make sure the selected security group permits port 80 to the selected VPC.

Select the task definition just created -/- [Deploy] -/- [Create service] - Existing cluster: humangov-cluster - Compute options: Launch type - Launch type: Fargate - Platform version: latest - Application type: Service - Service name: humangov - Desired tasks: 2 - Networking: - VPC: Default - Security Group: sg-0bec9482b6dd20064 (make sure it permits port 80) - Load Balancing: - Load balancer type: Application Load Balancer - Create a new load balancer - Load balancer name: humangov-lb - Choose container to load balance: nginx 80:80 - Listener: create new listener - Port: 80 / Protocol: HTTP - Target group: - Target group name: humangov-tg - Health check path: / [Create]

4 of 11. Connect to the application

Elastic Container Service > Clusters > humangov-cluster -/- Services -/- humangov -/- Networking Look for" DNS names"

5 of 11. Test the application

Add sample user to the web page.

6 of 11. Check the infrastructure

Note URL references the load balancer By mapping the task to elastic network interface (ENI) to availability zone, show that the application is highly available Find user added inside dynamodb table Find file added in S3 bucket Show All ECS services are ruunning

7 of 11. delete the cluster

First, delete the service [force deletion]. then, delete the cluster.

8 of 11. More clean-up: delete ECR repository

Make sure to delete both repositories: humangov-app and humangov-nginx.

9 of 11. More clean-up: cleanup the S3 bucket

Delete the files inside the bucket

10 of 11. More clean-up: terraform destroy

11 of 11. More clean-up: Delete the access key and re-enabled managed credentials.

Don't forget to remove that access key you created earlier. There is no need for it now. Also,re-enable the managed credentials on Cloud9 and delete the export.sh file.

References

Amazon ECS on AWS Fargate

Amazon Elastic Container Registry Documentation

Amazon Elastic Container Service Documentation

Amazon Elastic Compute Cloud Documentation

Amazon DynamoDB Documentation

Amazon Simple Storage Service Documentation

AWS Cloud9 Documentation

Elastic Load Balancing Documentation

AWS Identity and Access Management Documentation

Docker Docs

Documentation | Terraform | HashiCorp Developer

Python 3.12.1 documentation

nginx documentation

Lewis Lampkin, III - Blog

Lewis Lampkin, III - LinkedIn

Lewis Lampkin, III - Medium

Comments

Post a Comment

Popular posts from this blog

"This site uses cookies from Google to deliver its services and analyze traffic. Your IP address and user-agent are shared with Google along with performance and security metrics to ensure quality of service, generate usage statistics, and to detect and address abuse."
Read more

Orphaned No More: Adopting AWS Lambda

Image
Background HumanGov is a Model Automated Multi-Tenant Architecture (MAMA) that is meant to be used by the 50 states for personnel tracking. Currently the architecture is fully automated on AWS. The architecture is not ready for go-live. All actions so far are for a proof-of-concept that is presented to the Chief Technical Officer (CTO) for review. During the weekly team meeting, Ko (User Experience Lead) reports that his team has performed thousands of tests against the infrastructure, with moves, adds, and changes, and is not finding any issues in the application user interface. Woo (Infrastructure Lead) reports that there are hundreds of 'orphaned' files in the S3 bucket. (These files are considered 'orphaned' because they do not have corresponding records in the DynamoDB table.) Kim (Tech Lead) reports that there is not a trigger to delete the file from the bucket when a user is deleted from the DynamoDB database. Brady (Lawyer) reports that not deleting t
Read more

Containing the Chaos! | A Three-Part Series Demonstrating the Usefulness of Containerization to HumanGov

Background HumanGov is a Model Automated Multi-Tenant Architecture (MAMA) that is meant to be used by the 50 states for personnel tracking. Currently the architecture requires Amazon Elastic Compute Cloud (EC2) instances that are maintained by the HumanGov systems administrators. The systems administrators handle all the patching, operations, etc. Due to states wanting their data separate from each other, each state gets a separate set of EC2 instances, which means that as the application scales from one state up to 50 states, the systems administrators will have to patch 50x as many EC2 instances. The system administrators report that they have begun to schedule more and more overtime to handle the maintenance windows for updating the EC2 instances. The lead developer remarked that it was taking longer and longer for new application deployments to get rolled out as the infrastructure grew and more states came on board. By the way, the development environment does not have standa
Read more