Say you have a couple of RESTful microservices at endpoints /c1 & /c2. Let’s look at how we can get these deployed on ECS. Here’s what we’re aiming for:
- Each microservice will have its own independent docker image/container & endpoint.
- Each container will become an ECS task.
- Replication & auto-scaling of each task will be handled by an ECS service.
- Each service can define how many replicas it wants running for its task. This way, we can scale each microservice independently.
- All ECS services come together in an ECS cluster.
- A listener of an Application Load Balancer (ALB) performs path-based routing to target groups hosting microservice containers.
- Each ECS service consumes a single path of the ALB’s listener to route requests to its tasks (containers).
- Since we’re using fargate, we cannot control the containers’ host port mappings, which means that each of our microservices must be running on a different port.
I’ve described the basics of ECS here. We’ll build on those concepts here to set this up. Assuming you have the microservices’ Docker images ready & pushed to a repo, let’s begin by creating ECS task definitions. Open Task Definitions from the ECS console & click Create:
Select Fargate & click Next. In the next screen, click Add Container & enter the container name, image & health check params:
Make sure you specify port mappings otherwise a load balancer cannot be used with it:
Add the container & finish creating this task definition. Similarly, create another task definition for container c2 as well.
Next, let’s create a cluster to hold all our ECS resources. From the ECS console, go to Clusters & click Create Cluster. Select Fargate, enter cluster config & click Create:
Before we can create an ECS service, we’ll need an ALB ready. ECS won’t create it for us. So let’s switch to the EC2 console, go to Load Balancers from the menu & click Create Load Balancer:
Select ALB, leave it as internet-facing & keep the default listener as it is:
Select VPC & one public subnet per AZ & move on to the next step. Create or select security group(s) & create a new target group:
Do not register any targets in the next screen. ECS will do that when it deploys tasks. Finish creating the LB.
Back in the ECS console, open our cluster & click Create Service:
Enter all parameters & go Next. In the next screen, select VPC & one private subnet in each AZ. Create or select security group(s) & select ALB:
Select the ALB we created & disable service discovery:
In the “Container to LB” section, click “Add to LB” against the container & configure as shown:
Finish creating the service & create a similar one for task c2 as well. Wait for all tasks in the Tasks tab of the cluster to reach the RUNNING state. You can now use the LB DNS name to hit your APIs:
(Part 5/6 in AWS series)
“Harish KM is a consultant at Systems Plus. The content of this blog is personal & for information purposes only, and is subject to change. Reader discretion is advised”