Deploy an EKS cluster using CloudFormation.If you want to have configuration files changed as you go over environment and prefer not to use environment variables (with in Fargate is simply impossible for anyone to grab but your container) then I would advice a small side-car configuration service that fetches / renders all you need into a file and mount it into a shared volumes between your containers.Amazon EKS Starter: Docker on AWS EKS with Kubernetes Downloadĭeploy Docker Containers on Kubernetes on AWS EKS & Fargate: Kubernetes Stateful & Stateless apps using ELB, EBS & EFS Amazon EKS Starter Docker on AWS EKS with Kubernetes What you’ll learn
The most important thing IMHO with publishing apps, going through CICD, is make sure you maintain the same artifact from dev to prod, without altering it. I have not blogged about how we do it publicly, but this could be a good start for you especially if you intend a multi-account setup to separate your prod from the rest. The way we have set CICD up is via AWS once again, using Codepipeline / Codebuild. That is an involved question, but so long as you stick to least privileges for your application to get access to any of the secrets, you should be good to go. Otherwise, you have to define for yourself the DB and its credentials, whether you want to setup additional users with more restrictive access etc. If you are familiar with docker-compose but not so much with K8s / Helm and AWS, then take a look at / try ECS Compose-X which will parse your existing definition(s), allow you to define your AWS settings and resources (RDS, Load balancer, DNS hosts etc.) all together, and all you have then to do is deploy.Ĭredentials -> for DBs via RDS, it is all done for you if you create the RDS DB via compose-x for example (uses AWS ECS Secrets constructs). K8s) as AWS ECS is a fully managed thing. We run many production systems that way on AWS and it costs us "pennies" (compared to more involved, complex setups, with no real advantages) with setting the provider configuration nicely, and most importantly, we never spend anytime fixing anything to do with the orchestrator (ie.
With ECS, you can easily define a policy to alternate between resource providers: Fargate, Fargate Spot, and EC2 via a managed Autoscaling group (this lets ECS take full control over your ASG). With ECS and ALB integration, you can easily scale your tasks based on the number of clients per target (per container).