Categories
Admin AWS Docker Laravel PHP Programming Tutorials Web Dev

Full LAMP Docker and AWS Introduction Tutorial

And now we simply configure and build our ECS cluster through the ECS CLI:

$ ecs-cli configure --cluster tutorial-cluster --default-launch-type FARGATE --region eu-central-1 --config-name fgate_ff_config
$ ecs-cli up

Take note of the ouput of this command, copying and pasting the result in a sheet of your favourite editor, you’ll need the cluster VPC id to create a security group in it, you’ll need also the subnets. Again, remember to replace the zero filled ids with your own:

$ aws ec2 create-security-group \
    --description  aws_tutorial_security \
    --group-name aws_tutorial_group \
    --vpc-id vpc-0000000000000000

Take note of the resulting output, stating the relative GroupId. In case you forget to do it, you can use the following command to retrive it:

$ aws ec2 describe-security-groups \
    --filters Name=description,Values=aws_tutorial_security | grep GroupId

Then authorize input traffic to the security group, replacing your own group-id:

$ aws ec2 authorize-security-group-ingress \
    --group-id sg-00000000000000000 \
    --protocol tcp \
    --port 80 \
    --cidr 0.0.0.0/0

Cidr is not fake and its zeroes mean all IPs. The next thing is to create our service, first let’s edit the two necessary config files:

$ vi ecs-params.yml
version: 1
task_definition:
  task_execution_role: ecsTaskExecutionRole
  ecs_network_mode: awsvpc
  task_size:
    mem_limit: 0.5GB
    cpu_limit: 256
run_params:
  network_configuration:
    awsvpc_configuration:
      subnets:
        - "subnet-00000000000000000"
        - "subnet-00000000000000000"
      security_groups:
        - "sg-00000000000000000"
      assign_public_ip: ENABLED
$ vi docker-compose.yml
version: '3'
services:
  lamp:
    image: 000000000000.dkr.ecr.eu-central-1.amazonaws.com/aws_lamp_tutorial
    ports:
      - "80:80"
    logging:
      driver: awslogs
      options: 
        awslogs-group: lamp-tutorial
        awslogs-region: eu-central-1
        awslogs-stream-prefix: lamp
$ ecs-cli compose --project-name tutorial service up --create-log-groups --cluster-config fgate_ff_config

The last thing to do is to get our instance IP address and set a rule inside our default security group which regards our MySQL database, so that the ECS instance can access to it:

$ aws ecs list-tasks --cluster tutorial-cluster
$ aws ecs describe-tasks \
    --cluster tutorial-cluster \
    --tasks arn:aws:ecs:eu-central-1:000000000000:task/00000000-0000-0000-0000-000000000000 \
    | grep eni-

Please replace the task arn with your own. Now let’s find our public IP address, dont’t forget the zeroes:

$ aws ec2 describe-network-interfaces --network-interface-ids eni-e0000000 | grep PublicIp
$ aws ec2 authorize-security-group-ingress \
    --group-name default \
    --protocol tcp \
    --port 3306 \
    --cidr 00.000.00.000/00

It should be noted that cidr is fake, it must be replaced with your own IP address, then point your browser at that location. The app should be working.

Once you’re done remember to do the cleaup to stop your instances, even if you have a free tier account, this tutorial is compatible with it. To do that, issue the following commands:

$ ecs-cli compose --project-name tutorial service down --cluster-config fgate_ff_config
$ aws ec2 delete-security-group --group-id sg-00000000000000000
$ ecs-cli down --force --cluster-config tutorial --cluster-config fgate_ff_config
$ aws logs delete-log-group --log-group-name lamp-tutorial

Detach our execution policy and delete IAM role:

$ aws iam detach-role-policy --role-name aws_tutorial_role --policy-arn arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolic
$ aws iam delete-role --role-name aws_tutorial_role

Delete image and ECR repository, please replace your own imageDigest:

$ aws ecr list-images --repository-name aws_lamp_tutorial | grep imageDigest
$ aws ecr batch-delete-image --repository-name aws_lamp_tutorial --image-ids imageDigest=sha256:19665f1e6d1e504117a1743c0a3d3753086354a38375961f2e665416ef4b1b2f

Finally delete your database instance:

 $ aws rds delete-db-instance --db-instance-identifier mysql-tutorial-db --skip-final-snapshot

And we’re done. In this session you learned a simple deploying operation with ECS, Docker and RDS.

Should you necessitate the files needed for this project, you can find them in this GitHub repository.

Do not put into production this tutorial, there are security, performance and architecture improvements to make, the example is semi-trivial. In the next episode we will be examining some more in detail some other aspects of AWS, till then, stay tuned and happy coding.

Did you like this post? Please comment here below and share it on your preferred social networks, thank you!

By Mirko Benedetti

Hi there. My name is Mirko Benedetti, I'm a Software Developer and I founded this website. Excellence is what I consider to be our ultimate goal, and passion for technology constantly drives me to it. I began programming self-taught at a very young age. Since then I learned a lot, and every day I enjoy learning new things. Here is my Linkedin Curriculum, feel free to connect.

4 replies on “Full LAMP Docker and AWS Introduction Tutorial”

Many thanks Mary,
I’m looking forward to seeing you again on this blog!

I don’t know where you are getting your information, however great topic. I need to spend some time learning and understanding more. Thanks for this wonderful information, I was searching for this information for my purposes.

Thank you Paul,
the content of this post and this blog in general is gathered around the internet, on books and other sources.
Code examples are my own.
Keep learning this stuff,
Mirko

Leave a Reply

Give me your opinion, I will be grateful.