### AWS DevOps - Continuous Docker Deployment To AWS Fargate From GitHub Using Terraform - by Antoine Cichowicz - Sep, 2023 - AWS in Plain English
### AWS DevOps - Continuous Docker Deployment To AWS Fargate From GitHub Using Terraform - by Antoine Cichowicz - Sep, 2023 - AWS in Plain English
Get unlimited access to the best of Medium for less than $1/week. Become a member
Search
Listen Share More
Solution Architecture:
AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub architecture
Introduction:
In the ever-evolving landscape of DevOps practices, the ability to streamline and
automate application deployment processes is crucial. In this article, we will
explore a hands-on guide for achieving Continuous Docker Deployment to AWS
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 1/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Fargate from a GitHub repository using Terraform. This DevOps pipeline will allow
developers to push code changes to a GitHub repository and have them
automatically deployed to an AWS Fargate cluster.
Amazon Virtual Private Cloud (VPC): Is a secure, isolated private cloud hosted.
Amazon Subnets: Public and private subnets within the VPC for isolating
resources based on security requirements.
Amazon Security Group (SG): Defines inbound and outbound traffic rules to
control network access to instances.
Amazon ECS Cluster: Manages containers using the AWS Fargate launch type,
abstracting the underlying infrastructure.
Amazon ECS Task Definition: Specifies the parameters for running containers
within an Amazon ECS service.
Amazon IAM Roles and Policies: Define permissions for different services,
allowing them to interact securely.
AWS CodeBuild Project: Builds, tests, and packages your source code, producing
a ready-to-deploy container image.
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 2/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
IAM Roles for CodePipeline and CodeBuild: Provides permissions for the
pipeline and build processes to access required resources.
IAM Policies: Define permissions for roles to access necessary AWS services and
resources.
Project Workflow:
Here’s the project workflow for the provided Terraform code that sets up a
Continuous Docker Deployment to AWS Fargate from GitHub using Terraform:
1. VPC and Networking: Create a VPC with specified CIDR blocks, public and
private subnets across availability zones, an IGW for public subnet
communication, configure NAT Gateway for private subnet outbound
communication and set up route tables for public and private subnets.
2. Security Group: Create a security group for the ALB. Allow incoming traffic on
ports 80 and 5000 for the ALB. Allow all outbound traffic.
3. Application Load Balancer (ALB): Create an ALB with specified attributes and
subnets and set up ALB target groups and listeners.
4. Amazon ECS Cluster and Task Definition: Create an ECS cluster, define an ECS
task definition for the application, configure the container definition for the
Flask app, an IAM policy for ECS task execution.
5. IAM Roles and Policies for CodePipeline and CodeBuild: Define IAM roles for
CodePipeline and CodeBuild, IAM policies with necessary permissions for ECS,
S3, CloudWatch Logs, and attach the policies to the respective roles.
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 3/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
8. Amazon SNS Topic: Create an Amazon SNS topic for CodeBuild notifications,
configure topic policy to allow CloudWatch Events to publish to the topic and
create an IAM role for CloudWatch Events.
11. Amazon ECR Repository: Create an ECR repository for Docker images.
12. Docker Image Build and Push: Use a local-exec provisioner to build and push
the Docker image to the ECR repository.
Getting Started:
Prerequisites:
Before we dive into the details of the deployment pipeline, make sure you have the
following prerequisites in place:
GitHub Token: Create an token in GitHub and provide access to the repo scopes.
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 4/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Implementation:
Terraform: All the resource provisioning for this solution is written in a
Terraform configuration, which is available in the GitHub repository.
Deployment Steps:
1. Clone this repo on the local machine.
3. Modify the necessary parameters in the vars.tf file to suit your needs, such as
region, VPC parameters, GitHub token, nomenclatures, etc.
4. Deploy the Terraform configuration with the following command: terraform init
&& terraform apply — auto-approve.
The VPC defines an isolated network in the cloud where you can deploy your AWS
resources. It’s used to host your subnets, security groups, alb, and other networking
resources.
2. Subnets:
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 5/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Subnets are logical partitions of your VPC network that can be spread across
different availability zones to ensure high availability of your resources. A minimum
of 2 AZ is required for alb deployment and resilient architecture.
