top of page
Writer's pictureVaibhav Deshpande

Tutorial blog to create an Amazon ECS Service containing a Fargate task using blue-green deployment

Learning objectives:

1. Learn to create Amazon ECS clusters with the AWS CLI using AWS CloudShell.

2. Learn to create a Task definition for an application with the AWS CLI using AWS CloudShell.

3. Learn to create a Service from the Task definition that uses blue/green deployment.

4. Learn to run the Service on the Amazon ECS Clusters with the AWS CLI using AWS CloudShell.

Step1: In AWS management console, go to IAM role and choose Roles and click on Create role.

Trust entity type: AWS service.

Use case: CodeDeploy.

Choose a use case for the specified service: CodeDeploy – ECS.

Choose Next.

In the Attach permissions policy section, do the following:

a) Search for AWSCodeDeployRoleForECS, then select the policy.

b) Under Set permissions boundary - optional, choose Create role without a permissions boundary.

c) Choose Next.

Under Role details, do the following:

a) For Role name, enter My-ecsCodeDeployRole, and enter an optional description.

b) For Add tags (optional), enter any custom tags to associate with the policy.

Choose Create role.

Step 2: In AWS management console, go to IAM role and choose Roles and click on Create role for creating another role.

Trust entity type: AWS service.

Use case: Elastic Container Service.

Choose a use case for the specified service: Elastic Container Service Task.

Choose Next.

In the Attach permissions policy section, do the following:

a) Search for AmazonECSTaskExecutionRolePolicy, then select the policy.

b) Under Set permissions boundary - optional, choose Create role without a permissions boundary.

c) Choose Next.

Under Role details, do the following:

a) For Role name, type My-ecsTaskExecutionRole.

b) For Add tags (optional).

Choose Create role.

Step 3: Go to CloudShell and execute the following command for creating a load balancer. Specify two subnets that aren't from the same Availability Zone and Security group as well as the region in which you are performing.

To get subnet id search for VPC and click on subnet. From here you can copy any 2-subnet ids.

aws elbv2 create-load-balancer \

--name bluegreen-alb \

--subnets subnet-abcd1234 subnet-abcd5678 \

--security-groups sg-abcd1234 \

--region us-east-1

After executing the command, you will get an output so copy the Load Balancer ARN and store it somewhere for further use.

Step 4: Execute the following command for creating a target-group. Replace the vpc with your vpc(default) and specify your region in which you are performing.

aws elbv2 create-target-group \

--name bluegreentarget1 \

--protocol HTTP \

--port 80 \

--target-type ip \

--vpc-id vpc-abcd1234 \

--region us-east-1

After executing the command, you will get an output so copy the TargetARN and store it somewhere for further use.

Step 5: Execute the following command for creating a Listener. Replace the Load Balancer ARN and Target-group ARN with the ARN you copied in previous steps, i.e., Step 3 & 4 and specify your region in which you are performing.

aws elbv2 create-listener \

--load-balancer-arn arn:aws:elasticloadbalancing:region:aws_account_id:loadbalancer/app/bluegreen-alb/e5ba62739c16e642 \

--protocol HTTP \

--port 80 \

--default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4 \

--region us-east-1

After executing the command, you will get an output so copy the ListenerARN and store it somewhere for further use.

Step 6: Execute the following command for creating a Cluster. Specify your region in which you are performing.

aws ecs create-cluster \

--cluster-name tutorial-bluegreen-cluster \

--region us-east-1

After executing the command, you will get an output so copy the Cluster ARN and store it somewhere for further use.

Step 7: Execute the following command for creating a Task definition.

nano fargate-task.json

Copy the below code and paste it in the editor and replace the executionRoleArn with your ecsTaskExecutionRole Arn given in red.

{

"family": "tutorial-task-def",

"networkMode": "awsvpc",

"containerDefinitions": [

{

"name": "sample-app",

"image": "httpd:2.4",

"portMappings": [

{

"containerPort": 80,

"hostPort": 80,

"protocol": "tcp"

}

],

"essential": true,

"entryPoint": [

"sh",

"-c"

],

"command": [

"/bin/sh -c \"echo '<html> <head> <title> ECS App from Cloud-PlusPlus </title> <style>body {margin-top: 40px; background-color: #00FFFF;} </style> </head><body> <div style=color:white;text-align:center> <h1> ECS App from Cloud-PlusPlus</h1> <h2>Hi!</h2> <p> How are you?</p> </div></body></html>' > /usr/local/apache2/htdocs/index.html && httpd-foreground\""

]

}

],

"requiresCompatibilities": [

"FARGATE"

],

"cpu": "256",

"memory": "512",

"executionRoleArn": "arn:aws:iam::aws_account_id:role/ecsTaskExecutionRole"

}

After pasting the code, Ctrl+X and then Y and Enter.

