This is an example of how to build an autoscaling infrastructure on AWS from scratch using ansible, and is intended to be used as a Demo on how to quickly create infrastructure as code on the cloud. It uses Amazon ECS (Elastic Container Service) which is an implementation of Kubernetes. I am including a simple python application which serves a minimal http server and it's Dockerfile.
This demo will:
Basic Infra
- Create a new VPC
- Create Subnets on two different availability zones of the region
- Create Security groups:
- Allow ssh to the EC2 instances
- Allow web access from the internet and to port 9090 (for LB and EC2 instances)
Auto Scaling
- Create an AutoScaling Group, a Launch Configuration and an AutoScaling policy for use by ECS
Load Balancing
- Create and link an ELB service for Load Balancing on the Cluster. The scaling strategy will increase by 1 instance if network In is is >= 10 bytes for 1' And reduce it by 1 if NetworkIn is <= 5 for 1'
DNS
- Create a Route 53 zone and register the ELB on it
Container Scheduler service
- Create an ECS cluster
- Create an ECS task definition for running our Container
- Create a Service to access our containers
It has been tested using python 2.7, and Ansible 2.4.3 (previous versions are known to have problems with some AWS modules)
- A working AWS account, it's access keys and ssh keys.
- Python and Ansible
- boto, boto3 and awscli
pip install -r requirements.txt
aws configure
Please enter also your credentials and zone on aws configure step.
** Create an IAM role for giving access ECS to the compute instances You will need to create ecsInstance Role from AWS IAM Console
- Create Rolename: ecsInstanceRole
- Apply the following AWS policy to the role: AmazonEC2ContainerServiceforEC2Role.
The container is pushed to Docker Hub as adriangrebin/prototype, the source, Dockerfile And build script are under /Container dir.
Under some circumstances that i was unable to reproduce since i have no other AWS account. i needed to run through the ECS Getting Started, on step 2 choose the ELB option, then just keep clicking next; This is needed just to create the initial ECS roles;
You will need to export your AWS keys as follows:
export AWS_ACCESS_KEY="your access key"
export AWS_SECRETE_KEY="your secret key"
export AWS_REGION="the region you intend to deploy to" # Make a note that not all regions support ECS
Then you will run the shellscript deploy-cluster.sh and pass following parameters:
- Domain name for route53
- Name of SSH credentials to link to the EC2 instances
Example
./deploy-cluster.sh domain.local MySShKey
MANDATORY Edits
- Edit my_vpc_region and set yours
- Edit ssh_key_name and put yours
Example
vars:
my_vpc_name: "PrototypingExceriseCluster"
my_vpc_region: "us-east-2"
my_vpc_cidr: "172.56.0.0/16"
everywhere_cidr: "0.0.0.0/0"
ssh_key_name: "SSHKEYNAME"
Once everything is deployed you will need to get the Load Balancer Address Go to EC2, Load Balancer and on Description Tab, you will have 'DNS name' You can access the application just by pointing your browser to that FQDN
This is based on Daniel Roades work: see (https://github.com/daniel-rhoades) This package is distributed under MIT License.