Full LAMP Docker and AWS Introduction Tutorial

And now we simply configure and build our ECS cluster through the ECS CLI:

$ ecs-cli configure --cluster tutorial-cluster --default-launch-type FARGATE --region eu-central-1 --config-name fgate_ff_config
$ ecs-cli up

Take note of the ouput of this command, copying and pasting the result in a sheet of your favourite editor, you’ll need the cluster VPC id to create a security group in it, you’ll need also the subnets. Again, remember to replace the zero filled ids with your own:

$ aws ec2 create-security-group \
     --description  aws_tutorial_security \
     --group-name aws_tutorial_group \
     --vpc-id vpc-0000000000000000

Take note of the resulting output, stating the relative GroupId. In case you forget to do it, you can use the following command to retrive it:

$ aws ec2 describe-security-groups \
     --filters Name=description,Values=aws_tutorial_security | grep GroupId

Then authorize input traffic to the security group, replacing your own group-id:

$ aws ec2 authorize-security-group-ingress \
     --group-id sg-00000000000000000 \
     --protocol tcp \
     --port 80 \
     --cidr 0.0.0.0/0

Cidr is not fake and its zeroes mean all IPs. The next thing is to create our service, first let’s edit the two necessary config files:

$ vi ecs-params.yml
version: 1
 task_definition:
   task_execution_role: ecsTaskExecutionRole
   ecs_network_mode: awsvpc
   task_size:
     mem_limit: 0.5GB
     cpu_limit: 256
 run_params:
   network_configuration:
     awsvpc_configuration:
       subnets:
         - "subnet-00000000000000000"
         - "subnet-00000000000000000"
       security_groups:
         - "sg-00000000000000000"
       assign_public_ip: ENABLED
$ vi docker-compose.yml
version: '3'
 services:
   lamp:
     image: 000000000000.dkr.ecr.eu-central-1.amazonaws.com/aws_lamp_tutorial
     ports:
       - "80:80"
     logging:
       driver: awslogs
       options: 
         awslogs-group: lamp-tutorial
         awslogs-region: eu-central-1
         awslogs-stream-prefix: lamp
$ ecs-cli compose --project-name tutorial service up --create-log-groups --cluster-config fgate_ff_config

The last thing to do is to get our instance IP address and set a rule inside our default security group which regards our MySQL database, so that the ECS instance can access to it:

$ aws ecs list-tasks --cluster tutorial-cluster
$ aws ecs describe-tasks \
     --cluster tutorial-cluster \
     --tasks arn:aws:ecs:eu-central-1:000000000000:task/00000000-0000-0000-0000-000000000000 \
     | grep eni-

Please replace the task arn with your own. Now let’s find our public IP address, dont’t forget the zeroes:

$ aws ec2 describe-network-interfaces --network-interface-ids eni-e0000000 | grep PublicIp
$ aws ec2 authorize-security-group-ingress \
     --group-name default \
     --protocol tcp \
     --port 3306 \
     --cidr 00.000.00.000/00

It should be noted that cidr is fake, it must be replaced with your own IP address, then point your browser at that location. The app should be working.

Once you’re done remember to do the cleaup to stop your instances, even if you have a free tier account, this tutorial is compatible with it. To do that, issue the following commands:

$ ecs-cli compose --project-name tutorial service down --cluster-config fgate_ff_config
$ aws ec2 delete-security-group --group-id sg-00000000000000000
$ ecs-cli down --force --cluster-config tutorial --cluster-config fgate_ff_config
$ aws logs delete-log-group --log-group-name lamp-tutorial

Detach our execution policy and delete IAM role:

$ aws iam detach-role-policy --role-name aws_tutorial_role --policy-arn arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolic
$ aws iam delete-role --role-name aws_tutorial_role

Delete image and ECR repository, please replace your own imageDigest:

$ aws ecr list-images --repository-name aws_lamp_tutorial | grep imageDigest
$ aws ecr batch-delete-image --repository-name aws_lamp_tutorial --image-ids imageDigest=sha256:19665f1e6d1e504117a1743c0a3d3753086354a38375961f2e665416ef4b1b2f

Finally delete your database instance:

$ aws rds delete-db-instance --db-instance-identifier mysql-tutorial-db --skip-final-snapshot

And we’re done. In this session you learned a simple deploying operation with ECS, Docker and RDS.

Should you necessitate the files needed for this project, you can find them in this GitHub repository.

Do not put into production this tutorial, there are security, performance and architecture improvements to make, the example is semi-trivial. In the next episode we will be examining some more in detail some other aspects of AWS, till then, stay tuned and happy coding.

Did you like this post? Please, share it on your preferred social networks or comment here below, thank you!

12 thoughts on “Full LAMP Docker and AWS Introduction Tutorial

  1. Many thanks Mary,
    I’m looking forward to seeing you again on this blog!

  2. I don’t know where you are getting your information, however great topic. I need to spend some time learning and understanding more. Thanks for this wonderful information, I was searching for this information for my purposes.

  3. Thank you Paul,
    the content of this post and this blog in general is gathered around the internet, on books and other sources.
    Code examples are my own.
    Keep learning this stuff,
    Mirko

  4. I would like to thank you for the efforts you have put in writing this blog. I am hoping the same high-grade posts from you in the upcoming also. Actually your creative writing abilities has encouraged me to get my own site now. Blogging is spreading its wings rapidly, your write up is a good example of it.

  5. Thank you Alessandra,
    this blog would not be possible without your support and encouragement.
    See you

  6. I do agree with all the ideas you’ve introduced in your post. They are really convincing and can certainly work. Still, the posts are too quick for beginners. May just you please extend them a little from subsequent time? Thanks for the post.

  7. Hello Louis,
    I appreciate your feedback and thanks for getting straight to the point. My endevour is to explain as simple as possible, I’ll do my best to keep improving.
    Bye

  8. I was just seeking this info for some time. After many hours of continuous Googleing, finally I got it at your web site. I wonder what is the lack of Google strategy that don’t rank this kind of informative web sites at top of the list. Sometimes top sites are full of garbage.

  9. Hello Xin,
    this website is well ranked for many keywords that regards it. The strategy is to actually putting very meaningful and useful content, in a way that Google cannot ignore it. Sometimes we achieve this result.

  10. Hello umande,
    you can do it with your Dockerfile.
    Thanks for your question

Leave a Reply

Give me your opinion, I will be grateful.