Finally, let’s trigger a deployment of the CDK stack in one of our AWS accounts to see the application in action. We will start by securing a new session for our Cloud9 IDE. Once we are inside the CDK project folder, chapter-7/chapter-7-cdk/, we can trigger an installation of NPM modules, followed by the cdk synth command, which will give us a summary of the rendered CloudFormation template file:

aws-devops-simplified:~/environment/chapter-7/chapter-7-cdk $ npm

install [ ……………..] | fetchMetadata: sill pacote version

manifest for [email protected] fetched in 346ms

… …

Completion of the npm install command will place all the module dependencies in the node_ modules folder. At this point, we are all set to trigger the template synthesization process:

You might notice that the 100-odd lines of code we added to our CDK stack have resulted in about 800 lines of a rendered CloudFormation template. A quick way to check this could be to run cdk synth | wc -l.

Post-deployment, we get an Application Load Balancer URL that can be accessed in the browser to launch our To-Do List Manager application. Once you copy that link over, you will see the application, as shown in Figure 7.4:

Figure 7.4 – The To-Do List Manager application running on ECS

The application gives you a blueprint that can easily be extended, and customized, based on your preferences for and desired functions from any To-Do List Manager application.

Summary

We started this chapter by understanding the relevance that containers have in modern software applications. They not only speed up the development velocity but also adhere to the microservices patterns and twelve-factor design principles, which are an inherent part of your software artifacts. In case you had not been exposed to containers yet, we started with a basic understanding of how they work and then moved on to outlining the constructs of Docker, a container runtime environment.

With the foundations covered, we discussed the need for a container orchestrator system when running production workloads in the cloud. AWS ECS is an opinionated offering from AWS that simplifies operating containers in an enterprise-grade environment. Next, we dived deeper into Amazon ECS and the native constructs used by the service to define logical components in your application stack. Of course, security is paramount when deploying resources in the cloud. So, we discussed some best practices to ensure least privileged access patterns for your container applications, as well as integrations with other AWS services. To give you a practical hands-on experience of everything that was discussed around ECS, we worked on deploying a To-Do List Manager application from scratch. Building on what we had learned in previous chapters, we used CDK to manage the infrastructure components that were needed.

In Chapter 8 , Enabling the Observability of Your Workloads, we will outline the need for software observability and the tools that AWS offers for reactive and proactive alerting. As always, we will go through some hands-on deployment exercises and how AWS integrates with well-known tools from the open source community.

Further reading

To learn more about the topics that were covered in this chapter, take a look at the following resources:

• Running Containerized Microservices on AWS whitepaper: https://docs.aws.amazon.com/whitepapers/latest/running-containerized-microservices/ welcome.html?did=wp_card&trk=wp_card

• Security Overview of AWS Fargate whitepaper:https://d1.awsstatic.com/ whitepapers/AWS_Fargate_Security_Overview_Whitepaper.pdf

• ECS workshop covering blue/green deployments, stateful workloads, and networking: https:// www.ecsworkshop.com/