Containerizing an Application on AWS with EC2, ECR, ECS, and Fargate
Deploying a Web Application on AWS With EC2|Docker|ECR|Fargate.
Special Thanks to my Tutor, Bunmi Agbomeji.
Introduction.
This project is a step-by-step guide to deploying and containerizing a simple web application on AWS using EC2, Docker, Amazon ECR (Elastic Container Registry), and ECS (Elastic Container Service). The walkthrough begins with launching an EC2 instance, installing Docker, and building a custom Docker image running an Apache web server on AlmaLinux. From there, the project covers pushing the Docker image to a private ECR repository, creating IAM roles and permissions, and configuring ECS to run the containerized application. Finally, it explores how to expose the application to the internet using an Application Load Balancer for scalability and high availability.
In short, the project demonstrates how to move from a basic web app running in Docker on EC2 to a fully containerized and managed deployment with ECS and ECR, highlighting core AWS DevOps practices along the way.
Step 1.
Go to your AWS Portal and sign in with your credentials as an IAM user, select a region, for the cause of this project, I will be selecting Region United States, N. California (us-west-1), then navigate to your AWS console and create an EC2 instance.
Step 2
Click on Launch Instance.
Give your instance a name, select a Linux image, create a key pair, and download it.
Beside Network, click on edit, change the security group name and description to your desired name.
In the inbound security group rule, select the following:
Type=HTTP, Source Type=Anywhere. Go to the Source Tab, add the info 0.0.0.0/0
Click on Add security group rule. Leave everything at the default and launch your instance.
Note that we are having 2 security groups, the first one with SSH, and the Second one we just edited.
Step 3.
After creating, click on the instance ID and click on the connect button, and connect using the SSH client.
Step 4.
Navigate to your power shell,
Run - ssh -i (your keypair path) (your ec2user ip) and enter. To connect.
Step 5.
After connecting,
Run - sudo su - To enter into root account.
Run - yum update -y To update your packages.
Run - curl -fsSL https://get.docker.com -o get-docker.sh To download docker.
Run - yum install docker -y To install Docker.
Run - docker —version TO check if it’s installed.
Step 6.
Run - systemctl start docker To start docker.
Run - systemctl status docker To check docker status.
Type letter q To come out from docker status.
Step 7.
Run - mkdir (your directoryname) To create a directory.
Run - cd (name of your directory) To enter your directory.
Run - vi dockerfile To open your text editor and create your Dockerfile. we will build a small server that uses AlmaLinux 8, installs Apache, copies our website (index.html), and starts a web server so people can visit our site through port 80. Here is the Text that will be copied into our Dockerfile
Write your Docker instructions: e.g;
FROM alimalinux:8080
RUN dnf install -y httpd && dnf clean all
COPY index.html var/www/html/
CMD [“/usr/sbin/httpd“, “-D“, “FOREGROUND”]
EXPOSE 80
Step 8.
Run - ecs:wq To save and exit.
Run - vi index.html To open your text editor and type or paste your index.html code. to paste Type, esc:set paste.
Type, esc:wq To save and exit your code.
Run - cat index.html To see whats in your text editor
Run - docker build . -t (give your image a name) & enter To build your image.
Step 9.
After building our image, next step is to create and run our container, but before we create our container we will have to login our dockerhub account on the terminal first,
Run - docker login, insert your username and password.
Run - docker images To see your images.
Run - docker run -d -p 80:80 --name (yourcontainername) (your image name) To create a container.
Run - docker ps To check your container.
Step 10.
After creating our Container successfully, the next thing to do is to CREATE ECR WITH A ROLE/PERMISSION, navigate to aws console and search for ECR, and click into it. Then we click on create a repository Please note that we will create our repository in a private repository, not a public repository.
give our repository a name and leave every other thing on default, and click create.
