Are you like me and want your containers up and running fast and simple and with as little configuration as possible? Then AWS Fargate might be your thing.
What is it?
Amazon describes it as a way to “Run containers without managing servers or clusters”. It is basically a way of running your apps without having to manage servers or scaling clusters. Fargate is part of Amazons Elastic Container Service (ECS).
It is the perfect choice for developers that want to run apps with low traffic without spending too much on overpowered EC2 instances. But it will also be able to scale up if there would be higher traffic during some points in the day.
“AWS Fargate removes the need for you to interact with or think about servers or clusters”
“Tiny” tutorial
To follow this introduction into AWS Fargate you need to know a bit about dealing with docker images. You also need a domain managed on AWS Route 53 if you want to hook it up to your app.
To run a container, we must host our docker image on AWS, we need a Cluster to run services, a Task-Definition which defines what container to run and how to run it in a service. We also need the service itself and a load balancer to point traffic from the web to our service in the cluster. Finally we must define some security policies for our cluster and load balancer. That should be all… so lets start by:
1. Creating a docker image repository
First we must sign in to our AWS console and create a repo for our docker images. Open the AWS console and go to the service Elastic Container Repository and create a new repo. This is where you will store your docker images that will run in your Fargate cluster.
By pressing the button named “View push commands” you will see all the commands needed to log in, build your image, and push it to the repo.
2. Create a cluster
The next step is to create a cluster to run your applications in. Open the menu and search for ECS. Or if you are in your repository, select “Clusters” from the left menu.
If you press get started, AWS will basically do much of the setup for you. This is not a good option if you are new to AWS and don’t know where to find different settings for security groups and load balancers. So let’s not waste our time with that. Click “Create Cluster” to get started from scratch.
Here you will immediately get three options and since we will be running our image on Fargate, choose “Networking only”.
In “Step 2 — Configure Cluster”, you enter the name you want your cluster to have. I named mine “example-cluster”. We also want to check the option of creating a Virtual Private Cloud (VPC) which will give us access to a range of local ip-addresses and subnets.
Click “Create” and wait while AWS generates your cluster. When it’s done go back to the ECS-console to view your cluster.
3. Create a Task Definition
The next thing we need to do is to create a task-definition. The task definition defines what docker image to run and how to run it.
When creating a new Task Definition you will get the choice of launch compatibility. Choose Fargate and click next.
Name your task and select a task role. I just select the default IAM role ecsTaskExecutionRole.
Scroll down and find the add container option. Here you enter a name for the container and the path in your repository. If you don’t remember it, open a new tab and go to ECR to get find it.
Set the port to the same port that your docker container exposes. You can define a lot more options for your container, but you don’t need anything more for it to run. So right now we won’t bother.
Click add container and continue working on the Task Definition. Set your preferred task memory and task cpu. I don’t need much for my simple image to run so I just choose the lowest possible options.
Press “Create” and you are all set to create a service to run the Task Definition
4. Create a service
This is the most involved process so far, we need to configure our service and a security group for our cluster and configure a load balancer.
Lets go back to the ECS-console and enter your Cluster. Click “Create” under the Services tab
Once again you will be given the choice of Fargate vs EC2. And once again you will select Fargate ;). You will also see that your Task Definition is preselected with the latest revision(if you for some reason made more than one). Name your service and select how many tasks you want to run. If you enter «2» it will start two instances of your container.
In the next step we need to choose a VPC (Virtual Private Cloud) and subnets which we already have generated. Select the two subnets available.
Next up is the security group for the cluster. Click “Edit” and and set a custom TCP-port if your container uses anything other than port 80. For now we will keep it open from anywhere and go back to adjust the source when we have a load balancer set up. Name it so that you can recognise it later. I named mine “example-service-ecs” to easily see that it belongs to my cluster.
Next up we need to define a load balancer. Choose “application load balancer” from the service configuration and go to the EC2 Console to create an http-load balancer.
Name the new load balancer and keep most as is. Check the boxes for the availability zones you have available for your VPC. Click next and ignore the HTTPS security warning. We will not be dealing with HTTPS in this tutorial. That is easy to add later anyway.
In Configure Security Groups we will create another security group. This will decide what port gets to access your load balancer and from where. I choose basic HTTP as it should be accessible from the web.
Nothing special in the Configure routing, we just need to define a Target for the load balancer. The target is where the load balancer sends traffic.
We won’t be defining the targets so just click on through to review and create the load balancer.
Now you can add the load balancer to your service and select the container to load balance.
Select the target group and disable service discovery. We will not be using that now. We will be setting up routing in Route 53 later on.
Click on next step and do not select any auto scaling features now. Review and create the service. If you go back to ECS you will now see that the service is trying to start the amount of tasks you defined in your service.
Before we do anything else, let’s test if we can access the app. Do this by clicking on the task name and find its Public IP address. Enter the IP-address in the browser and append the port of the container like this: http://0.0.0.0:3000
If it’s accessible, congrats. But we don’t really want people to access our task-instances directly so read on.
Go to EC2 Console and select Security Groups from the left menu. Find the security group we created for the ECS service (example-service-ecs) and edit it.
In the example-service-ecs groups inbound rules, add the load balancers Group ID to the source field of port 3000. This makes sure that only the load balancer can access the ECS-service on that port.
If you save and try to open the same IP-address as before, the request should time out.
5. Point a domain name to the application load balancer
If you have a domain name hosted on AWS you can easily point it to the load balancer to expose it to the web. To do this go to Route 53 in the AWS console menu and select the hosted zone your domain resides in. I will use my domain serverless-samples.com and create a new record set for it to put it on a subdomain. The procedure would be the same for the root domain.
You must then add the subdomain name of your choice (mine is “exampleapp”) and select an A-record from the list of types. Select yes on the Alias option and select your load balancer from the list. Then press create.
That should be it. You should give it some time to be accessible from the web, but your app will hopefully soon be available on the domain name you entered.
