Navigate to the nodejs service repo.
cd ~/environment/ecsdemo-nodejs
In the previous section, we deployed our application, test environment, and the frontend service.
To start, we need to create our nodejs service in the ecsworkshop application.
The following command will open a prompt for us to add our service to the application.
copilot init
We will be prompted with a series of questions related to the application, environment, and the service we want to deploy. Answer the questions as follows:
After you answer the questions, it will begin the process of creating some baseline resources for your service. This also includes the manifest file which defines the desired state of this service. For more information on the manifest file, see the copilot-cli documentation.
Next, you will be prompted to deploy a test environment. An environment encompasses all of the resources that are required to support running your containers in ECS. This includes the networking stack (VPC, Subnets, Security Groups, etc), the ECS Cluster, Load Balancers (if required), and more.
Type “y”, and hit enter. Given that a test environment already exists, copilot will continue on and build the docker image, push it to ECR, and deploy the backend service.
Below is an example of what the cli interaction will look like:
The nodejs service is now deployed! Navigate back to the frontend load balancer url, and you should now see the nodejs service. You may notice that it is not working as we fully expect with the diagram. This is because the service needs an environment variable as well as an IAM role addon to fully function as expected. Run the commands below to add an environment variable, and create the IAM role in the addons path.
mkdir -p copilot/ecsdemo-nodejs/addons
cat << EOF > copilot/ecsdemo-nodejs/addons/task-role.yaml
# You can use any of these parameters to create conditions or mappings in your template.
Parameters:
App:
Type: String
Description: Your application's name.
Env:
Type: String
Description: The environment name your service, job, or workflow is being deployed to.
Name:
Type: String
Description: The name of the service, job, or workflow being deployed.
Resources:
SubnetsAccessPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
PolicyDocument:
Version: 2012-10-17
Statement:
- Sid: EC2Actions
Effect: Allow
Action:
- ec2:DescribeSubnets
Resource: "*"
Outputs:
# You also need to output the IAM ManagedPolicy so that Copilot can inject it to your ECS task role.
SubnetsAccessPolicyArn:
Description: "The ARN of the Policy to attach to the task role."
Value: !Ref SubnetsAccessPolicy
EOF
cat << EOF >> copilot/ecsdemo-nodejs/manifest.yml
variables:
AWS_DEFAULT_REGION: $(echo $AWS_REGION)
EOF
git rev-parse --short=7 HEAD > code_hash.txt
Now, let’s redeploy the service:
copilot svc deploy
Let’s check out the ecsworkshop application details.
copilot app show ecsworkshop
The result should look like this:
We can see that our recently deployed Nodejs service is shown as a Backend Service in the ecsworkshop application.
Given that we deployed the test environment when creating our nodejs service, let’s show the details of the test environment:
copilot env show -n test
We now can see our newly deployed service in the test environment!
Let’s now check the status of the nodejs service.
Run:
copilot svc status -n ecsdemo-nodejs
We can see that we have one active running task, along with some additional details.
Let’s scale our task count up! To do this, we are going to update the manifest file that was created when we initialized our service earlier. Open the manifest file (./copilot/ecsdemo-nodejs/manifest.yml), and replace the value of the count key from 1 to 3. This is declaring our state of the service to change from 1 task, to 3. Feel free to explore the manifest file to familiarize yourself.
# Number of tasks that should be running in your service.
count: 3
Once you are done and save the changes, run the following:
copilot svc deploy
Copilot does the following with this command:
To confirm the deploy, let’s first check our service details via the copilot-cli:
copilot svc status -n ecsdemo-nodejs
You should now see three tasks running!
Now go back to the load balancer url, and you should see the diagram alternate between the three nodejs tasks.
The services we deploy via copilot are automatically shipping logs to Cloudwatch logs by default. Rather than navigate and review logs via the console, we can use the copilot cli to see those logs locally. Let’s tail the logs for the nodejs service.
copilot svc logs -a ecsworkshop -n ecsdemo-nodejs --follow
Note that if you are in the same directory of the service you want to review logs for, simply type the below command. Of course, if yuo wanted to review logs for a service in a particular environment, you would pass the -e flag with the environment name.
copilot svc logs
Last thing to bring up is that you aren’t limited to live tailing logs, type copilot svc logs --help
to see the different ways to review logs from the command line.
We have officially completed deploying our nodejs backend service. In the next section, we will extend our application by adding the crystal backend service.
cd ~/environment/ecsdemo-nodejs/cdk
cdk synth
cdk diff
cdk deploy --require-approval never
As we mentioned in the platform build, we are defining our deployment configuration via code. Let’s look through the code to better understand how cdk is deploying.
