How to create, deploy and manage an application in AWS ECS using Copilot?
Hello Everyone
Welcome to CloudAffaire and this is Debjeet.
Today we are going to discuss, how to deploy a container application in AWS ECS using AWS Copilot.
What is AWS Copilot?
The Copilot CLI is a tool for developers to build, release, and operate production-ready containerized applications on AWS App Runner, Amazon ECS, and AWS Fargate.
Copilot makes it super easy to set up and deploy your containers on AWS – but getting started is only the first step of the journey. What happens when you want to have one copy of your service running only for testing and another copy serving production traffic? What happens when you want to add another service? How do you manage deploying to all of these services? Copilot wants to help you with all of these things so let’s jump into some of Copilot’s core concepts to understand how they can help.
Applications:
An Application is a collection of services and environments. When you get started with Copilot, the first thing you’ll be asked to do is choose an application name. This can be a high level description of the product you’re trying to build. An example might be an application named “chat” which has two services “frontend” and “api”. These two services could then be deployed to a “test” and “production” environment.
Environments:
Rumor has it, there are people out there that can write perfect code on the first go without any bugs. While we tip our hats to those folks, we believe it’s important to be able to test new code on a non-customer facing version of your service before promoting to production. In Copilot we do this by using environments. Each environment can have its own version of a service running allowing you to create a “test” and “production” environment. You can deploy your service to the test environment, make sure everything looks good, then deploy to your production environment. Since each environment is independent, if you deploy a bug to your test environment, customers using a service deployed to your production environment will be fine.
Services:
A service is your code and all of the supporting infrastructure needed to get it up and running on AWS. When you first get started setting up a service, Copilot will ask you what type of service you want to create. The type of service determines the infrastructure that’ll be created to support your code. If you want your code to serve traffic from the internet, for example, Copilot can set up an Application Load Balancer and an Amazon ECS Service running on AWS Fargate.
Jobs:
Jobs are ephemeral Amazon ECS tasks that are triggered by an event. Once their work is done, the task terminates. Just like services, Copilot will ask you all the necessary information to quickly get going with a scheduled task on AWS. The manifest file can always be used to adjust the configuration and provide more advanced settings.
Pipelines:
Now that you’ve got an application with a few services deployed to a couple of environments, staying on top of those deployments can become tricky. Copilot can help by setting up a release pipeline that deploys your service whenever you push to your git repository. (At this time, Copilot supports GitHub, Bitbucket, and CodeCommit repositories.) When a push is detected, your pipeline will build your service, push the image to ECR, and deploy to your environments.
Credentials:
- Application credentials: Copilot uses the AWS credentials from the default credential provider chain to store and look up your application’s metadata: which services and environments belong to it. Alternatively, you can set the AWS_PROFILE environment variable to point to a different named profile. For example, we can have a [my-app] profile that can be used for your Copilot application instead of the [default] profile.
- Environment credentials: Copilot environments can be created in AWS accounts and regions separate from your application’s. While initializing an environment, Copilot will prompt you to enter temporary credentials or a named profile to create your environment.
Manifest:
The AWS Copilot CLI manifest describes a service’s or job’s architecture as infrastructure-as-code. It is a file generated from copilot init, copilot svc init, or copilot job init that gets converted to an AWS CloudFormation template. Unlike raw CloudFormation templates, the manifest allows you to focus on the most common settings for the architecture of your service or job, and not the individual resources. Manifest files are stored under copilot/<your service or job name>/manifest.yml.
How to create, deploy and manage an application in AWS ECS using Copilot?
Prerequisites:
Step 1: Clone AWS provided sample ECS application.
|
1 2 3 4 |
## Clone the sample app code from GitHub git clone https://github.com/aws-samples/amazon-ecs-cli-sample-app.git myapp cd myapp echo "hello world v1" > index.html |
Step 2: Initialize and deploy your containerize application in AWS ECS using Copilot.
