A quick reference on deploying a sample containerized web ppplication on AWS.
The project is to create a containerized web application using Docker and deploy it on AWS using Amazon Elastic Container Registry and Elastic Kubernetes Service. The web application will use a containerized version of a popular open-source web application and will be accessible globally through Elastic Kubernetes Service.
(General idea about the architecture including the optional services.)
(Data flow chart based on the diagram above; subject to change with the changes in the architecture.)
- Understanding of containerization and Docker.
- Knowledge of Kubernetes and container orchestration.
- Familiarity with Elastic Container Registry and Elastic Kubernetes Service.
- Understanding of AWS infrastructure services such as AWS Load Balancer and Amazon CloudFront.
High-level tasks:
- Set up an AWS account and create a new Elastic Container Registry.
- Create a Dockerfile to build a container image of the chosen web application and push it to the Elastic Container Registry.
- Create an Elastic Kubernetes Service cluster and configure it to use the Elastic Container Registry to pull container images.
- Deploy the containerized web application to the Elastic Kubernetes Service cluster.
- Use AWS Load Balancer or Amazon CloudFront to provide global accessibility to the web application.
- Implement scalability and high availability features for the web application using Elastic Kubernetes Service.
Optional tasks:
- Use Amazon CloudWatch to monitor the performance and health of the containerized web application.
- Use AWS ECS to automate the deployment process and manage the container lifecycle.
- Use AWS Step Functions to manage and secure communication between microservices running in the containerized web application.
Core:
- Amazon EC2
- Amazon Elastic Kubernetes Service (EKS)
- Amazon Elastic Container Registry (ECR)
- Application Load Balancer (ALB)
- Amazon Route 53
- Amazon CloudFront
- Amazon Relational Database Service (RDS)
Additional:
- AWS Identity and Access Management (IAM)
- Amazon CloudWatch
- AWS Auto Scaling
- AWS Secrets Manager
- AWS Key Management Service (KMS)
Development and CI/CD Tools:
- Docker
- AWS CodePipeline
- AWS CoreBuild
- AWS CodeDeploy
- Kubernetes YAML Files
Scalability and High Availability:
- Horizontal Pod Autoscaler (HPA)
- AWS Fargate (Optional)
Security and Networking:
- AWS WAF (Web Application Firewall)
- AWS VPC (Virtual Private Cloud)
- AWS NAT Gateway
Optional Advanced Features:
- AWS App Mesh
- AWS Elastic File System (EFS)
- AWS Lambda
The security group associated with an EC2 should allow SSH (port 22) connections to work on the server and HTTP (port 80) connections to be able to access to the deployed web-server container via a public IP.
To avoid the No basic auth credentials error, we need to create a docker group and add a docker user to it. This also allows to avoid typing sudo before every docker command. To do that:
- $sudo groupadd docker
- $sudo usermod -aG docker $USER
Then log out and log in for changes to take place.
To build a docker image:
docker build -t test-image .
To run a docker container:
docker run -d -p 80:80 --name test-container test-image
To view the status of running containers:
docker ps -a
To remove a running container:
docker rm test-container
To remove an image from docker's registry:
docker image rm test-image