In ECS we have 3 types of cluster templates.
An Amazon ECS cluster is a logical grouping of tasks or services.
Clusters are region specific.
Because ECS has been a foundational pillar for key Amazon services, it can natively integrate with other services such as Amazon Route 53, Secrets Manager, AWS Identity and Access Management (IAM), and Amazon CloudWatch providing you a familiar experience to deploy and scale your containers. ECS is also able to quickly integrate with other AWS services to bring new capabilities to ECS.
First we need to understand ECS terminology:
Container Definition:-Nothing but container image and container level settings (Example: Container Image, Port, registry, Environment Variables to pass to container etc)
Task Definition:- A task definition is required to run Docker containers in Amazon ECS. The Docker image to use with each container in your task. How much CPU and memory to use with each task or each container within a task. The launch type to use, which determines the infrastructure on which your tasks are hosted
Service:- An Amazon ECS service enables you to run and maintain a specified number of instances of a task definition simultaneously in an Amazon ECS cluster
Cluster:- An Amazon ECS cluster is a logical grouping of tasks or services. If you are running tasks or services that use the EC2 launch type, a cluster is also a grouping of container instances. If you are using capacity providers, a cluster is also a logical grouping of capacity providers.
As a part of this blog we are going to implement EC2+Linux Networking Cluster from scratch using AWS Management Console. Below is the architectural diagram of our ECS implementation
Table Of Contents
- Create Custom VPC Creation And Internet Gateway Association
- Create Public Subnet Creation And Internet Gateway Association
- Create Private subnet creation and NAT gateway association
- Create Application Load Balancer And Target Group
- AWS ECS EC2+Linux Networking Cluster Creation In Action
Create Custom VPC Creation And Internet Gateway Association
- Create your custom private VPC.[10.0.0.0/16]
- Enable DNS hostname for VPC.
- Create internet gateway.
- Associate Internet gateway to custom VPC.
- Add internet gateway entry to main route table. Create 4 subnet with below CIDR
Create Public Subnet Creation And Internet Gateway Association
- Create public subnet, While creating 2 public subnets allocate different availability zones
- Enable auto assign public IPV4 for public subnets.
- Create custom public route table.
- Add IGW route table entry to this custom table and associate public subnets with this public route table.
Create Private subnet creation and NAT gateway association
Create private subnet , While creating 2 private subnets allocate different availability zones
Create NAT Gateway > Go to VPC > NAT Gateways > Add Name > Select Public subnet where your NAT Gateway is going to deploy >Select existing EIP or click Create Allocate Elastic IP (this will create a new EIP and assign to NAT) and click Create NAT Gateways. Wait for NAT Gateway Status to become available
- Create custom private route table and associate private subnets with this private route table.
- Associate Nat Gateway to Private route table.
Create Application Load Balancer And Target Group
- Create application loadbalancer > Enable HTTP listener > Create target group > Configure Security group
AWS ECS EC2+Linux Networking Cluster Creation
- Create EC2+Linux Networking Cluster.
- Below we have selected our custom VPC and private subnets.
- Create new task definition by providing Task definition name,Task role,Network Mode,Task size,Container image name | Image path | Memory limits | Port mappings. Note make sure to keep host port as 0 because we are going to use loadbalancer and a task definition can have multiple container added together which will run under one task.
- Create a service now and add our task definition. Here we will add servicerole,loadbalancer,container to load balancer loadbalancer listener, autoscaling in ecs for task
- Modify security group of 2 EC2 instances and make them as all traffic coming from load balancer security group.
- Final review of cluster. Below you will see EC2 cluster we have created along with service created under this cluster and task definition associated with it.
- In below image you will see EC2 instances on which our container are running.
This post provides an overview of ECS benefits, feature, functionality and one hands-on demonstration to understand and launch ECS Cluster from scratch .
Stay tuned for my next blog.....