DEV Community

Cover image for Step-by-Step Guide: Highly Available Architecture with ALB and Amazon ECS on AWS Fargate
marunkumar1983 for AWS Community Builders

Posted on • Updated on

Step-by-Step Guide: Highly Available Architecture with ALB and Amazon ECS on AWS Fargate

As cloud computing becomes increasingly important in modern IT infrastructure, containerization has emerged as a powerful tool for managing and deploying applications. And among the various containerization platforms available, AWS Fargate stands out as a particularly promising solution. AWS Fargate is a serverless, pay-as-you-go compute engine that lets you focus on building applications without managing servers. With its unique blend of scalability, cost-effectiveness, and simplicity, Fargate is poised to dominate the IT container world in the coming years.

I have designed and implemented the following architecture, and successfully completed a proof of concept. To ensure that below architecture flow is accurate and efficient, I plan to utilize three distinct verification methods.

ALB-Fargate-ECS Architecture

Verification Method 1: Accessing Docker URL

Let's create a EC2 instance. Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the cloud. EC2 provides users with a flexible and cost-effective way to run applications in the cloud, without the need to invest in and manage their own physical hardware.

EC2 instance creation
  • T2.Micro (AMI: amzn2-ami-kernel-5.10-hvm-2.0.20230207.0-x86_64-gp2)
Create security group
  • Allow ssh port 22, http port 80 and map with EC2 instance
Docker Installation

Docker is an open platform for developing, shipping, and running applications. Docker image is a read-only template with instructions for creating a Docker container.

    sudo yum update -y
    sudo amazon-linux-extras install docker
    sudo service docker start
    sudo systemctl enable docker
    sudo usermod -a -G docker ec2-user
    sudo docker info
Enter fullscreen mode Exit fullscreen mode
Create a Docker Image and run
 vi Dockerfile
            FROM ubuntu:18.04

            # Install dependencies
            RUN apt-get update && \
            apt-get -y install apache2

            # Install apache and write Fargate POC message
            RUN echo 'Fargate-ECS POC!' > /var/www/html/index.html

            # Configure apache
            RUN echo '. /etc/apache2/envvars' > /root/ && \
            echo 'mkdir -p /var/run/apache2' >> /root/ && \
            echo 'mkdir -p /var/lock/apache2' >> /root/ && \ 
            echo '/usr/sbin/apache2 -D FOREGROUND' >> /root/ && \ 
            chmod 755 /root/

            EXPOSE 80

            CMD /root/
 sudo docker build -t hello-fargate-ecs .
 sudo docker images --filter reference=hello-fargate-ecs
 docker run -t -i -p 80:80 hello-fargate-ecs
Enter fullscreen mode Exit fullscreen mode


Accessing direct docker url.

Docker URL

Verification Method 2: Accessing Task URL

How two different services (EC2 --> ECR) communicate each other in AWS cloud?

By using IAM Role.

Create IAM role (IAM --> Roles --> "AmazonEC2ContainerRegistryFullAccess") and map with EC2 instance.

Create ECR and push image

Amazon Elastic Container Registry (Amazon ECR) is an AWS managed container image registry service that is secure, scalable, and reliable. It's similar to Docker Hub.

Login into EC2 to execute below commands. Make sure IAM Role mapped before we execute below commands.

aws ecr create-repository --repository-name hello-fargate-ecs-repository --region us-west-2
docker tag hello-fargate-ecs <awsaccount>
aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin <awsaccount>
docker push <awsaccount>
Enter fullscreen mode Exit fullscreen mode

ECR Creation

Fargate ECS Cluster Creation

An Amazon ECS cluster is a logical grouping of tasks or services.


Task Definitions Creation

Task definition is a template. A task definition is required to run Docker containers in Amazon ECS. The Task definition allows you to specify which Docker image to use, which ports to expose, how much CPU and memory to allocate, how to collect logs, and define environment variables.

Image description

Image description

Image description

Image description

Run Task by enabling public IP

An ECS task can consist of one or more containers that work together to perform a specific function. Task definition is used to define the configuration of a task. The task definition includes information such as the Docker image to use, the resources required, the container port mappings, and any data volumes to be mounted.

Image description

Image description

Make sure Public IP "Turned on" which will be used to hit from browser.

Image description

Image description

Image description

Image description

Task Running successfully and we could see public IP.

Image description

Hit the public IP from the browser to complete second verification method successfully.

Image description

Delete the task once verified. We will use ALB, ECS Service in our next verification method.

Verification Method 3: Accessing ALB URL

ALB (Application Load Balancer) distributes incoming traffic to multiple targets such as EC2 instances, containers, and Lambda functions, based on rules and conditions defined by the user.

ALB Target Group is a logical grouping of targets (such as EC2 instances or containers) that receive traffic from an Application Load Balancer based on the rules and conditions set by the user, allowing for efficient distribution of traffic and improved application availability and scalability.

Target Group Creation

Make sure to select "IP addresses" when creating target group.

Image description

Image description

ALB Creation

Note: You may incur cost if you are not a new AWS user. New AWS customers receive 750 hours per month as per below URL.

Create ALB by mapping created target group.

Image description

Image description

Image description

ECS Service Creation

ECS Service is used to guarantee that we always have some number of Tasks running at all times. Another very important point is that a Service can be configured to use a load balancer. Service will automatically register the container's EC2 instance with the load balancer.
Tasks cannot be configured to use a load balancer, only Services can. If a Task's container exits due to an error, or the underlying EC2 instance fails and is replaced, the ECS Service will replace the failed Task.

Image description

Make sure to select Launch type as "FARGATE".

Image description

Deployment configurations: Provide service name, task definition and desired task.

Image description

We already have ALB and target group ready. Make sure to map existing ALB and target group.

Image description

Service deployment is in progress.

Image description

Service deployment completed successfully. Desired tasks are running successfully.

Image description

Target group is healthy and registered automatically with task's public IP.

Image description

We can hit ALB URL from browser now.

Image description

Custom domain can be configured with Route53.

Note: Enterprise usually use "Private Subnet" for such configurations. End point configurations are required to establish communication.

I always wanted to connect with like-minded people. Here is my Linkedin. Ping/comment if any suggestions or clarifications required.

Thank you!

Top comments (3)

indika_wimalasuriya profile image

Great write-up. Very detail. Thanks for sharing

marunkumar1983 profile image

I have updated verification method 3 with ALB screenshots now.

nsimha23 profile image