Deploy a Containerized App with ECS Fargate

Introduction

This project focuses on deploying a containerized application using Amazon ECS Fargate. ECS (Elastic Container Service) is AWS’s container orchestration platform, and Fargate is a serverless compute engine that allows us to run containers without managing the underlying infrastructure.

Why is it useful?

Scalability: Automatically handle scaling of container instances.
Cost-effectiveness: You pay only for the resources your containerized application actually uses, and there is an AWS Free Tier option that can keep this project at zero cost if usage remains within the free tier limits.
Security: AWS manages the OS-level security, so your focus remains on application security and configuration.

Prerequisites

Before starting, ensure the following tools, accounts, and permissions are ready:

AWS Account (Free Tier)
Sign up at aws.amazon.com/free.
AWS may request a payment method (credit card), but if you remain within the free tier limits, you will not be charged.

AWS CLI (Command-Line Interface)
Installed and configured on your local machine.
Installation guide.
Run aws configure to set up your AWS credentials (Access Key, Secret Key, default region).

IAM Permissions
An IAM user with AdministratorAccess or a similar policy that grants permissions to create and manage ECS, Fargate, ECR, and related services.

Enabled Services
ECS (Elastic Container Service)
ECR (Elastic Container Registry)
CloudWatch (for logging, optional but recommended)

Important: Throughout this guide, we assume a sample Docker container image (e.g., a simple “Hello World” web app) is ready to be pushed to ECR. If not, we will include instructions on how to quickly build one.

Step-by-Step Implementation

We will combine both Console (GUI) and CLI methods in each step.

Create an ECR Repository

Console Steps

Go to the AWS Management Console and navigate to Elastic Container Registry (ECR).

Click Create repository.

Choose Public or Private repository (choose Private if you only want your images accessible within your account).

Name the repository, for example: my-fargate-app.

Click Create repository.

CLI Steps and Explanation

What it does: This command creates a new private ECR repository named “my-fargate-app” under your AWS account.

Build and Push Your Docker Image to ECR

Assume you have a simple Dockerfile that prints “Hello from Fargate!” when accessed.

Sample Dockerfile (place this in a directory, e.g., my-app/)

Create a simple index.html with your message:

Console Steps

(Optional) Verify your ECR repository exists by going to ECR in the AWS Console.

Copy the Repository URI from the repository’s detail page (e.g., ********.dkr.ecr.us-east-1.amazonaws.com/my-fargate-app).

CLI Steps and Explanation

Authenticate Docker to ECR:

aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ********.dkr.ecr.us-east-1.amazonaws.com

What it does: Retrieves a temporary authentication token from ECR and logs your local Docker client into your ECR registry.

Build your Docker image:
docker build -t my-fargate-app .
What it does: Uses the local Dockerfile to build an image named “my-fargate-app” on your machine.

Tag your image for ECR:
docker tag my-fargate-app:latest ********.dkr.ecr.us-east-1.amazonaws.com/my-fargate-app:latest
What it does: Prepares the local image with the repository URI so it can be pushed to ECR.

Push the image:
docker push ********.dkr.ecr.us-east-1.amazonaws.com/my-fargate-app:latest
What it does: Uploads the Docker image to your ECR repository.

Create an ECS Cluster (Using Fargate)

Console Steps

Go to ECS in the AWS Console.

Click Clusters → Create Cluster.

Select Networking Only (Fargate) if prompted.

Choose a Cluster name, for example: fargate-cluster.

Leave default settings (or configure VPC/Subnets if you like).

Click Create.

CLI Steps and Explanation

What it does: Creates an ECS cluster named “fargate-cluster” that will use AWS Fargate as the launch type.

Create a Task Definition for Fargate

Console Steps

In ECS Console, go to Task Definitions → Create new Task Definition.

Select Fargate as the launch type.

Enter a Task Definition Name, e.g., fargate-task.

Under Task Role and Execution Role, choose or create the appropriate IAM roles (the console can auto-create if you allow it).

Configure container details:
Container name: my-fargate-app-container
Image: ********.dkr.ecr.us-east-1.amazonaws.com/my-fargate-app:latest
Port mappings: 80 (TCP)

CPU / Memory: Choose minimal (e.g., 0.5 GB or 1 GB) to stay within free tier.

Click Create.

