Deploying Flask app to ECS
In this post, we'll be building an application that runs on two Docker containers, one for the main application, and one for managing APIs (in our case, it's path is /blog). Both are needed for the application to run as designed.
We'll create two services and tasks within our ECS cluster.
We'll create two Dockerfiles for the two Flask apps and upload (push) the images to ECR using AWS cli commands.
We'll also set two targets for the two apps so that the ALB listens on different targets.
Once the apps have been successfully deployed, we'll also see how we can update the apps.
Here are the files we need:
As we can see, our blog container will run a basic flask app which listens on port 8081 and the application will be reached by using "/blog" path:
# blog.py
from flask import Flask
from flask import render_template
app = Flask(__name__)
@app.route('/blog')
def blog():
return "My Blog"
if __name__ == '__main__':
app.run(threaded=True,host='0.0.0.0',port=8081)
We'll use the following Dockerfile and create an image:
FROM centos
MAINTAINER kihyuck.hong@gmail.com
RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
&& yum update -y \
&& yum install -y python-pip \
&& pip install flask
COPY . /src
EXPOSE 8081
CMD cd /src && python blog.py
Also we'll have webpage container (Home/home.py) and another Dockerfile (Home/Dockerfile):
Our home page app:
# home.py
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "Home page"
if __name__ == '__main__':
app.run(threaded=True,host='0.0.0.0',port=5000)
The Dockerfile for home:
FROM centos
MAINTAINER kihyuck.hong@gmail.com
RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
&& yum update -y \
&& yum install -y python-pip \
&& pip install flask
COPY . /src
EXPOSE 5000
CMD cd /src && python home.py
Note that only differences in the two Apps will be the port number (5000, 8001) and the path ("/", "/blog").
Let's build the images in each sub-directory:
$ docker build -t flask-home . $ docker build -t flask-blog .
Check images:
$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE flask-home latest 49c3901e01d3 5 minutes ago 351MB flask-blog latest f4fab3ade8fd 5 minutes ago 351MB
Creating two repositories:
$ aws ecr create-repository --repository-name ecs-flask-home $ aws ecr create-repository --repository-name ecs-flask-blog
Let's push the images. We need to login to ECR. We run an output from the command we retrieve ecr get-login:
$ (aws ecr get-login --no-include-email --region us-east-1) WARNING! Using --password via the CLI is insecure. Use --password-stdin. Login Succeeded
Tag our images using docker tag command:
$ docker tag flask-home 526262051452.dkr.ecr.us-east-1.amazonaws.com/ecs-flask-home $ docker tag flask-blog 526262051452.dkr.ecr.us-east-1.amazonaws.com/ecs-flask-blog
Finally, push the image to AWS ECS Registry:
$ docker push 526262051452.dkr.ecr.us-east-1.amazonaws.com/ecs-flask-home $ docker push 526262051452.dkr.ecr.us-east-1.amazonaws.com/ecs-flask-blog
Let's create an ECS cluster.
Name the cluster and set the type of instance. Leave others untouched:
Click "Create"
Now let's create our tasks. In ECS console, click "Create task definition" and proceed.
"Flask-Home-Task":
Then, click "Add container":
Click "Add", and then click "Create".
Note that we can click the "Add" button multiple times. In other words, we can put multiple containers into a task.
Now, "Flask-Blog-Task":
Then, click "Add container":
Now we've created two tasks:
Before creating our services, we need to create an ALB.
The ALB gets request on port 80, and depending on the path (uri), it will redirect the request to the proper app: "/" to home and "/blog" to our blog app.
Actually, the ALB makes routing decisions at the application layer (HTTP/HTTPS). It does path-based routing, and can route requests to the ports (5000 or 8081) on each container instances in our VPC.
Application Load Balancers offer several features that make them attractive for use with Amazon ECS services:
- Multiple ports routing on same server.
- Path-based routing - URL-based routing policies enable using the same ELB URL to route to different microservices.
- Application Load Balancers allow containers to use dynamic host port mapping (so that multiple tasks from the same service are allowed per container instance).
- Application Load Balancers support path-based routing and priority rules (so that multiple services can use the same listener port on a single Application Load Balancer).
Let's create our ALB.
Choose "Application Load Balancer":
Name it as "Flask-ALB":
Choose available subnets:
After selecting Security Group, let's configure the routings for the ALB. We need to add a new target group.
We use the port number 5000 and the path "/". Our load balancer routes requests to the targets in this target group using the protocol and port that we specify, and performs health checks on the targets using these health check settings. Note that each target group can be associated with only one load balancer.
