Review Environment

👉

To facilitate the creation of the Review environment with ECS, the infrastructure and the application are deployed together in the same Terraform configuration file. The creation of the ECS Cluster is relatively fast (about one minute), so it is created during the deployment of the application.

📃 See the Review Environment Terraform Configuration file →

Review Infrastructure

Load Balancer

A Load Balancer is created to give users access to the application by letting them access the application through three key ports: 80 (HTTP), 443 (HTTPS) and 5000 (API).

The Load Balancer has three Target Groups:

A Target Group that points to port 80;
A Target Group that points to port 443;
A Target Group that points to port 5000.

The Target Groups monitor the health of the application, and ensure that it remains reachable through Healthcheck. If the application returns a bad health status, it is destroyed and recreated.

The Load Balancer has one last feature: it provides an SSL connection to users accessing the website by retrieving an SSL certificate that was generated with ACM after the domain name was created.

👉

The Load Balancer could have been used to redirect the HTTP port to HTTPS, but this redirection is already configured on the Nginx server: the Load Balancer simply lets user traffic reach the application.

ECS Cluster

The ECS Cluster generates and handles containers, each container or batch of containers is called an ECS Task. ECS Tasks use Fargate Spot as their capacity provider.

Security Groups

Two Security Groups are created, one for the Load Balancer and one for the ECS Cluster:

The Load Balancer Security Group allows access to ports 80, 443 and 5000 only Dev and Ops teams by allowing only the public address of their company;
The ECS Cluster Security Group authorizes access only to the Load Balancer Security Group; in other words, to access the application contained in the ECS Cluster, it is required to go through the Load Balancer.

Deploy to Review

Task Definition

A Task Definition describes the container definitions of an ECS Task; we fill in the three containers of the application (Client, API and Postgres) specifying the images and the compute resource each container uses, but also other key information such as the environment variables for example.

ECS Service

The ECS Service uses the Task Definition to create the application containers and inserts them into an ECS Task, then links the Load Balancer Target Groups to the containers.

Route 53 Record

Once the application is deployed on the Review environment, a Route 53 Record is created to allow access to the application via a URL by pointing the URL to the Load Balancer hostname.

👉

The link to access the application in the review environment is 'review.devops-product-hunting.com' ; however, the link is only accessible to authorized users, in this case Dev and Ops teams.

Destroy Review

Once the Review Environment is no longer in use, especially after the application is pushed to production, it is a great initiative to destroy it to reduce cloud infrastructure expenses.

With Terraform, all you have to do is run terraform destroy, and the tool takes care of destroying everything correctly. This functionality is added to the pipeline via a job, where all it takes is to press a button.

Review Environment

Review Infrastructure #

Load Balancer #

ECS Cluster #

Security Groups #

Deploy to Review #

Task Definition #

ECS Service #

Route 53 Record #

Destroy Review #