Now execute the following command given below.

aws ecs register-task-definition \

--cli-input-json file://fargate-task.json \

--region us-east-1

After executing the command, you will get an output so copy the taskDefinitionArn and store it somewhere for further use.

After executing the command keep pressing enter until you see end, now press Ctrl+C. if CloudShell didn’t respond then Restart the CloudShell.

Step 8: Execute the following command for creating a Service.

nano service-bluegreen.json

Copy the below code and paste it in the editor and replace the TargetGroupArn with your ARN copied in previous step and give your security group id and subnets id.

{

"cluster": "tutorial-bluegreen-cluster",

"serviceName": "service-bluegreen",

"taskDefinition": "tutorial-task-def",

"loadBalancers": [

{

"targetGroupArn": "arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4",

"containerName": "sample-app",

"containerPort": 80

}

],

"launchType": "FARGATE",

"schedulingStrategy": "REPLICA",

"deploymentController": {

"type": "CODE_DEPLOY"

},

"platformVersion": "LATEST",

"networkConfiguration": {

"awsvpcConfiguration": {

"assignPublicIp": "ENABLED",

"securityGroups": [ "sg-abcd1234" ],

"subnets": [ "subnet-abcd1234", "subnet-abcd5678" ]

}

},

"desiredCount": 1

}

After pasting the code, Ctrl+X and then Y and Enter.

Now execute the following command given below.

aws ecs create-service \

--cli-input-json file://service-bluegreen.json \

--region us-east-1

After executing the command, you will get an output so copy the Service ARN and store it somewhere for further use.

Obtain the DNS name of the load balancer using the following command.

aws elbv2 describe-load-balancers --name bluegreen-alb --query 'LoadBalancers[*].DNSName'

Enter the DNS name in your web browser and you should see a webpage that displays the sample app with a blue background.

Step 9: Execute the following command for creating a CodeDeploy application.

aws deploy create-application \

--application-name tutorial-bluegreen-app \

--compute-platform ECS \

--region us-east-1

After executing the command, you will get an output so copy the ApplicationID and store it somewhere for further use.

Step 10: Execute the following command for creating a second target-group in Application Load Balancer. Replace the vpc with your vpc(default) and specify your region in which you are performing.

aws elbv2 create-target-group \

--name bluegreentarget2 \

--protocol HTTP \

--port 80 \

--target-type ip \

--vpc-id "vpc-0b6dd82c67d8012a1" \

--region us-east-1

After executing the command, you will get an output so copy the TargetARN and store it somewhere for further use.

Step 11: Execute the following command for creating a CodeDeploy deployment group.

nano tutorial-deployment-group.json

Copy the below code and paste it in the editor and replace the listener arn with your listener arn copied in Step 5 and replace the serviceRolearn with your CodeDeploy arn you created in IAM role.

{

"applicationName": "tutorial-bluegreen-app",

"autoRollbackConfiguration": {

"enabled": true,

"events": [ "DEPLOYMENT_FAILURE" ]

},

"blueGreenDeploymentConfiguration": {

"deploymentReadyOption": {

"actionOnTimeout": "CONTINUE_DEPLOYMENT",

"waitTimeInMinutes": 0

},

"terminateBlueInstancesOnDeploymentSuccess": {

"action": "TERMINATE",

"terminationWaitTimeInMinutes": 5

}

},

"deploymentGroupName": "tutorial-bluegreen-dg",

"deploymentStyle": {

"deploymentOption": "WITH_TRAFFIC_CONTROL",

"deploymentType": "BLUE_GREEN"

},

"loadBalancerInfo": {

"targetGroupPairInfoList": [

{

"targetGroups": [

{

"name": "bluegreentarget1"

},

{

"name": "bluegreentarget2"

}

],

"prodTrafficRoute": {

"listenerArns": [

"arn:aws:elasticloadbalancing:region:aws_account_id:listener/app/bluegreen-alb/e5ba62739c16e642/665750bec1b03bd4"

]

}

}

]

},

"serviceRoleArn": "arn:aws:iam::aws_account_id:role/ecsCodeDeployRole",

"ecsServices": [

{

"serviceName": "service-bluegreen",

"clusterName": "tutorial-bluegreen-cluster"

}

]

}

After pasting the code, Ctrl+X and then Y and Enter.

