AWS Cloud Computing Containerization DevOps Docker Terraform

Deploying Docker Container to an AWS Cluster Using Terraform

June 15, 2022
Henry
332

This is an extensive walk through on using Terraform to deploy a docker container to an AWS ECS cluster. But before we get begin, lets define some terms.

Infrastructure as Code: As the name implies deploying your infrastructure as code. To be more specific readable code. It’s not a programming language per say but more so a set of easy-to-follow instructions on how an infrastructure should be set up and maintained.

Terraform: is an open-sourced Infrastructure as code tool that is used for the provisioning of a complete cloud infrastructure.

Docker: is an open-sourced platform that allows developers to easily build and deploy their applications on containers that can run on the host operating system. Simply put Docker solves the age old problem:” It doesn’t work on my operating system or machine”.

AWS ECS: According to https://aws.amazon.com/ecs/ Amazon ECS is a fully managed container orchestration service that makes it easy for you to deploy, manage, and scale containerized applications.

Requirements

  • Pull a centos image with from the Docker registry.
  • Create an ecs cluster using the docker image with terraform.

Prerequisites

  • An IDE of your choice.
  • An AWS Account.
  • Terraform already installed and configured.

Step 1. Create Project Folder

Create a new folder for our project. I will name mine “terraform_aws”.

Step 2. Create Accompaning files

Once the folder or the directory has been created, within said directory create the following files: providers.tf, variables.tf, vpc.tf, subnets.tf, main.tf, terraform.tfvars, and last .gitignore. The files can be either by right-hand clicking and selecting “new file” or by entering the command “touch filename.tf” on the terminal portion of your IDE.

Files creation

Step 3. Providers.tf

Providers are plugins that allow Terraform to interact with services, cloud providers and other APIs. Simply put think of it as a bridge between Terraform and those other services. Considering we’re pulling an image from Docker and deploying it to AWS cluster, we need to ensure both services are listed as our providers. Our access key and secret key are inputted as variables for a specific reason we will touch on later.

providers.tf

Step 4. variables.tf

Similar to most programming languages, variables are a means to assign or pass on values. In this file we set up our region, our CIDR block, as well as both as our access and secret keys. Speaking of access and secret key, being that the variable.tf will be housed in our repo where others can see, the values for our access and secret will not be assigned on this file. Instead those values will be stored in a terraform.tfvars. Sensitive will be set to = true in order to avoid any sensitive information from being displayed.

variables.tf

Step 5. vpc.tf

When using ECS to deploy a container, it is strongly recommended to do inside of a vpc.

vpc.tf

Step 6. Subnets.tf

subnet.tf

Step 7. Main.tf

To create your main.tf file click on the following link, and use as reference.

resource "aws_ecs_cluster" "cluster" {
  name = "demo_ecs_cluster"

  capacity_providers = ["FARGATE_SPOT", "FARGATE"]

  default_capacity_provider_strategy {
    capacity_provider = "FARGATE_SPOT"
  }

  setting {
    name  = "containerInsights"
    value = "disabled"
  }
}

module "ecs-fargate" {
  source  = "umotif-public/ecs-fargate/aws"
  version = "~> 6.1.0"

  name_prefix        = "ecs-fargate-example"
  vpc_id             = aws_vpc.ecs_vpc.id
  private_subnet_ids = [aws_subnet.private_subnet_1.id, aws_subnet.private_subnet_2.id]

  cluster_id = aws_ecs_cluster.cluster.id

  task_container_image   = "centos"
  task_definition_cpu    = 256
  task_definition_memory = 512

  task_container_port             = 80
  task_container_assign_public_ip = true

  load_balanced = false

  target_groups = [
    {
      target_group_name = "tg-fargate-example"
      container_port    = 80
    }
  ]

  health_check = {
    port = "traffic-port"
    path = "/"
  }

  tags = {
    Environment = "test"
    Project     = "Test"
  }
}

Step 8. terraform.tfvars & .gitignore

.gitignore is a file text that tells Git which files or directories to ignore when committing your project to Github. Our terraform.tfvars file will be the file ignored for it contains our secret and access keys. Use this link to get your Keys.

aws_access_key = "<your aws access key>"
aws_secret_key = "<youraws secret key>"
terraform.tfvars

Step 9. Commands

Once all of our files have been created, please run the following commands from the terminal.

Terraform init — in order to initialize our working directory containing your terraform code

terraform init command

Terraform plan — is used to preview our infrastructure prior to executing your terraform code.

terraform plan

Terraform apply — is used to apply all the changes specified in the plan into motion.

Step 10. Check Console

Head to the management, console to ensure that all our resources have been created. On the search bar, type ECS, and once the ECS dashboard is displayed, click on cluster to check if your cluster was created.

ECS console

Step 11. Destroy

Once you’ve confirmed that the resources were successfully created, in order to avoid unnecessary charges, ensure that all resources are destroyed. This can be achieved by entering the Terraform destroy command in your terminal.

You can get this code on github using this link.