After AWS Lambda, AWS Fargate is currently our recommend deployment environment for development, staging, and production purposes. This is due to better pricing than Kubernetes if we’re using AWS Fargate Spot, and also eliminates the need to manage and allocate node pools. If using AWS Fargate is not possible, then we can use Kubernetes.
AWS Systems Manager – Parameter Store
When passing credentials in environment variables, it is mandatory to use AWS Systems Manager – Parameter Store, and to create parameter with SecureString type.
In order for the Task/Service to access the parameter store, you need to use an ECS Task Execution Role and attach a policy with appropriate access of GetParameters to the parameters.
Service: Auto Assign Public IP & Security Groups
- Auto-assign public IP: It must be enabled in order to fetch the image from Docker Hub
- Security Groups: For web servers, make sure to have at least default so that the Application Load Balancer can access it
Service: Health Check Grace Period
When setting up your Service, you must pay attention to Health Check Command and Health Check Grace Period, otherwise Fargate will drain your service repeatedly. Hendy’s recommendation is 2 × Typical start time.
About Health Check Command, most containers do not include curl. So please check Service’s Task’s health status first. If it’s always UNHEALTHY, you can remove the container health check, and only rely on ALB Target Group health check instead.