Before We Proceed to the Next Stage, we want to know if our application we deployed earlier, is actually running. We head to our EC2 instance and copy our Public address and paste it into our web browser. Once it opens our web app, then it means we are up and running.
TO CONTAINERIZE OUR APPLICATION USING ELASTIC CONTAINER SERVICE(ECS) AND ECR
Go back to the ECR repo, click on View push commands. to see your push commands.
Go to IAM & click on roles on the left side option, to create a role.
Click on create role, scroll down & drop down service or use case & select EC2 & click next.
On the permission policies search bar, search for administrator Access & check it box.
Scroll down & click next, give the role a name & click on create.
Step 11.
Navigate to your users, double-click on your user name & click on Create Access key.
Select the command line interface under use case, check the confirm box & click next & create.
Step 12.
After creating access key, navigate back to ECR & copy your push commands and paste it back on your terminal step by step.
Before pasting your first push command,
Run - aws configure Get your access key & secret you created. put your region & enter.
Run the first push command to log in successfully & skip the second build command since we build already.
Then copy & paste the third push command.
Before you run the command, check the command clearly anywhere you see a name:latest and change that name to your image name:latest.
Run the fourth docker push command by changing the name;latest to your imagename; latest, and enter To push your image.
If it gives an error that the repository with the image does not exist, create a new repository that has same name as your image name.
Run - aws acr create-repository —repository-name (repositoryname) To create a new repository. the repository name should be the same as your image.
Then run back the Docker tag and Docker push commands as stated before.
Step 13.
Navigate to EC2, scroll down on the left side options, and look for load balancer and click into it.
Click on create load balancer, select and create application load balancer since we are creating a web app.
Give your load balancer a name, select your vpc and subnets and select your security group.
Under listener and routing, click on create target group.
Give it a name, scroll down under health check, and drop down Advanced health check settings.
Reduce the health threshold to 2 and click on next, and click on create.
Navigate back to your load balancer page, drop down the target group box and select your new target group, and create your load balancer.
Step 15.
Note that if it has an error, you can skip it and move to creating your task definition.
Navigate to IAM, click on roles, click create role, search for Elastic Container Service and select under use case, and click on next.
Under permissions, search Amazon ECS task execution policy and select it. Click next and give your rule a name, and click create.
Navigate to Ecs, on the left side option click into task definition, and click create. Give it a name, scroll down under task role, click the dropdown and select our new role we created, and the same to task execution role. scroll down and create.
If you forget to add your URL and name under the container, it won’t be successful.
Navigate back to ECR and copy your image URL and its name, then come back and paste it in the ECS under container and create your task definition.
Step 16.
Navigate to the cluster on the left side options and click into it.
Give your cluster a name and create.
Step 17.
After successfully creating your task definition and cluster, within your cluster after service.
Click create service, scroll down under deployment configuration and task definition family and click the dropdown and select your task definition.
Give it a name, and change your desired tasks to 2.
Scroll down under networking, click the dropdown, and scroll down to security group and select create a new security group.
Give it a name, scroll down to inbound rule, under Type, select=HTTP, under Source, select=Anywhere, and click create.
To create your service. Besides service within your clusters, check on tasks, infrastructure, etc.
Get your public IP address or DNS link and paste it into a new browser and paste to see your web app.
NOTE, if you don’t have or create a load balancer, you can’t see your DNS link for your web app.
Please note that in this Project, even though we set up Load Balancing, we did not integrate it with our Cluster Services.
SUCCESS…….
I hope you find my post helpful, and it can guide you through the process with no difficulties.
Join me on this cloud adventure and elevate your tech skills! Sign in to the Azure portal, follow my easy instructions, and unleash the power of being in the cloud.
Subscribe to my blog for more tech tips and tricks that will keep you ahead in the digital game. Your journey to mastering Cloud computing starts here!
🌟 Thank you for being a part of this incredible journey! Together, let's unlock new opportunities and make the most out of our digital experiences. Happy computing! 🌟
