This Souion build simple Project test the DB connectivity, The application Code is written using go language & Infrastructure as code using Terraform.
https://github.com/hamzeh-shaghlil/aws-ecs-fullstack-app-terraform
The Terraform Code will create the Following Resources :
- VPC
- Public Subnets are associated with a routeing table that has a route to an internet gateway.
- Private Subnets are associated with a routeing table that has a route to Local Network (VPC)
- Nated Subnets are associated with a routeing table with a route to a Nat gateway.
- Application Load Balancer to split the traffic between the ECS/Faragte Services
- AWS WAF firewall associated with the ALB to help protect common web exploits and bots that may affect availability and compromise security.
- AWS Aurora MYSQ Cluster will host the DB with primary and secondary DB for high Availablity
- ECS/FARGATE to run containers without having to manage servers or clusters
- AWS ECR Private container image registry to host our docker image
- AWS Secrets Manager will use to host the DB URL that contains sensitive like DB credentials
- CloudWatch will be used to monitor the cluster using Container Insights and collect the logs
- AWS CodePipeline CI/CD Pipeline has the following stages
- Source Stage:
- The application source code is maintained in a repository configured as a GitHub source action in the pipeline. any push commits to the repository, CodePipeline detects the pushed change, and a pipeline execution starts from the Source Stage.
- The GitHub source action completes successfully (that is, the latest changes have been downloaded and stored to the artefact bucket unique to that execution). The output artefacts produced by the GitHub source action, which are the application files from the repository, are then used as the input artifacts to be worked on by the actions in the next stage.
- Build Stage
- The pipeline execution transitions from the Source Stage to the Build Stage. The first action in the Build Stage runs a build project created in CodeBuild and configured as a build action in the buildspec.yaml. The build task pulls a build environment image and builds the docker image in a virtual container.
- CodeBuild will create new build artefacts that contanis the latest version of the task definition
- Deploy Stage The Pipeline will deploy the latest image created from the build step to the ecs service.
Usage
This terraform use S3 as backend for terraform state
- Update the
backend.tf
terraform {
backend "s3" {
encrypt = true
bucket = "your-backet-name"
key = "terraform.tfstate"
region = "your-bucket-region"
}
}
- Update the AWS Account ID in
buildspec.yamlfile - Run the terraform init command to initialize a working directory that contains a Terraform configuration
terraform init
- The terraform plan command evaluates a Terraform configuration to determine the desired state of all the resources it declares, then compares that desired state to the real infrastructure objects being managed with the current working directory and workspace
terraform plan
- The terraform apply command performs a plan just like terraform plan does, but then actually carries out the planned changes to each resource using the relevant infrastructure provider’s API. It asks for confirmation from the user before making any changes, unless it was explicitly told to skip approval.
terraform apply
- After finishing, you will have the below results
Apply complete!
terraform output
- You need to go to AWS Pipeline service from the AWS console to edit the Github connection to make it AVAILABLE https://docs.aws.amazon.com/dtconsole/latest/userguide/connections-create-github.html
- Release the pipeline and wait until pipline finish to test the code 🙂