This quickstart guide helps you to quickly run a containerized application on AWS. For startups/smaller projects the setup is production ready and easily extensible to fit more advanced needs. All the required resources can be created in a single command by using Terraform. The final setup is depicted below.
- An application that runs on https://sample-app.your-domain.com.
- TLS encryption i.e. https works.
- Optional hosting in 2 AZ's for maximum reliability.
- Low price setup by utilizing spot instances.
- Git Repository Clone: terraform-ecs-fargate-spot-quickstart.
- Your Containerized Application
- Terraform Installation
- AWS CLI v2 Installation
- A domain on AWS
- Alternatively, you can also just create a DNS zone delegation to manage subdomain.your-domain.com via AWS while leaving your-domain.com at your previous DNS provider.
Check out config/sample-app.tfvars and modify the variables to serve your needs. The variables are also explained in variables.tf.
You may store the Terraform state in this git repository. To do so comment out the following section in main.tf that configures s3 a remote backend.
terraform {
# backend "s3" {
# bucket = "my-terraform-bucket"
# key = "app.tfstate"
# region = "eu-central-1"
# }
}
If you want to use s3 to store Terraform state create a bucket as follows:
aws s3api create-bucket --bucket my-terraform-bucket --region eu-central-1 --create-bucket-configuration LocationConstraint=eu-central-1
terraform init
Run terraform apply to deploy this setup. Terraform will display the resources that will be created and you can confirm the changes. Creating the resources on AWS takes some time ~10 minutes.
terraform apply --var-file config/sample-app.tfvars
Visit sample-app.your-domain.com to verify that the setup worked. If you deployed the nginx image. It should look as follows:
terraform destroy --var-file config/sample-app.tfvars
You can use Terraform workspaces to manage multiple apps via this terraform module. Let's say you want to manage sample-app1 and sample-app2. You can create workspaces for each app as follows:
terraform workspace new sample-app1
terraform workspace new sample-app2
and switch to a workspace using terraform workspace select sample-app1.
You can create a second ECS service to host another app. The load balancer costs ~20$ per month, therefore I recommend to share the load balancer between the apps.
I recommend to use a managed database created by RDS. You can just configure the database url via an environment variable.
AWS provides their own quickstart. However, I did not like the quality. That's why I created this setup. Check it out here: https://github.com/aws-quickstart/terraform-aws-ecs-fargate
If you enable multi-az in the configuration. The app will be deployed across 2 availability zones. I.e. you won't have any downtime even if AWS kills one of your spot instances. The setup will just start another instance and in the meantime traffic is routed to your other replica only. The probability of your spot instance to get killed is <10% for a whole month. For many instances its < 5%. Check out information for specific instance types here: https://aws.amazon.com/ec2/spot/instance-advisor/
We use 1password to store the configuration files for Terraform.
Note: 1Password allows you to create the same configuration multiple times. If that happens you will have to delete one version o.w. updating the config will fail.
MYAPP=sample-app
op document create --vault demo-apps config/${MYAPP}.tfvars
terraform apply --var-file ${MYAPP}.tfvars
First, retrieve the latest app configuration.
MYAPP=sample-app
op document get --vault demo-apps ${MYAPP}.tfvars > config/${MYAPP}.tfvars
Then, edit the config file locally, update the documents in 1password and apply the changes via Terraform.
op document edit --vault demo-apps ${MYAPP}.tfvars config/${MYAPP}.tfvars
terraform apply --var-file ${MYAPP}.tfvars
A good first step is to visit ECS in the management console and check out if the tasks throw any errors.