|
1 2 |
## Initialize and deploy the sample app using aws copilot copilot init |
Copilot will prompt to supply some options, provide the value as show below –
- Application name: myapp
- Workload type: Load Balanced Web Service
- Service name: api
- Dockerfile: ./Dockerfile
- Port: 80
- Deploy: Yes
Here the full excerpt for your reference.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
## Welcome to the Copilot CLI! We're going to walk you through some questions ## to help you get set up with a containerized application on AWS. An application is a collection of ## containerized services that operate together. ## ## Application name: myapp ## Workload type: Load Balanced Web Service ## Service name: api ## Dockerfile: ./Dockerfile ## parse EXPOSE: no EXPOSE statements in Dockerfile ./Dockerfile ## Port: 80 ## Ok great, we'll set up a Load Balanced Web Service named api in application myapp listening on port 80. ## ## ✔ Created the infrastructure to manage services and jobs under application myapp. ## ## ✔ The directory copilot will hold service manifests for application myapp. ## ## ✔ Wrote the manifest for service api at copilot/api/manifest.yml ## Your manifest contains configurations like your container size and port (:80). ## ## ✔ Created ECR repositories for service api. ## ## All right, you're all set for local development. ## Deploy: Yes ## ## ✔ Linked account ## ## ✔ Proposing infrastructure changes for the myapp-test environment. ## - Creating the infrastructure for the myapp-test environment. [create complete] [89.8s] ## - An IAM Role for AWS CloudFormation to manage resources [create complete] [29.0s] ## - An ECS cluster to group your services [create complete] [12.6s] ## - An IAM Role to describe resources in your environment [create complete] [30.3s] ## - A security group to allow your containers to talk to each other [create complete] [5.9s] ## - An Internet Gateway to connect to the public internet [create complete] [19.1s] ## - Private subnet 1 for resources with no internet access [create complete] [18.0s] ## - Private subnet 2 for resources with no internet access [create complete] [18.0s] ## - Public subnet 1 for resources that can access the internet [create complete] [18.0s] ## - Public subnet 2 for resources that can access the internet [create complete] [18.0s] ## - A Virtual Private Cloud to control networking of your AWS resources [create complete] [19.1s] ## ✔ Created environment test in region ap-south-1 under application myapp. ## Environment test is already on the latest version v1.8.0, skip upgrade. ## Sending build context to Docker daemon 80.9kB ## Step 1/2 : FROM nginx ## latest: Pulling from library/nginx ## f7a1c6dad281: Pull complete ## 4d3e1d15534c: Pull complete ## 9ebb164bd1d8: Pull complete ## 59baa8b00c3c: Pull complete ## a41ae70ab6b4: Pull complete ## e3908122b958: Pull complete ## Digest: sha256: ## Status: Downloaded newer image for nginx:latest ## ---> c919045c4c2b ## Step 2/2 : COPY index.html /usr/share/nginx/html ## ---> 678221465428 ## Successfully built 678221485428 ## Successfully tagged ## WARNING! Your password will be stored unencrypted in /home/ec2-user/.docker/config.json. ## Configure a credential helper to remove this warning. See ## https://docs.docker.com/engine/reference/commandline/login/#credentials-store ## ## Login Succeeded ## Using default tag: latest ## The push refers to repository [ ## 1ac2b8457598: Pushed ## e4b39f949587: Pushed ## 53db376e88c7: Pushed ## d3ae25fc9f7a: Pushed ## 3baebd9b50ad: Pushed ## 57a9a0cdd450: Pushed ## 1401df2b50d5: Pushed ## latest: digest: sha256: ## ✔ Proposing infrastructure changes for stack myapp-test-api ## - Creating the infrastructure for stack myapp-test-api [create complete] [248.2s] ## - Service discovery for your services to communicate within the VPC [create complete] [3.6s] ## - Update your environment's shared resources [update complete] [113.4s] ## - A security group for your load balancer allowing HTTP and HTTPS traffic [create complete] [5.4s] ## - An Application Load Balancer to distribute public traffic to your services [create complete] [93.9s] ## - An IAM Role for the Fargate agent to make AWS API calls on your behalf [create complete] [29.9s] ## - A CloudWatch log group to hold your service logs [create complete] [0.0s] ## - An ECS service to run and maintain your tasks in the environment cluster [create complete] [65.5s] ## Deployments ## Revision Rollout Desired Running Failed Pending ## PRIMARY 1 [completed] 1 1 0 0 ## - A target group to connect the load balancer to your service [create complete] [3.6s] ## - An ECS task definition to group your containers and run them on ECS [create complete] [3.9s] ## - An IAM role to control permissions for the containers in your tasks [create complete] [30.1s] ## ✔ Deployed service api. ## Recommended follow-up action: ## - You can access your service at http://myapp-Publi-VMGSROV3IZ62-1502328957.ap-south-1.elb.amazonaws.com over the internet. |
One the application is deployed; you can curl or browse the link to check if your application is working properly.
