From 6bfa880dd9fa79aa83e83ecc5cf01b04bc9f8ec4 Mon Sep 17 00:00:00 2001 From: Joshua Date: Tue, 29 Oct 2024 15:55:59 -0700 Subject: [PATCH] fix: Update the ECS section with tips for deploying the updated DKS apps (#604) --- .cspell.json | 1 + docs/4-cloud-computing/4.2.6-ecs.md | 32 ++++-- .../ch4/aws/ecs/dks-db-task-definition.json | 107 ++++++++++++++++++ 3 files changed, 128 insertions(+), 12 deletions(-) create mode 100644 examples/ch4/aws/ecs/dks-db-task-definition.json diff --git a/.cspell.json b/.cspell.json index b56aa683..fcdbf992 100644 --- a/.cspell.json +++ b/.cspell.json @@ -7,6 +7,7 @@ "adoptopenjdk", "aluable", "Armon", + "awscli", "AWSCLIV", "azurerm", "Bento", diff --git a/docs/4-cloud-computing/4.2.6-ecs.md b/docs/4-cloud-computing/4.2.6-ecs.md index 618091e8..a273a6b3 100644 --- a/docs/4-cloud-computing/4.2.6-ecs.md +++ b/docs/4-cloud-computing/4.2.6-ecs.md @@ -28,21 +28,29 @@ Checkout this great explanation: [What is the difference between a task and serv ## Exercise -To get an understanding on how two containers need to communicate with one another, we will be utilizing the [DevOps Knowledge Share UI](https://github.com/liatrio/dks-ui) application we used before as well as the corresponding [API](https://github.com/liatrio/dks-api). - -1. Start by taking the ui and api listed above and test them locally. -2. Then containerize them using Docker. -3. Create an IAM Role that provides EC2 instances with access to ECS and ECR services. -4. Push them up to ECR. -5. Create a cluster within ECS -6. Create a Launch Configuration and Auto Scaling group to start an EC2 instance and connect it to your ECS cluster. -7. Once you have an EC2 instance to run containers on, configure your cluster to run the application. -8. Verify that your demo was set up by visiting the front end in your browser. +To get an understanding on how containers need to communicate with one another, we will be utilizing the [DevOps Knowledge Share UI](https://github.com/liatrio/dks-ui) application we used before as well as the corresponding [API](https://github.com/liatrio/dks-api). + +1. Start by taking the ui and api listed above and test them locally. Go though the `docker-compose.yaml` file to understand _what_ these microservices need. +2. Then containerize them using Docker. (`make docker-build`) +3. Push them up to ECR. +4. Create an IAM Role that provides EC2 instances with access to ECS and ECR services. +5. Create a cluster within ECS with EC2 instances not Fargate. Don't choose spot instances as this complicates things as your instances get reclaimed by AWS. When configuring your cluster to simplify things remove any private subnets. + +?> If you are running on an arm machine ensure your EC2 instances supports arm workloads + +7. Configure your cluster to run the application. Refer to the `docker-compose.yaml` files in `dks-ui` and `dks-api` to get a sense for what each service needs. -> Amazon has its own tool called CloudFormation which is used to provision resources on AWS. Although we will not be using it in this exercise, CloudFormation configuration files can be a great reference for defining the environment needed to run your application. +?> I recommend standing up your microservices in the following order validating each piece as you go: dks-db, dks-api, then dks-ui. See this example [task definition for dks-db](https://github.com/liatrio/devops-bootcamp/blob/master/examples/ch4/aws/ecs/dks-db-task-definition.json) and the [db init script](https://github.com/liatrio/dks-api/blob/6ee4e6aa87b62e4387d613cbd442863b60d07657/db-resources/0_0_db.sh). + +?> To interconnect services look into [AWS Service Discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/interconnecting-services.html). Managing Service Discovery Namespaces and Services is simpler via the awscli. See the [following for reference](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/create-service-discovery.html#create-service-discovery-namespace). The Service Discovery Namespace name and the Service Discovery Service name will control the resulting DNS record. This will also dictate what you set for DB_HOST environment variable for the dks-api. + +?> If you are having issues getting Services started and check out logs on the host the container was scheduled at `/var/log/ecs/ecs-agent.log` + +8. Verify that your demo was set up by visiting the front end in your browser. +9. Clean up your resources: Service Discovery Namespace (AWS Cloud Map in the console), ECS Cluster (Delete Cloud Formation Stack for easy cleanup), KMS Key, Application Load Balancer. ## Deliverables - Explore a microservice demo by running it on ECS. - Discuss why you may want to use ECS and microservices. -- Discuss the difference between tasks and services in ECS. +- Discuss the difference between task definitions, tasks and services in ECS. diff --git a/examples/ch4/aws/ecs/dks-db-task-definition.json b/examples/ch4/aws/ecs/dks-db-task-definition.json new file mode 100644 index 00000000..90ace210 --- /dev/null +++ b/examples/ch4/aws/ecs/dks-db-task-definition.json @@ -0,0 +1,107 @@ +{ + "taskDefinitionArn": "arn:aws:ecs:us-east-1:183631309559:task-definition/dks-db:5", + "containerDefinitions": [ + { + "name": "dks-db", + "image": "postgres:16.4-alpine", + "cpu": 0, + "portMappings": [ + { + "name": "db-port", + "containerPort": 5432, + "hostPort": 5432, + "protocol": "tcp", + "appProtocol": "http" + } + ], + "essential": true, + "environment": [ + { + "name": "POSTGRES_USER", + "value": "postgres" + }, + { + "name": "JAVA_ENABLE_DEBUG", + "value": "false" + }, + { + "name": "DB_ROLE_NAME", + "value": "dks-user" + }, + { + "name": "SPRING_PROFILES_ACTIVE", + "value": "dev" + }, + { + "name": "PGPORT", + "value": "5432" + }, + { + "name": "POSTGRES_PASSWORD", + "value": "postgres-password" + }, + { + "name": "DB_NAME", + "value": "dks_db" + }, + { + "name": "DB_HOST", + "value": "dks-db" + }, + { + "name": "DB_ROLE_PASSWORD", + "value": "dks-db-password" + } + ], + "environmentFiles": [], + "mountPoints": [ + { + "sourceVolume": "dks-db-init", + "containerPath": "/docker-entrypoint-initdb.d/0_0_db.sh", + "readOnly": false + } + ], + "volumesFrom": [], + "ulimits": [], + "systemControls": [] + } + ], + "family": "dks-db", + "executionRoleArn": "arn:aws:iam::183631309559:role/ecsTaskExecutionRole", + "networkMode": "awsvpc", + "revision": 5, + "volumes": [ + { + "name": "dks-db-init", + "host": { + "sourcePath": "/home/ec2-user/0_0_db.sh" + } + } + ], + "status": "ACTIVE", + "requiresAttributes": [ + { + "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18" + }, + { + "name": "ecs.capability.task-eni" + } + ], + "placementConstraints": [], + "compatibilities": [ + "EC2" + ], + "requiresCompatibilities": [ + "EC2" + ], + "cpu": "1024", + "memory": "1024", + "runtimePlatform": { + "cpuArchitecture": "ARM64", + "operatingSystemFamily": "LINUX" + }, + "registeredAt": "2024-10-29T17:44:06.202Z", + "registeredBy": "arn:aws:sts::183631309559:assumed-role/AWSReservedSSO_AWSAdministratorAccess_93465402f0d29076/joshua.burns@liatrio.com", + "enableFaultInjection": false, + "tags": [] +}