Running Microservices on AWS ECS using Fargate Container

-


Background 

Purpose of the tutorial is to understand and demonstrate on how to run microservices on AWS ECS using fargate managed service.  This is enabler tutorial to get started with AWS environment. As we proceed, I will try to expand this architecture to make it ready for enterprise level project by adding components like API Gateway, Cloud Map, Service Mesh, authentication, VPC, Private and public subnet, Secret manager, KMS and much more.

Technologies used 
  • Microservices : Java
  • Docker
  • ECS
  • Fargate
  • Load balancer
System Overview



Prerequisite  :
1. AWS account
2. Microservice containerized Image: For the purpose of the demo I have already created
microservice using java and hosted it in dockerhub  public repository. 
Repo : https://hub.docker.com/repository/docker/nishsapkal/microservices
        Tag : nishsapkal/microservices:barebonespringboot

Steps :
Login to AWS console and navigate to the elastic container service (ECS)

Step 1 Cluster
  • Cluster is logical grouping of services. Cluster configuration do have below keys sections which needs to be selected -
Name : Logical name for the cluster. In our case its microservices






  • Networking : To define the VPC under which your cluster will be running. I have created VPC with public and private subnet but for this enabler demo you can use default subnets 


 






  • Infrastructure : We will select infrastructure as AWS fargate 

Step 2: Task Definitions

  • Configure Task Definitions








  • Environment configuration













We will not modify rest of the parameters and relook at them in the subsequent sections as and when required.

 Step 3: Service Creation








  • Deployment options : Keep the default value
  • Networking :  It will take the values that we have defined during cluster creation as service should be running within same cluster
  • Security group : Ideally we should only allow traffic from load balancer to the service but for this demo we can even use security group to allow traffic. We will correct security posture in subsequent sections.  Below snippet shows the inbound and outbound rule set for the security group that I have selected 






  • Load Balancing : internally ECS will create a load balancer for you which you can see in EC2 > Load balancer section 



 





  • Target group:  internally ECS will create a load balancer for you which you can see in EC2 > Load balancer > Target group section 
  • As AWS will be provisioning the resources, this step will take some time. Status can be viewed in cloud formation (i can cover this in separate post as well) 










  • Once created you can click on service > load balancer to get the DNS name


 





  • We should be able to access the service at URL
        http://<loadbalancerURL>:8080/search


 

 




 

Comments

Post a Comment