Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/tukue/terraform-ecs-app

This repository contains the code for deploying a containerized task management application on AWS ECS using Terraform. It includes infrastructure modules for networking, security, ECS cluster setup, and ECR integration. The application is built with FastAPI and provides a simple interface for managing daily tasks.
https://github.com/tukue/terraform-ecs-app

aws-ecs ecr fastapi terraform

Last synced: 2 months ago
JSON representation

This repository contains the code for deploying a containerized task management application on AWS ECS using Terraform. It includes infrastructure modules for networking, security, ECS cluster setup, and ECR integration. The application is built with FastAPI and provides a simple interface for managing daily tasks.

Awesome Lists containing this project

README 

          
# ECS-Based Application Infrastructure



This project contains the infrastructure code for deploying a containerized application on AWS ECS using Terraform.



## Project Structure



The infrastructure is organized into modules:



- **Network Module**: VPC, subnets, internet gateway, NAT gateway, and route tables

- **Security Module**: Security groups and IAM roles

- **ECS Module**: ECS cluster, task definition, service, and ECR repository



## Deploying the Infrastructure



Follow these steps to deploy the infrastructure:



1. Initialize Terraform:

   ```bash

   terraform init

   ```



2. Review the execution plan:

   ```bash

   terraform plan

   ```



3. Apply the changes to create the infrastructure:

   ```bash

   terraform apply

   ```



4. When prompted, type `yes` to confirm the deployment.



5. After deployment, you can view the outputs:

   ```bash

   terraform output

   ```



6. To destroy the infrastructure when no longer needed:

   ```bash

   terraform destroy

   ```



## Remote State Management



This project separates remote state management from the main Terraform configuration. This allows you to:

1. Start with local state for development

2. Optionally use remote state for team collaboration



### Using Local State (Default)



By default, the project uses local state. To ensure you're using local state:



```bash

# Make the script executable

chmod +x use-local-state.sh



# Run the script

./use-local-state.sh

```



### How to Use Remote State



This project provides scripts to easily switch between local and remote state:



#### Using Local State (Default)

```bash

# Make the script executable

chmod +x use-local-state.sh



# Switch to local state

./use-local-state.sh

terraform init

terraform plan

```



#### Setting Up Remote State

```bash

# Make the scripts executable

chmod +x create-backend.sh

chmod +x use-remote-state.sh



# Create the required AWS resources

./create-backend.sh



# Configure Terraform to use remote state

./use-remote-state.sh

terraform plan

```



You can switch between local and remote state at any time using these scripts.



## Modules



### Network Module



Located in `modules/network`, this module creates:

- VPC with public and private subnets

- Internet Gateway for public internet access

- NAT Gateway for private subnet internet access

- Route tables for traffic routing



### Security Module



Located in `modules/security`, this module creates:

- Load balancer security group

- ECS tasks security group

- IAM roles for ECS task execution and task role



### ECS Module



Located in `modules/ecs`, this module creates:

- ECR repository for container images

- ECS cluster

- ECS task definition

- ECS service



## Application Description



This project deploys a Daily Task Manager application that helps users organize their daily activities. The application features:



- Task creation, retrieval, updating, and deletion

- Priority levels (1-5) for tasks

- Due dates and completion status tracking

- Web interface for viewing tasks

- RESTful API for backend functionality



The application is built with FastAPI and uses HTML templates for the frontend views.



## Running the Application Locally



### Prerequisites

- Python 3.9 or higher

- pip (Python package manager)



### Setup and Run

1. Create a virtual environment (optional but recommended):

   ```

   python -m venv venv

   ```



2. Activate the virtual environment:

   - Windows:

     ```

     venv\Scripts\activate

     ```

   - macOS/Linux:

     ```

     source venv/bin/activate

     ```



3. Install dependencies:

   ```

   pip install -r requirements.txt

   ```



4. Run the application:

   ```

   uvicorn app:app --reload

   ```



5. Access the API:

   - Open your browser and navigate to http://localhost:8000

   - API documentation is available at http://localhost:8000/docs



### Using Docker

Alternatively, you can run the application using Docker:



```

docker build -t ecs-app .

docker run -p 8000:8000 ecs-app

```



## Infrastructure Usage



```hcl

module "network" {

  source = "./modules/network"

  

  project_name      = var.project_name

  vpc_cidr          = var.vpc_cidr

  availability_zones = var.availability_zones

}



module "security" {

  source = "./modules/security"

  

  project_name   = var.project_name

  vpc_id         = module.network.vpc_id

  container_port = var.container_port

}



module "ecs" {

  source = "./modules/ecs"

  

  aws_region        = var.aws_region

  project_name      = var.project_name

  ecr_repository_name = var.ecr_repository_name

  container_port    = var.container_port

  container_cpu     = var.container_cpu

  container_memory  = var.container_memory

  app_count         = var.app_count

  

  ecs_task_execution_role_arn = module.security.ecs_task_execution_role_arn

  ecs_task_role_arn           = module.security.ecs_task_role_arn

  ecs_tasks_security_group_id = module.security.ecs_tasks_security_group_id

  private_subnet_ids          = module.network.private_subnet_ids

  

  target_group_arn = module.alb.target_group_arn

  lb_listener_arn  = module.alb.lb_listener_arn

}

```



## Future Improvements



- Create an ALB module to handle load balancer resources

- Add CloudWatch logging module

- Implement auto-scaling for ECS services



## Architecture Diagram



```

+-------------------+

|    Internet       |

+-------------------+

        |

        v

+-------------------+

| Application Load  |

|    Balancer (ALB) |

+-------------------+

        |

        v

+-------------------+

| ECS Cluster       |

| - ECS Service     |

| - ECS Task        |

+-------------------+

        |

        v

+-------------------+

| Private Subnets   |

+-------------------+

        |

        v

+-------------------+

| ECR Repository    |

+-------------------+

```