TL;DR
I use an open-source server application running on Docker Compose. It has a few services, including PostgreSQL DB and Redis.
How can I best deploy this application to AWS in full IaC with Terraform?
Solutions so far
1. AWS ecs-cli
ecs-cli
now supports sending docker compose
configs in Amazon ECS.
However, I do not think it could be integrated with the Terraform workflow (which is maybe not a big fuss). What I know for sure is that ecs-cli
is not supported in CloudFormation, as per this issue, still open at this time. So I assume it cannot easily be added to Terraform either.
2. The hard EKS way
- Take your
docker-compose.yml
file, translate it tokubectl
YAML. - (Prepare to doing so every time the package upgrades).
- Deploy using Terraform's + EKS APIs (minimal example).
But that is not fully IaC yet. And you have to retranslate your config each time the docker-compose changes in the source repository. And it sounds like a lot of work.
3. Using a Helm chart
- Write a Helm chart for the application.
- Run Terraform to start a cluster.
- Still run Terraform with a
helm
provider to install the application with Helm on the cluster.
4. [Not OK] k8s Kompose
I read Kompose can automagically translate a Docker Compose configuration to a k8s configuration, but they don't appear to be ported on AWS, not to talk about Terraform.
5. [Not OK] The dirty AMI solution
- Build a custom EC2 AMI with Packer.
- Using Terraform, set up the DB, Redis and all permissions / network / etc.
- Start an EC2 instance with the custom AMI.
- The AMI contains (customized) application code, especially the
docker-compose.yml
. And the Docker images. - The AMI starts a Docker Compose
systemctl
service.
That would kind of hurt: long builds, difficult monitoring, no scaling.
Side notes
- I mentioned I need full IaC. What I mean by it is:
- The written config (and it only) on
master
tells you what is deployed. - The deploy will complete without my team having to run any other command. It basically works either on CI/CD or on single-push'n'go.
- Monitoring and alerting are easily configured in the IaC.
- The written config (and it only) on
- I wish to replace some services with AWS components (namely, the PostgreSQL service by an RDS, and the Redis service with an ElastiCache).
- The application happens to be Apache Superset. However I am also wondering what is considered the best general approach to this Docker Compose problem.