Deploying containerized website on AWS ECS using Terraform

Davorin Bosanac

/ 2022-10-28

This knowledge base article will guide you through the process of creating AWS ECS infrastructure that allows you to spin up a simple website inside an ECS cluster using Terraform.

Terraform by HashiCorp is an open-source DevOps tool that helps you build, manage and define infrastructure in human-readable language.

Why Terraform?

  • The main use of Terraform is for writing infrastructure as code to manage public cloud resources such as AWS, GCP and Azure.
  • Terraform allows you to reference output variables from one module for use in different modules. The benefit is that you can create multiple, smaller Terraform files grouped by function or service as opposed to one large file with potentially hundreds or thousands of lines of code.

Technologies & tools:

  • Docker
  • AWS account with sufficient permissions
  • Terraform
  • AWS cli (optional)

After finishing all the steps from this article, you should have a working:

  • ECS cluster
  • Elastic Container Registry (Amazon ECR)
  • Running container
  • Application Load balancer

Note: If you are not familiar how some of the following resources works, check the Documentation section for official AWS documentation

Create a simple website

First, create a working directory for our new terraform build:

1.png

Inside your new directory create an index.html with the following code:

2.png

Create a Dockerfile

In this step we are creating a Dockerfile which we will use to build an image that we will run inside our ECS containers. If you are new to Docker, check the official Docker guide for more information.

Create a Dockerfile with the following code:

3.png

Note: make sure that port 80 is exposed by the Docker

Configure environment variables

Before we start working with Terraform files, make sure that you have the following environment variables configured:

4.png

Create an ECR repository

Once the Dockerfile is ready we can start creating our ECR repository which we will use as a source for our container images. In this step we will create main.tf file, which is our main configuration file.

Create a main.tf and copy the following code inside:

5.png

By the end of this step our working directory structure should look like this:

6.png

After you are sure that all the files are in the right place, run:

7.png

After running terraform apply you will be presented Terraform execution plan. If everything looks in order, type yes.

8.png

Build and push your image to ECR

Once terraform finishes creating you ECR repository, you can build your image and push it into ECR using the following steps:

1 Authenticate yourself with ECR

9.png

2 Build a Docker image using the following command

10.png

3 After the build is completed, tag your image so you can push the image to your repository:

11.png

4 Run the following command to push this image to your newly created AWS repository:

12.png

Important: replace AWS_ACCOUNT_ID and AWS_DEFAULT_REGION with your own, also you can find all push commands for your repository in AWS Management console -> Amazon ECR -> View push commands

Create the ECS cluster

In order to create a new cluster for our website, add the following code to our main.tffile:

13.png

After the resource is added, run terraform apply

Create AWS Application Load Balancer & Target group & ALB Listener

In this step we are creating resources that we will use to manage our website’s traffic.

Add the following code to our main.tf:

14.png

  • Before running terraform apply make sure the values for and are correct
  • Make sure that aws_alb_target_group resource has the same port mapping as your application
  • For HTTPS protocol check the ALB listener documentation

Create IAM role & role policies

After we created our Load Balancer, we can proceed creating necessary IAM roles for our task.

Copy the following code to main.tf:

15.png

  • Here we created an IAM role called ecsTaskExampleRole with assume_role_policy policy that grants our role permissions to assume the role
  • Once the role is created, we are attaching AWS managed AmazonECSTaskExecutionRolePolicy policy which grants us permissions to execute tasks

Create AWS Service & AWS ECS task definition

After we are done with creating IAM roles, we can proceed with creating our service

Copy the following code to your main.tf:

16.png

  • First, we are creating aws_ecs_service resource and attaching a Load Balancer to it
  • ECS task definition is controlled by ECS service in this case
  • ECS task definition contains our container description

After we have created all the resources from above, log in to your AWS Management console, navigate to your ECS cluster and check the health of your containers. If everything works, there should be three healthy containers running. If all of the containers are up and running, we can check our Load Balancer’s A record to see if our deployment was successful.

Conclusion

Terraform lets us define infrastructure resources in human-readable configuration files that you can version, reuse, and share with others. Also, Terraform allows us to use a consistent workflow to safely and efficiently provision and manage your infrastructure throughout its lifecycle.

Documentation:

- AWS ECR

- AWS ECS

- AWS ALB

- AWS listener

- AWS IAM role

- AWS task definition

Share This Story, Choose Your Platform!

Share This Story

Drive your business forward!

iOLAP experts are here to assist you
LET’S GET STARTED