Now execute the following command given below.

aws deploy create-deployment-group \

--cli-input-json file://tutorial-deployment-group.json \

--region us-east-1

After executing the command, you will get an output so copy the deployment group id and store it somewhere for further use.

Step 12: Execute the following command given below.

nano fargate-task.json

In the code, make the following changes. Replace this Blod highlighted text part with previous text.

"command": [

"/bin/sh -c \"echo '<html> <head> <title> ECS App from Cloud-PlusPlus </title> <style>body {margin-top: 40px; background-color: #097969;} </style> </head><body> <div style=color:white;text-align:center> <h1> ECS App from Cloud-PlusPlus </h1> <h2>Hi!</h2> <p> How is this change? </p> </div></body></html>' > /usr/local/apache2/htdocs/index.html && httpd-foreground\""

After pasting the code, Ctrl+X and then Y and Enter.

Now execute the following command given below.

aws ecs register-task-definition \

--cli-input-json file://fargate-task.json \

--region us-east-1

Step 13: Execute the following command given below.

nano appspec.yaml

Paste the given code in the editor. Replace the Task definition ARN with your second Task Definition ARN copied in Step 10.

version: 0.0

Resources:

- TargetService:

Type: AWS::ECS::Service

Properties:

TaskDefinition: "arn:aws:ecs:region:aws_account_id:task-definition/first-run-task-definition:2"

LoadBalancerInfo:

ContainerName: "sample-app"

ContainerPort: 80

PlatformVersion: "LATEST"

After pasting the code, Ctrl+X and then Y and Enter.

Use the s3 mb command to create an Amazon S3 bucket for the AppSpec file.

aws s3 mb s3://tutorial-bluegreen-buckettt

Use the s3 cp command to upload the AppSpec file to the Amazon S3 bucket.

aws s3 cp ./appspec.yaml s3://tutorial-bluegreen-buckettt/appspec.yaml

Step 14: Execute the following command given below.

nano create-deployment.json

Paste the given code in the editor.

{

"applicationName": "tutorial-bluegreen-app",

"deploymentGroupName": "tutorial-bluegreen-dg",

"revision": {

"revisionType": "S3",

"s3Location": {

"bucket": "tutorial-bluegreen-buckettt",

"key": "appspec.yaml",

"bundleType": "YAML"

}

}

}

After pasting the code, Ctrl+X and then Y and Enter.

Now execute the following command given below.

aws deploy create-deployment \

--cli-input-json file://create-deployment.json \

--region us-east-1

After executing the command, you will get an output so copy the deployment id and store it somewhere for further use.

Step 15: Execute the following command to get deployment target, specifying the deploymentId from the previous output.

aws deploy get-deployment-target \

--deployment-id "d-IMJU3A8TW" \

--target-id tutorial-bluegreen-cluster:service-bluegreen \

--region us-east-1

Initially, the deployment status is InProgress. Traffic is directed to the original task set, which has a taskSetLabel of BLUE, a status of PRIMARY, and a trafficWeight of 100.0. The replacement task set has a taskSetLabel of GREEN, a status of ACTIVE, and a trafficWeight of 0.0. The web browser you entered the DNS name in still displays the sample app with a blue background.

Continue to retrieve the deployment details using the command until the deployment status is Succeeded, as shown in the following output.

Refresh the web browser you entered the load balancer DNS name in, and you should now see the sample app with a green background.

You can see your Deployment in CodeDeploy.

Note: Delete the CodeDeploy applications, S3 bucket, ECS cluster, service, task definition, EC2 load balancer, target group if no longer needed.



Was this document helpful? How can we make this document better. Please provide your insights. You can download PDF version for reference.



For your aws certification needs or for aws learning contact us.

Recent Posts

See All

9件のコメント


VAISHNAVI M
VAISHNAVI M
4月08日

Very useful sir

いいね!

Gokul M
Gokul M
4月01日

well defined

いいね!

Yamunadevi K
Yamunadevi K
3月24日

Easy to understand

いいね!

Jothipriya
Jothipriya
3月24日

Easy to follow

いいね!

Gokulnath
Gokulnath
3月24日

Understood

いいね!
bottom of page