This project demonstrates the implementation of a scalable and highly available web application using AWS ECS (Elastic Container Service) with Blue/Green deployment capabilities. The infrastructure is defined and managed using Terraform, enabling Infrastructure as Code (IaC) practices.
The solution implements a 3-tier architecture with the following components:
- Networking: A custom VPC with public and private subnets across multiple Availability Zones.
- Compute: ECS Fargate for running containerized applications.
- Load Balancing: Application Load Balancer (ALB) for distributing traffic.
- CI/CD: AWS CodePipeline with CodeBuild and CodeDeploy for continuous integration and deployment.
- Storage: S3 for storing static web content and deployment artifacts.
- Configuration: AWS Systems Manager (SSM) Parameter Store for managing application configuration.
- Monitoring: CloudWatch for logging and monitoring.
- Blue/Green Deployments: Utilizes AWS CodeDeploy for zero-downtime deployments.
- Scalability: ECS Fargate allows easy scaling of container instances.
- Security: Implements network isolation with public and private subnets.
- Flexibility: Easily updateable web content through S3 and SSM parameters.
- Observability: Integrated logging with CloudWatch.
- AWS Account
- Terraform (version 0.12+)
- AWS CLI configured with appropriate permissions
- GitHub repository for application code
.
├── 00-data.tf
├── 01-main.tf
├── 02-network.tf
├── 03-bucket.tf
├── 04-builder.tf
├── 05-pipeline.tf
├── 05-service.role.tf
├── 05-service.tf
├── README.md
├── modules
│ └── builder
│ ├── data.tf
│ ├── main.tf
│ ├── outputs.tf
│ └── variables.tf
└── services
├── deployment
│ └── buildspec.yml
├── downloader
│ ├── Dockerfile
│ ├── buildspec.yml
│ └── download_script.py
├── webcontent
│ ├── buildspec.yml
│ └── objects
│ ├── index-01.html
│ ├── index-02.html
│ └── index-03.html
└── webserver
├── Dockerfile
├── buildspec.yml
└── nginx.conf
graph TB
subgraph GitHub
A[GitHub: Repository]
end
subgraph AWS["AWS Cloud"]
subgraph CodePipeline["CodePipeline: Web Server Pipeline"]
B[Source]
C[Build]
D[Prepare Deployment]
E[Deploy]
end
F[CodeBuild: Build Content]
G[CodeBuild: Build Downloader]
H[CodeBuild: Build WebServer]
subgraph CodeDeploy["CodeDeploy"]
J[Blue/Green Deployment]
end
subgraph VPC["VPC: Main"]
subgraph PublicSubnets["Public Subnets"]
K[NAT Gateway]
L[ALB: Web Server]
end
subgraph PrivateSubnets["Private Subnets"]
M[ECS Cluster]
subgraph ECSService["ECS Service"]
N[Blue Task Set]
O[Green Task Set]
end
end
end
subgraph DeploymentPreparation["Deployment Preparation"]
I[CodeBuild: Prepare Artifacts]
Q[(S3: Artifacts)]
end
P[(S3: Web Content)]
subgraph ECR["Amazon ECR"]
R[(ECR: Downloader)]
S[(ECR: WebServer)]
end
subgraph PARAMETER["Amazon SSM"]
T[SSM: Parameter Store]
end
end
A -->|Trigger| B
B --> C
C --> F & G & H & D
D --> I
I -->|Create| Q
D --> E
E --> J
F -->|Upload| P
G -->|Push| R
H -->|Push| S
J -->|Deploy| ECSService
L -->|Route| N & O
ECSService -->|Pull| ECR
ECSService -->|Download| P
N & O -->|Serve| L
-
Source: The process begins when changes are pushed to the GitHub repository.
-
Build: AWS CodePipeline triggers a CodeBuild job, which:
- Builds Docker images for the Downloader and Web Server containers
- Pushes these images to Amazon ECR
-
Deploy: CodeDeploy manages the Blue/Green deployment:
- Creates a new (Green) Task Definition with updated container images
- Deploys the new Task Definition to the ECS Cluster
- Routes traffic gradually from the old (Blue) to the new (Green) version
-
Application: The ECS Task runs two containers:
- Downloader: Fetches the specified HTML file from S3 based on the SSM Parameter
- Web Server: Serves the downloaded HTML file
-
Load Balancing: The Application Load Balancer distributes incoming traffic to the active Task Definition.
-
Monitoring: CloudWatch collects logs and metrics from the ECS Cluster and other AWS services.
This architecture ensures high availability, scalability, and enables zero-downtime deployments through the Blue/Green deployment strategy.
-
Clone this repository:
git clone <repository-url> cd <repository-name> -
Initialize Terraform:
terraform init -
Review and modify variables in
01-main.tfas needed. -
Plan the Terraform execution:
terraform plan -
Apply the Terraform configuration:
terraform apply -
Confirm the changes and type
yeswhen prompted.
After deployment:
- Access the web application via the ALB DNS name (output after Terraform apply).
- Update the SSM parameter to change the served HTML file.
- Trigger a new deployment through the CodePipeline to see Blue/Green deployment in action.
- Access CloudWatch Logs to view application and ECS cluster logs.
- Monitor the ECS cluster, services, and tasks through the AWS ECS console.
- View deployment history and status in the AWS CodeDeploy console.
To destroy the created resources:
terraform destroy
Confirm the destruction by typing yes when prompted.
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.
- AWS Documentation
- Terraform Documentation
- The open-source community for various tools and libraries used in this project