Since ECS will register targets, we don't need to register instances manually. After that, we can review and finish creating our ALB.
Here is our current target group:
Our next step is creating a new target group for "blog" and adding a rule for it. Here we select 8001 as port number and "/blog" as the path.
Then we select "Flask-ALB" and edit the rules:
We need to add another rule and enter "/blog" as path pattern and "Flask-Blog-TG" as target group name.
Note that we configured the "Flask-Home-TG" as default.
Here are our two target groups:
As previously mentioned, we don't need to register instances manually because ECS will register targets for us.
We can now jump to the ECS console and configure services.
"Flask-Home-Service":
Click "Add Container":
Optionally, we can set Auto Scaling:
Click "Create Service" for our Blog container:
"Flask-Blog-Service":
Click "Add Container":
Optionally, we can set Auto Scaling.
Click "Create Service":
Once the tasks are running, we can check services and tasks from console:
Let's go to our browser using ALB DNS:
If we have updated the Docker image of our application, we can revise the task definition with that image and deploy it to our service. For example, we change the "blog":
# blog.py
from flask import Flask
from flask import render_template
app = Flask(__name__)
@app.route('/blog')
def blog():
return "My Blog version 2"
if __name__ == '__main__':
app.run(threaded=True,host='0.0.0.0',port=8081)
We upload the new image to ECR:
$ docker build -t flask-blog . $ $(aws ecr get-login --no-include-email --region us-east-1) Login Succeeded $ docker tag flask-blog 526262051452.dkr.ecr.us-east-1.amazonaws.com/ecs-flask-blog $ docker push 526262051452.dkr.ecr.us-east-1.amazonaws.com/ecs-flask-blog latest: digest: sha256:2bfc6d144e5615e4e8cebe29a07cac95a3db2623ce5854fc422545b112611248 size: 948
To use the newly uploaded image, we may want to create a new task revision: from the current version, v.1:
Now, let's update the task with the newly pushed the image by adding the new:
Click "Create", then we'll get the following message displayed:
And then, update the service.
From current service that's using Task v.1:
Then, lastly:
Click "Update Service"
Here is the revision of the "/blog" API:
Each of our containers has a single application process which is bound to port 8081 or 5000. Internally, all the containers are exposed to randomly assigned ports on the host. Here are our assigned ports:
ECS instance scaling can be done "Scale ECS Instances":
REF: Cleaning Up your Amazon ECS Resources
Scale Down Services:
aws ecs update-service --cluster default --service service_name --desired-count 0 --region us-east-1 $ aws ecs update-service --cluster Flask-Clustr --service Flask-Home-Service --desired-count 0 --region us-east-1 $ aws ecs update-service --cluster Flask-Clustr --service Flask-Blog-Service --desired-count 0 --region us-east-1
Delete Services:
Before we can delete a cluster, we must delete the services inside that cluster:
aws ecs delete-service --cluster default --service service_name --region us-east-1 $ aws ecs delete-service --cluster Flask-Clustr --service Flask-Home-Service --region us-east-1 $ aws ecs delete-service --cluster Flask-Clustr --service Flask-Blog-Service --region us-east-1
Delete a cluster:
aws ecs delete-cluster --cluster default --region us-east-1 $ aws ecs delete-cluster --cluster Flask-Clustr --region us-east-1
Docker & K8s
- Docker install on Amazon Linux AMI
- Docker install on EC2 Ubuntu 14.04
- Docker container vs Virtual Machine
- Docker install on Ubuntu 14.04
- Docker Hello World Application
- Nginx image - share/copy files, Dockerfile
- Working with Docker images : brief introduction
- Docker image and container via docker commands (search, pull, run, ps, restart, attach, and rm)
- More on docker run command (docker run -it, docker run --rm, etc.)