Because we built the platform in its own stack, there are certain environmental values that we will need to reuse amongst all services being deployed. In this custom construct, we are importing the VPC, ECS Cluster, and Cloud Map namespace from the base platform stack. By wrapping these into a custom construct, we are isolating the platform imports from our service deployment logic.
class BasePlatform(core.Construct):
def __init__(self, scope: core.Construct, id: str, **kwargs):
super().__init__(scope, id, **kwargs)
# The base platform stack is where the VPC was created, so all we need is the name to do a lookup and import it into this stack for use
self.vpc = aws_ec2.Vpc.from_lookup(
self, "ECSWorkshopVPC",
vpc_name='ecsworkshop-base/BaseVPC'
)
# Importing the service discovery namespace from the base platform stack
self.sd_namespace = aws_servicediscovery.PrivateDnsNamespace.from_private_dns_namespace_attributes(
self, "SDNamespace",
namespace_name=core.Fn.import_value('NSNAME'),
namespace_arn=core.Fn.import_value('NSARN'),
namespace_id=core.Fn.import_value('NSID')
)
# Importing the ECS cluster from the base platform stack
self.ecs_cluster = aws_ecs.Cluster.from_cluster_attributes(
self, "ECSCluster",
cluster_name=core.Fn.import_value('ECSClusterName'),
security_groups=[],
vpc=self.vpc,
default_cloud_map_namespace=self.sd_namespace
)
# Importing the security group that allows frontend to communicate with backend services
self.services_sec_grp = aws_ec2.SecurityGroup.from_security_group_id(
self, "ServicesSecGrp",
security_group_id=core.Fn.import_value('ServicesSecGrp')
)
For the backend service, we simply want to run a container from a docker image, but still need to figure out how to deploy it and get it behind a scheduler. To do this on our own, we would need to build a task definition, ECS service, and figure out how to get it behind CloudMap for service discovery. To build these components on our own would equate to hundreds of lines of CloudFormation, whereas with the higher level constructs that the cdk provides, we are able to build everything with 30 lines of code.
class NodejsService(core.Stack):
def __init__(self, scope: core.Stack, id: str, **kwargs):
super().__init__(scope, id, **kwargs)
# Importing our shared values from the base stack construct
self.base_platform = BasePlatform(self, self.stack_name)
# The task definition is where we store details about the task that will be scheduled by the service
self.fargate_task_def = aws_ecs.TaskDefinition(
self, "TaskDef",
compatibility=aws_ecs.Compatibility.EC2_AND_FARGATE,
cpu='256',
memory_mib='512',
)
# The container definition defines the container(s) to be run when the task is instantiated
self.container = self.fargate_task_def.add_container(
"NodeServiceContainerDef",
image=aws_ecs.ContainerImage.from_registry("brentley/ecsdemo-nodejs"),
memory_reservation_mib=512,
logging=aws_ecs.LogDriver.aws_logs(
stream_prefix='ecsworkshop-nodejs'
)
)
# Serve this container on port 3000
self.container.add_port_mappings(
aws_ecs.PortMapping(
container_port=3000
)
)
# Build the service definition to schedule the container in the shared cluster
self.fargate_service = aws_ecs.FargateService(
self, "NodejsFargateService",
task_definition=self.fargate_task_def,
cluster=self.base_platform.ecs_cluster,
security_group=self.base_platform.services_sec_grp,
desired_count=1,
cloud_map_options=aws_ecs.CloudMapOptions(
cloud_map_namespace=self.base_platform.sd_namespace,
name='ecsdemo-nodejs'
)
)
Let’s bring up the NodeJS Backend API!
cd ~/environment/ecsdemo-nodejs
envsubst < ecs-params.yml.template >ecs-params.yml
ecs-cli compose --project-name ecsdemo-nodejs service up \
--create-log-groups \
--private-dns-namespace service \
--enable-service-discovery \
--cluster-config container-demo \
--vpc $vpc
Here, we change directories into our nodejs application code directory.
The envsubst
command templates our ecs-params.yml
file with our current values.
We then launch our nodejs service on our ECS cluster (with a default launchtype
of Fargate)
Note: ecs-cli will take care of building our private dns namespace for service discovery, and log group in cloudwatch logs.
ecs-cli compose --project-name ecsdemo-nodejs service ps \
--cluster-config container-demo
task_id=$(ecs-cli compose --project-name ecsdemo-nodejs service ps --cluster-config container-demo | awk -F \/ 'FNR == 2 {print $2}')
We should have one task registered.
alb_url=$(aws cloudformation describe-stacks --stack-name container-demo-alb --query 'Stacks[0].Outputs[?OutputKey==`ExternalUrl`].OutputValue' --output text)
echo "Open $alb_url in your browser"
This command looks up the URL for our ingress ALB, and outputs it. You should be able to click to open, or copy-paste into your browser.
# Referencing task id from above ps command
ecs-cli logs --task-id $task_id \
--follow --cluster-config container-demo
To view logs, find the task id from the earlier ps
command, and use it in this
command. You can follow a task’s logs also.
ecs-cli compose --project-name ecsdemo-nodejs service scale 3 \
--cluster-config container-demo
ecs-cli compose --project-name ecsdemo-nodejs service ps \
--cluster-config container-demo
We can see that our containers have now been evenly distributed across all 3 of our availability zones.