AWS Hands-On: Building CI/CD Pipeline For AWS ECS and Fargate Using Terraform

AWS Workshops provide a number of hands-on AWS scenarios which helps you to learn technical AWS skills and Cloud concepts. You can use these workshops to solve your business problems.

This article aims to share hands-on experience on one of the workshops, ‘Build and Deploy Spring Petclinic Application to Amazon ECS (Fargate) using Terraform and AWS CodePipeline’. At the end of this workshop, you should be able to:

• Get hands-on experience using AWS CI/CD (AWS CodePipeline, AWS CodeCommits, AWS Codebuild)
• Familiarize with Infrastructure as code(Terraform)
• Understand how serverless applications are built on AWS without the operational overhead of scaling, patching, securing, and managing servers

Intended audience

• DevOps engineers responsible for designing, deploying, and maintaining the cloud infrastructure
• Application developers responsible for implementing serverless application
• Solutions architects responsible for designing AWS infrastructure and applications using infrastructure as code.

AWS Fargate

AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Fargate makes it easy for you to focus on building your applications

Terraform

Terraform is an open-source infrastructure as code software tool created by HashiCorp. Users define and provide data center infrastructure using a declarative configuration language.

AWS CodePipeline

AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates

Let's start to build the AWS infrastructure.

Setting up the infrastructure is as simple as cloning the repository and running the included terraform scripts, which uses Terraform to deploy several services into the AWS account.

Check out the full Terraform codes for this hands-on course:
https://github.com/aws-samples/aws-ecs-cicd-terraform/

Keep in mind that this workshop will incur AWS cost

This architecture diagram illustrates what you will be building in this workshop.

Prerequisites

• Create an AWS Account. How do I create and activate a new AWS account?
  https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/
• Create a workspace in the AWS account.
  - Launch Cloud9 in your closest region:
• Setup IAM Credentials
  - By default, AWS Cloud9 manages temporary IAM credentials for you. There are some restrictions associated with these credentials which prevent Terraform from working correctly.

• Install Terraform. As I live in Hong Kong, I have chosen the ap-east-1as default AWS region.

• Install Tools and Resources. You can clone the repo from here.

You can see that there are many .tf files. Each .tf file will automatically deploy AWS resources into your account, including an SSM Parameter Store, an ECS cluster, an RDS database, and an AWS CodePipeline.

Build Infrastructure using Terraform

• Set up SSM Parameter Store
  -Terraform config files will expect to find a password for the AWS RDS MySQL database in the SSM parameter store.

• Edit terraform.tfvars. Leave the aws_profile as “default”, and set aws_region to the correct value for your environment.

Same as my default AWS region, I have changed it to ap-east-1.

• Now everything is ready, Initialise Terraform: terraform init

The terraform init command is used to initialize a working directory containing Terraform configuration files. This is the first command that should be run after writing a new Terraform configuration or cloning an existing one from version control. It is safe to run this command multiple times.

• Next, Plan Terraform: terraform plan

‘terraform plan’ command is to test your terraform scripts. ‘terraform plan’ alone will not actually carry out the proposed changes, and so you can use this command to check whether the proposed changes match what you expected.

• ‘terraform plan’ looks good. Use ‘terraform apply’ to actually build the AWS infrastructure and the CI/CD pipeline
• Compare the Terraform scripts to the AWS environment using AWS console. Let's have a look into vpc.tf, ecr.tf, ecs.tf and rds.tf

- vpc.tf creates a vpc

- vpc.tf creates 2 private and 2 public subnets

- vpc.tf creates an internet gateway to connect the VPC to the internet.

- vpc.tf creates a NAT gateway for the private subnet can access the internet.

• ecr.tf creates a container image in the ECR Repositories.

• ecs.tf creates fargate cluster to run the docker image on ECR repositories.

• codepipeline.tf creates CI/CD pipeline to build the serverless application

• variable.tf holds the sizing metrics of the RDS database.

If you are using the HK region, RDS MySQL does not support db.r4.2xlarge in AWS HK region, go variables.tf and update the default to db.r5.2xlarge.

• Ensure to remove the database after completing the workshop, db.r4.2xlarge and db.r5.2xlarge are quite an expensive database for a hands-on demo.

Now the infrastructure is up and running, the next post will share how to set up local and remote git repositories in AWS CICD (AWS CodeCommit and Codepipeline) to run a serverless application.