- Docker Networks - Bridge Driver Network
- Docker Persistent Storage
- File sharing between host and container (docker run -d -p -v)
- Linking containers and volume for datastore
- Dockerfile - Build Docker images automatically I - FROM, MAINTAINER, and build context
- Dockerfile - Build Docker images automatically II - revisiting FROM, MAINTAINER, build context, and caching
- Dockerfile - Build Docker images automatically III - RUN
- Dockerfile - Build Docker images automatically IV - CMD
- Dockerfile - Build Docker images automatically V - WORKDIR, ENV, ADD, and ENTRYPOINT
- Docker - Apache Tomcat
- Docker - NodeJS
- Docker - NodeJS with hostname
- Docker Compose - NodeJS with MongoDB
- Docker - Prometheus and Grafana with Docker-compose
- Docker - StatsD/Graphite/Grafana
- Docker - Deploying a Java EE JBoss/WildFly Application on AWS Elastic Beanstalk Using Docker Containers
- Docker : NodeJS with GCP Kubernetes Engine
- Docker : Jenkins Multibranch Pipeline with Jenkinsfile and Github
- Docker : Jenkins Master and Slave
- Docker - ELK : ElasticSearch, Logstash, and Kibana
- Docker - ELK 7.6 : Elasticsearch on Centos 7
- Docker - ELK 7.6 : Filebeat on Centos 7
- Docker - ELK 7.6 : Logstash on Centos 7
- Docker - ELK 7.6 : Kibana on Centos 7
- Docker - ELK 7.6 : Elastic Stack with Docker Compose
- Docker - Deploy Elastic Cloud on Kubernetes (ECK) via Elasticsearch operator on minikube
- Docker - Deploy Elastic Stack via Helm on minikube
- Docker Compose - A gentle introduction with WordPress
- Docker Compose - MySQL
- MEAN Stack app on Docker containers : micro services
- MEAN Stack app on Docker containers : micro services via docker-compose
- Docker Compose - Hashicorp's Vault and Consul Part A (install vault, unsealing, static secrets, and policies)
- Docker Compose - Hashicorp's Vault and Consul Part B (EaaS, dynamic secrets, leases, and revocation)
- Docker Compose - Hashicorp's Vault and Consul Part C (Consul)
- Docker Compose with two containers - Flask REST API service container and an Apache server container
- Docker compose : Nginx reverse proxy with multiple containers
- Docker & Kubernetes : Envoy - Getting started
- Docker & Kubernetes : Envoy - Front Proxy
- Docker & Kubernetes : Ambassador - Envoy API Gateway on Kubernetes
- Docker Packer
- Docker Cheat Sheet
- Docker Q & A #1
- Kubernetes Q & A - Part I
- Kubernetes Q & A - Part II
- Docker - Run a React app in a docker
- Docker - Run a React app in a docker II (snapshot app with nginx)
- Docker - NodeJS and MySQL app with React in a docker
- Docker - Step by Step NodeJS and MySQL app with React - I
- Installing LAMP via puppet on Docker
- Docker install via Puppet
- Nginx Docker install via Ansible
- Apache Hadoop CDH 5.8 Install with QuickStarts Docker
- Docker - Deploying Flask app to ECS
- Docker Compose - Deploying WordPress to AWS
- Docker - WordPress Deploy to ECS with Docker-Compose (ECS-CLI EC2 type)
- Docker - WordPress Deploy to ECS with Docker-Compose (ECS-CLI Fargate type)
- Docker - ECS Fargate
- Docker - AWS ECS service discovery with Flask and Redis
- Docker & Kubernetes : minikube
- Docker & Kubernetes 2 : minikube Django with Postgres - persistent volume
- Docker & Kubernetes 3 : minikube Django with Redis and Celery
- Docker & Kubernetes 4 : Django with RDS via AWS Kops
- Docker & Kubernetes : Kops on AWS
- Docker & Kubernetes : Ingress controller on AWS with Kops
- Docker & Kubernetes : HashiCorp's Vault and Consul on minikube
- Docker & Kubernetes : HashiCorp's Vault and Consul - Auto-unseal using Transit Secrets Engine
- Docker & Kubernetes : Persistent Volumes & Persistent Volumes Claims - hostPath and annotations
- Docker & Kubernetes : Persistent Volumes - Dynamic volume provisioning
- Docker & Kubernetes : DaemonSet
- Docker & Kubernetes : Secrets
- Docker & Kubernetes : kubectl command
- Docker & Kubernetes : Assign a Kubernetes Pod to a particular node in a Kubernetes cluster
- Docker & Kubernetes : Configure a Pod to Use a ConfigMap
- AWS : EKS (Elastic Container Service for Kubernetes)
- Docker & Kubernetes : Run a React app in a minikube
- Docker & Kubernetes : Minikube install on AWS EC2
- Docker & Kubernetes : Cassandra with a StatefulSet
