ECS Labs

Author: naeemaa00

AWS_ECS_Labs/.github/workflows/02-ECR-ECS.yml

@@ -0,0 +1,62 @@
+name: "ECR-ECS-Deployment"
+on:
+  workflow_dispatch:
+  
+jobs:
+  ECR_ECS_Deployment:
+    name: Build Docker Image And Push To ECR And Deploy To ECS
+    runs-on: ubuntu-latest  
+    steps:  
+        - name: Checkout
+          uses: actions/checkout@v2    
+          
+        - name: Setup AWS ECR Details
+          uses: aws-actions/configure-aws-credentials@v1
+          with:
+            aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+            aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+            aws-region: ${{secrets.AWS_REGION}}
+
+        - name: Login to Amazon ECR
+          id: login-pf-aws-ecr
+          uses: aws-actions/amazon-ecr-login@v1
+          
+        - name: Build and push the tagged docker image to Amazon ECR
+          id : containerImage
+          env:
+            ECR_REGISTRY: ${{ steps.login-pf-aws-ecr.outputs.registry }}
+            ECR_REPOSITORY: ${{secrets.AWS_ECR_REPO}}
+            IMAGE_TAG: latest
+          run: |
+            docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+            docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+
+        - name: ECR Status Check
+          if: steps.containerImage.outcome == 'failure'
+          run: exit 1
+
+        - name: Setup Terraform
+          uses: hashicorp/[email protected]
+          with:
+            terraform_version: latest
+            cli_config_credentials_token: ${{ secrets.TFC_API_TOKEN }}
+    
+        - name: Terraform Init
+          id: init
+          run: terraform init
+        
+        - name: Terraform Validate
+          id: validate
+          run: terraform validate
+  
+        - name: Terraform Plan
+          id: plan
+          run: terraform plan
+          continue-on-error: true
+  
+        - name: Terraform Plan Status
+          if: steps.plan.outcome == 'failure'
+          run: exit 1
+  
+        - name: Terraform Apply
+          run: terraform apply -auto-approve

AWS_ECS_Labs/Dockerfile

@@ -0,0 +1,13 @@
+FROM python:3.10-alpine3.18
+
+# WORKDIR /app
+
+COPY . .
+
+RUN pip install -r requirements.txt
+
+EXPOSE 5000
+
+ENV PYTHONUNBUFFERED=1
+
+CMD ["python" ,"app.py"]

AWS_ECS_Labs/ECS/main.tf

@@ -0,0 +1,73 @@
+
+
+data "aws_vpc" "existing" {
+  id = var.vpc_id  
+}
+
+
+resource "aws_security_group" "ecs_sg" {
+  vpc_id = data.aws_vpc.existing.id
+  name   = "ecs-security-group"
+  # Inbound and outbound rules
+  ingress {
+    from_port   = 5000
+    to_port     = 5000
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}
+
+
+resource "aws_ecs_task_definition" "task_definition" {
+  family                = var.cluster_service_task_name
+  network_mode          = "awsvpc"
+  memory                = "512"
+  requires_compatibilities = ["FARGATE"]
+
+
+  execution_role_arn    = var.execution_role_arn 
+
+
+  container_definitions = jsonencode([
+    {
+      name      = "flask-api-container"
+      image     = var.image_id  
+      cpu       = 256
+      memory    = 512
+      port_mappings = [
+        {
+          container_port = 5000
+          host_port      = 5000
+          protocol       = "tcp"
+        }
+      ]
+    }
+  ])
+
+  cpu = "256"  
+}
+
+
+resource "aws_ecs_cluster" "ecs_cluster" {
+  name = var.cluster_name
+}
+
+resource "aws_ecs_service" "service" {
+  name            = var.cluster_service_name
+  cluster         = aws_ecs_cluster.ecs_cluster.id
+  task_definition = aws_ecs_task_definition.task_definition.arn
+  desired_count   = 1
+  launch_type     = "FARGATE"
+
+  network_configuration {
+    subnets          = [var.vpc_id_subnet_list[0], var.vpc_id_subnet_list[1], var.vpc_id_subnet_list[2], var.vpc_id_subnet_list[3]]
+    security_groups  = [aws_security_group.ecs_sg.id]
+    assign_public_ip = true
+  }
+}

AWS_ECS_Labs/ECS/variables.tf

@@ -0,0 +1,16 @@
+
+
+variable "vpc_id" {}
+
+variable "cluster_name" {}
+
+variable "cluster_service_name" {}
+
+variable "cluster_service_task_name" {}
+
+variable "image_id" {}
+
+variable "vpc_id_subnet_list" {}
+
+variable "execution_role_arn" {}
+

AWS_ECS_Labs/README.md

@@ -0,0 +1,2 @@
+# AWS_ECS_Labs
+A lab session on Deploying Images to Amazon ECS via ECR

AWS_ECS_Labs/app.py

@@ -0,0 +1,32 @@
+from flask import Flask
+import random
+import time
+
+app = Flask(__name__)
+
+@app.route('/time')
+def get_current_time():
+    timestamp = str(int(time.time()))
+    response = {
+        "time":  timestamp,
+        "message": "success",
+        "httpsresponse": "200",
+        "testedTIME": "yes"
+    }
+    return response
+
+## Add a new route here
+@app.route('/random')
+def get_random_numbers():
+    numbers = [random.randint(0, 5) for _ in range(10)]
+    response = {
+        "random_number": numbers,
+        "message": "success",
+        "httpsresponse": "200",
+        "testedTIME": "yes"
+    }
+    return response
+
+
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=5000)

AWS_ECS_Labs/main.tf

@@ -0,0 +1,12 @@
+/*
+module "ecs" {
+  source                  = "./ECS"
+  vpc_id                  = "vpc-29568551"
+  cluster_name            = "demo-api-cluster"
+  cluster_service_name    = "cloudquicklabs-api-service"
+  cluster_service_task_name = "cloudquicklabs-api-task"
+  vpc_id_subnet_list      = ["subnet-470f460c", "	subnet-34b48b6e", "subnet-9b072be2", "subnet-f78ebadf"]
+  execution_role_arn      = "arn:aws:iam::357171621133:role/ETLlambdaAccessRole"
+  image_id                = "357171621133.dkr.ecr.us-west-2.amazonaws.com/ecsdemo:latest"
+}
+*/

AWS_ECS_Labs/provider.tf

@@ -0,0 +1,32 @@
+terraform {
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.15.0"
+    }
+
+    random = {
+      source  = "hashicorp/random"
+      version = "3.1.0"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = ">= 2.0.1"
+    }
+  }
+
+backend "remote" {
+		hostname = "app.terraform.io"
+		organization = "CloudQuickLabs"
+
+		workspaces {
+			name = "AWSECS"
+		}
+	}
+}
+
+provider "aws" {
+  region = "us-west-2"
+}
+

AWS_ECS_Labs/requirements.txt

@@ -0,0 +1 @@
+Flask>=1.1.1