3. Internet Gateway:
The internet gateway enables your resources in the VPC to communicate with the
internet.
4. NAT Gateway:
The NAT Gateway allows resources in private subnets to access the internet without
directly exposing those resources.
5. Route Tables:
Route tables define how network traffic is directed between different resources
within your VPC.
6. Security Groups:
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 6/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Security groups are virtual firewalls that control incoming and outgoing traffic for
your instances. They act as instance-level firewalls.
ECS is a container management service that enables you to run and manage
containerized applications. It offers flexible deployment options for Docker
containers.
8. ECS Cluster:
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 7/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
An ECS cluster is a group of EC2 or Fargate resources that allows you to run
containerized tasks and services.
9. Task Definition:
The ECS task definition is a template for defining how a containerized application
should run, including Docker images, exposed ports, etc.
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 8/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
IAM (Identity and Access Management) is used to manage roles and permissions. In
my case, roles and policies are created to allow services to authenticate and access
other services.
11. CodePipeline:
12. CodeBuild:
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 9/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
AWS CodeBuild is a fully managed build service that compiles your code, runs tests,
and produces deployable artifacts.
CloudWatch Events allows you to monitor and respond to changes in the state of
AWS resources. In case, it’s used to detect changes in CodeBuild build statuses.
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 10/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Subscribers to this topic can receive notifications via email, allowing them to stay
informed about the status of deployments.
The Application Load Balancer (ALB) distributes incoming traffic across different
IPs of your application based on defined routing rules.
Target groups are used with the load balancer to direct traffic to specific instances
based on defined criteria.
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 11/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
1. Copy and paste the Terraform deployment output in your favorite browser.
2. Go to the AWS Management Console and navigate to the EC2 service and go on
Load Balancer section. You can access the application by copy and paste the ALB
DNS.
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 12/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Test Deployment:
1. Modify your application’s app.py file. Change what you want in the code, text,
color, font, text size, etc… Save the changes.
3. Wait a few minutes for the new tasks to run and go to the ALB DNS to see your
application update.
You can follow the update in the CodeBuild and CodePipeline services.
CleanUp Resources:
To clean up the Terraform deployment, you can follow these steps:
1. Open the AWS Management Console and navigate to the S3 Bucket service and
empty your S3 Bucket.
3. To remove the resources created by this Terraform main.tf, run the following
command: terraform destroy --auto-approve
4. Wait the deletion to complete, it may take some time to remove all the
resources.
Conclusion:
Implementing a Continuous Docker Deployment pipeline to AWS Fargate from a
GitHub repository using Terraform empowers development teams to deliver
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 13/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
software efficiently and reliably. Automation reduces the risk of human error and
ensures that code changes are quickly and consistently deployed to production
environments.
By following the steps outlined in this article, you’ll establish a robust deployment
process that leverages the power of AWS services, Docker containers, and
infrastructure-as-code principles. This approach sets the stage for faster
development cycles, better collaboration, and increased confidence in your
application deployments.
If you found this article helpful, please hit the Follow 👉 and Clap 👏 buttons to
help me write more articles like this.
Thank You 🩵
Follow
AWS GameDayWorld Championship 2022 EMEA Top 5, FinOps Fnd, geek, nerd, running
Antoine Cichowicz
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 15/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
150 1
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 16/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Cloud Architect vs. Cloud Engineer: Choosing the Right Career Path
Making an important career decision in cloud computing
371 7
62
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 17/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
827 7
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 18/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Nithin G
212 6
Lists
Icon Design
30 stories · 116 saves
New_Reading_List
174 stories · 150 saves
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 19/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
Matteo Bianchi
1.2K 27
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 20/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
13
Dipan Saha
23
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 21/22
17/10/2023, 12:13 AWS DevOps: Continuous Docker Deployment to AWS Fargate from GitHub using Terraform | by Antoine Cichowicz | Sep, 2023 | AWS i…
136 1
https://aws.plainenglish.io/continuous-docker-deployment-to-aws-fargate-from-github-cc9e768c30d7 22/22