- Docker & Kubernetes : Terraform and AWS EKS
- Docker & Kubernetes : Pods and Service definitions
- Docker & Kubernetes : Service IP and the Service Type
- Docker & Kubernetes : Kubernetes DNS with Pods and Services
- Docker & Kubernetes : Headless service and discovering pods
- Docker & Kubernetes : Scaling and Updating application
- Docker & Kubernetes : Horizontal pod autoscaler on minikubes
- Docker & Kubernetes : From a monolithic app to micro services on GCP Kubernetes
- Docker & Kubernetes : Rolling updates
- Docker & Kubernetes : Deployments to GKE (Rolling update, Canary and Blue-green deployments)
- Docker & Kubernetes : Slack Chat Bot with NodeJS on GCP Kubernetes
- Docker & Kubernetes : Continuous Delivery with Jenkins Multibranch Pipeline for Dev, Canary, and Production Environments on GCP Kubernetes
- Docker & Kubernetes : NodePort vs LoadBalancer vs Ingress
- Docker & Kubernetes : MongoDB / MongoExpress on Minikube
- Docker & Kubernetes : Load Testing with Locust on GCP Kubernetes
- Docker & Kubernetes : MongoDB with StatefulSets on GCP Kubernetes Engine
- Docker & Kubernetes : Nginx Ingress Controller on Minikube
- Docker & Kubernetes : Setting up Ingress with NGINX Controller on Minikube (Mac)
- Docker & Kubernetes : Nginx Ingress Controller for Dashboard service on Minikube
- Docker & Kubernetes : Nginx Ingress Controller on GCP Kubernetes
- Docker & Kubernetes : Kubernetes Ingress with AWS ALB Ingress Controller in EKS
- Docker & Kubernetes : Setting up a private cluster on GCP Kubernetes
- Docker & Kubernetes : Kubernetes Namespaces (default, kube-public, kube-system) and switching namespaces (kubens)
- Docker & Kubernetes : StatefulSets on minikube
- Docker & Kubernetes : RBAC
- Docker & Kubernetes Service Account, RBAC, and IAM
- Docker & Kubernetes - Kubernetes Service Account, RBAC, IAM with EKS ALB, Part 1
- Docker & Kubernetes : Helm Chart
- Docker & Kubernetes : My first Helm deploy
- Docker & Kubernetes : Readiness and Liveness Probes
- Docker & Kubernetes : Helm chart repository with Github pages
- Docker & Kubernetes : Deploying WordPress and MariaDB with Ingress to Minikube using Helm Chart
- Docker & Kubernetes : Deploying WordPress and MariaDB to AWS using Helm 2 Chart
- Docker & Kubernetes : Deploying WordPress and MariaDB to AWS using Helm 3 Chart
- Docker & Kubernetes : Helm Chart for Node/Express and MySQL with Ingress
- Docker & Kubernetes : Deploy Prometheus and Grafana using Helm and Prometheus Operator - Monitoring Kubernetes node resources out of the box
- Docker & Kubernetes : Deploy Prometheus and Grafana using kube-prometheus-stack Helm Chart
- Docker & Kubernetes : Istio (service mesh) sidecar proxy on GCP Kubernetes
- Docker & Kubernetes : Istio on EKS
- Docker & Kubernetes : Istio on Minikube with AWS EC2 for Bookinfo Application
- Docker & Kubernetes : Deploying .NET Core app to Kubernetes Engine and configuring its traffic managed by Istio (Part I)
- Docker & Kubernetes : Deploying .NET Core app to Kubernetes Engine and configuring its traffic managed by Istio (Part II - Prometheus, Grafana, pin a service, split traffic, and inject faults)
- Docker & Kubernetes : Helm Package Manager with MySQL on GCP Kubernetes Engine
- Docker & Kubernetes : Deploying Memcached on Kubernetes Engine
- Docker & Kubernetes : EKS Control Plane (API server) Metrics with Prometheus
- Docker & Kubernetes : Spinnaker on EKS with Halyard
- Docker & Kubernetes : Continuous Delivery Pipelines with Spinnaker and Kubernetes Engine
- Docker & Kubernetes : Multi-node Local Kubernetes cluster : Kubeadm-dind (docker-in-docker)
- Docker & Kubernetes : Multi-node Local Kubernetes cluster : Kubeadm-kind (k8s-in-docker)
- Docker & Kubernetes : nodeSelector, nodeAffinity, taints/tolerations, pod affinity and anti-affinity - Assigning Pods to Nodes
- Docker & Kubernetes : Jenkins-X on EKS
- Docker & Kubernetes : ArgoCD App of Apps with Heml on Kubernetes
- Docker & Kubernetes : ArgoCD on Kubernetes cluster
- Docker & Kubernetes : GitOps with ArgoCD for Continuous Delivery to Kubernetes clusters (minikube) - guestbook
Ph.D. / Golden Gate Ave, San Francisco / Seoul National Univ / Carnegie Mellon / UC Berkeley / DevOps / Deep Learning / Visualization
My YouTube channel