CLI Steps and Explanation :

aws ecs register-task-definition \

--family fargate-task \

--requires-compatibilities FARGATE \

--network-mode awsvpc \

--cpu "256" \

--memory "512" \

--execution-role-arn <EXECUTION_ROLE_ARN> \

--task-role-arn <TASK_ROLE_ARN> \

--container-definitions '[

{

"name": "my-fargate-app-container",

"image": "********.dkr.ecr.us-east-1.amazonaws.com/my-fargate-app:latest",

"essential": true,

"portMappings": [

{

"containerPort": 80,

"protocol": "tcp"

}

]

}

What it does: Creates a task definition named “fargate-task” specifying:
FARGATE launch type.
CPU/Memory resources.
Network mode: awsvpc (required by Fargate).
Container definition with the ECR image and port mapping on port 80.

(You will need valid ARNs for the executionRole and taskRole. The console can create them automatically, or you can create them in IAM.)

Run the Task (Create a Service)

Console Steps

In the ECS Console, go to your fargate-cluster → Services → Create.

Launch type: Fargate.

Task Definition: fargate-task (the one you just created).

Service name: fargate-service.

Number of tasks: 1 (to stay within free tier usage).

Deployment type: Rolling update (default).

VPC and Subnets: Choose existing default VPC and subnets.
Assign public IP: ENABLED (so we can access the container from the internet).

Click Next and Create Service.

CLI Steps and Explanation:

aws ecs create-service \
--cluster fargate-cluster \
--service-name fargate-service \
--task-definition fargate-task \
--desired-count 1 \
--launch-type FARGATE \
--network-configuration "awsvpcConfiguration={subnets=[<YOUR_SUBNET_ID>],securityGroups=[<YOUR_SECURITY_GROUP_ID>],assignPublicIp=ENABLED}"

What it does: Deploys your task definition as a service named “fargate-service” on the ECS cluster with a single desired task.
assignPublicIp=ENABLED ensures we can reach the container publicly.

(You need to replace <YOUR_SUBNET_ID> and <YOUR_SECURITY_GROUP_ID> with actual IDs. You can find them in the AWS Console under VPC.)

Verifying and Testing the Project

Check ECS Service Status
In the ECS Console, ensure your Service shows a status of RUNNING with a Desired count of 1 and Running count of 1.
Obtain the Public IP
Under ECS → fargate-cluster → Tasks, find the running task and check the Network section for the Public IP address.
Test Your App
Enter http://<PUBLIC_IP> in your browser.
You should see “Hello from Fargate!” or whatever message you put in your index.html.

Common Issues and Troubleshooting

Image Pull Failure:
Make sure you tagged and pushed your Docker image correctly.
Check that the task definition references the correct image URI.

Permissions / IAM Role Errors:
Ensure the Execution Role and Task Role are set properly in the ECS console or in your CLI command.
The AWS console can auto-generate roles if needed.

No Public IP / Not Reachable:
Check that you enabled Auto-assign Public IP in your network configuration.
Verify that your Security Group allows inbound traffic on port 80.

Staying Within Free Tier:
Confirm you selected minimal CPU/Memory configurations.
Stop or delete your service once you have tested to avoid incurring charges if you exceed free tier limits.

AWS CLI Version Mismatch:
If you see errors like “Unknown parameter,” ensure your AWS CLI is up to date.

Conclusion

We have successfully created and deployed a containerized application on AWS ECS Fargate. We built our own Docker image, pushed it to ECR, configured a Fargate task definition, and finally ran the service in a secure, scalable way—all while staying within the free tier. We have learned how to:

Build and store container images in ECR
Configure ECS tasks and services using Fargate
Troubleshoot common deployment and networking issues

By following these steps, we have gained valuable hands-on experience in container orchestration on AWS and are better prepared to deploy more advanced and scalable applications in the future.

Popular Projects

Create a Real-Time Data Stream with Kinesis

Deploy a Containerized App to Azure Kubernetes Service (AKS)

Create and test a Pub/Sub queue with a subscriber

Host a Static Website on Google Cloud Storage

What is Cloud Computing ?

Cloud computing delivers computing resources (servers, storage, databases, networking, and software) over the internet, allowing businesses to scale and pay only for what they use, eliminating the need for physical infrastructure.

AWS: The most popular cloud platform, offering scalable compute, storage, AI/ML, and networking services.
Azure: A strong enterprise cloud with hybrid capabilities and deep Microsoft product integration.
Google Cloud (GCP): Known for data analytics, machine learning, and open-source support.

LINKS