Sean Hull offers a great tutorial regarding Terraform and Amazon’s Elastic Container Service

(written by lawrence krubner, however indented passages are often quotes). You can contact lawrence at: lawrence@krubner.com

This is very much worth reading if you are using or considering Terraform:

It takes a bit of getting used to, but This terraform how to, should get you moving. You need an EC2 host to run your containers on, you need a task that defines your container image & resources, and lastly a service which tells ECS which cluster to run on and registers with ALB if you have one.

If you don’t know, the ALB is the Application Load Balancer. It is a lot like the old Elastic Load Balancer, but ELB balanced between servers, whereas ALB balances between instances of your app running on your server. So if you have 100 instances of your app running on an instance, the ALB will distribute the work load to those 100 different instances. This might seem like an odd thing to do if we were talking about a Java app, but ALB is for Docker containers. AWS puts a software agent on their machines that enable the ALB. I believe you have to use the default Amazon Linux, which has these special tools installed.

For each of these sections, create files: roles.tf, instance.tf, task.tf, service.tf, alb.tf. What I would recommend is create the first file roles.tf, then do:

$ terraform init
$ terraform plan
$ terraform apply

Then move on to instance.tf and do the terraform apply. One by one, next task, then service then finally alb. This way if you encounter errors, you can troubleshoot minimally, rather than digging through five files for the culprit.

It is a cool idea that you can build a whole system of servers and firewalls and whitelists and load balancers and run it in development, and then the day you are ready to go public you just run one command and suddenly you have your production system set up.

Shippable also has a great blog post about Terraform and ECS:

First you need to create a VPC. To create a VPC, add the following code to your vpc.tf file:

# Define a vpc
resource "aws_vpc" "demoVPC" {
  cidr_block = "200.0.0.0/16"
  tags {
    Name = "ecsDemoVPC"
  }
}

You’ll see this same format throughout Terraform. You specify the resource you’d like to provision, provide a name for the resource, provide any settings relevant for the resource, and lastly, add any optional tags (useful for filtering your views within AWS).

This is again from Sean Hull:

Setup your service definition

The fourth thing you need to do is setup a service. The task above is a manifest, describing your containers needs. It is now registered, but nothing is running.

When you apply the service your container will startup. What I like to do is, ssh into the ecs host box. Get comfortable. Then issue $ watch “docker ps”. This will repeatedly run “docker ps” every two seconds. Once you have that running, do your terraform apply for this service piece.

As you watch, you’ll see ECS start your container, and it will suddenly appear in your watch terminal. It will first show “starting”. Once it is started, it should say “healthy”.

Source