Step 3: Check if your application is successfully deployed
|
1 2 3 4 |
## Check if your application deployed successfully curl -s http://myapp-Publi-VMGSROV3IZ62-1502328957.ap-south-1.elb.amazonaws.com ## returns "hello world v1" |
Step 4: Get details on your application, environment and services using AWS Copilot command.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 |
## List all applications copilot app ls ## returns myapp ## Get details on applications copilot app show ## returns ## About ## ## Name myapp ## Version v1.0.2 ## URI ## ## Environments ## ## Name AccountID Region ## ---- --------- ------ ## test ## ## Services ## ## Name Type ## ---- ---- ## api Load Balanced Web Service ## ## Pipelines ## ## Name ## ---- ## List all environments copilot env ls ## returns test ## List services copilot svc ls ## returns ## Name Type ## ---- ---- ## api Load Balanced Web Service ## Get service details copilot svc show ## Only found one service, defaulting to: api ## About ## ## Application myapp ## Name api ## Type Load Balanced Web Service ## ## Configurations ## ## Environment Tasks CPU (vCPU) Memory (MiB) Platform Port ## ----------- ----- ---------- ------------ -------- ---- ## test 1 0.25 512 LINUX/X86_64 80 ## ## Routes ## ## Environment URL ## ----------- --- ## test http://myapp-Publi-VMGSROV3IZ62-1502328957.ap-south-1.elb.amazonaws.com ## ## Service Discovery ## ## Environment Namespace ## ----------- --------- ## test api.test.myapp.local:80 ## ## Variables ## ## Name Container Environment Value ## ---- --------- ----------- ----- ## COPILOT_APPLICATION_NAME api test myapp ## COPILOT_ENVIRONMENT_NAME " " test ## COPILOT_LB_DNS " " myapp-Publi-VMGSROV3IZ62-1502328957.ap-south-1.elb.amazonaws.com ## COPILOT_SERVICE_DISCOVERY_ENDPOINT " " test.myapp.local ## COPILOT_SERVICE_NAME " " api ## Get service logs copilot svc logs ## returns ## Found only one deployed service api in environment test ## copilot/api/f4ca164083814 10.0.0.212 - - [09/Mar/2022:09:11:33 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.1.131 - - [09/Mar/2022:09:11:35 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.0.212 - - [09/Mar/2022:09:12:03 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.1.131 - - [09/Mar/2022:09:12:05 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.0.212 - - [09/Mar/2022:09:12:33 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.1.131 - - [09/Mar/2022:09:12:35 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.0.212 - - [09/Mar/2022:09:13:03 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.1.131 - - [09/Mar/2022:09:13:05 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.0.212 - - [09/Mar/2022:09:13:33 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## copilot/api/f4ca164083814 10.0.1.131 - - [09/Mar/2022:09:13:35 +0000] "GET / HTTP/1.1" 200 3165 "-" "ELB-HealthChecker/2.0" "-" ## Get service status copilot svc status ## returns ## Found only one deployed service api in environment test ## Task Summary ## ## Running ██████████ 1/1 desired tasks are running ## Health ██████████ 1/1 passes HTTP health checks ## ## Tasks ## ## ID Status Revision Started At HTTP Health ## -- ------ -------- ---------- ----------- ## f4ca1640 RUNNING 1 18 minutes ago HEALTHY |
Next, we will a new version of the application using copilot.
Step 5: Deploy a new version of the application using AWS copilot.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
## Update the index.html file echo "hello world v2" > index.html ## deploy a new version of service copilot svc deploy ## Only found one service, defaulting to: api ## Only found one environment, defaulting to: test ## Environment test is already on the latest version v1.8.0, skip upgrade. ## Sending build context to Docker daemon 77.82kB ## Step 1/2 : FROM nginx ## ---> c919045c4c2b ## Step 2/2 : COPY index.html /usr/share/nginx/html ## ---> 7b595cd28de9 ## Successfully built 7b595cd28de9 ## Successfully tagged ## WARNING! Your password will be stored unencrypted in /home/ec2-user/.docker/config.json. ## Configure a credential helper to remove this warning. See ## https://docs.docker.com/engine/reference/commandline/login/#credentials-store ## ## Login Succeeded ## Using default tag: latest ## The push refers to repository [ ## 7d9f91c81def: Pushed ## e4b39f949587: Layer already exists ## 53db376e88c7: Layer already exists ## d3ae25fc9f7a: Layer already exists ## 3baebd9b50ad: Layer already exists ## 57a9a0cdd450: Layer already exists ## 1401df2b50d5: Layer already exists ## latest: digest: sha256:807d3c39ccae975125a4065faa31140b4f0dddde5e05774ade934fd478aad8cd size: 1777 ## ✔ Proposing infrastructure changes for stack myapp-test-api ## - Updating the infrastructure for stack myapp-test-api [update complete] [284.3s] ## - An ECS service to run and maintain your tasks in the environment cluster [update complete] [262.5s] ## Deployments ## Revision Rollout Desired Running Failed Pending ## PRIMARY 2 [completed] 1 1 0 0 ## - An ECS task definition to group your containers and run them on ECS [delete complete] [0.0s] ## ✔ Deployed service api. ## Recommended follow-up action: ## - You can access your service at http://myapp-Publi-VMGSROV3IZ62-1502328957.ap-south-1.elb.amazonaws.com over the internet. |
Step 6: Check if new version of the application is successfully deployed
|
1 2 3 4 |
## Check if your application deployed successfully curl -s http://myapp-Publi-VMGSROV3IZ62-1502328957.ap-south-1.elb.amazonaws.com ## returns "hello world v2" |
Step 7: Clean up.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
## Delete your application and all the resources copilot app delete ## Sure? Yes ## ✔ Deleted service api from environment test. ## ✔ Deleted resources of service api from application myapp. ## ## ✔ Deleted service api from application myapp. ## ✔ Deleted environment test from application myapp. ## ✔ Cleaned up deployment resources. ## ✔ Deleted application resources. ## ✔ Deleted application configuration. ## ✔ Deleted local .workspace file. |
Hope you have enjoyed this article, to get more details on AWS ECS, please follow below link.
https://docs.aws.amazon.com/ecs/index.html
To get more details in AWS Copilot, please refer below documentation
https://aws.github.io/copilot-cli/docs/overview/