This article is in continuation to an earlier article where we deployed RESTful microservices as Docker containers in Amazon ECS. There we used path-based routing configured in an internet-facing ALB, to invoke the REST APIs from outside AWS. But since these are just REST APIs, the ideal way to set them up would be using Amazon API Gateway!
API Gateway provides us numerous features which our ALB can’t:
- Authentication & authorization.
- Caching responses.
- API lifecycle management: dev, QA, prod.
- SDK generation.
- API operations monitoring: API calls, latency & error rates.
- CloudWatch alarms for abnormal API behaviors.
- API keys for 3rd-party devs.
Let’s get started. Here’s what we’ll set up:
Follow the steps here to create the ECS task definitions & cluster. Next, create an internal Network Load Balancer (NLB):
We won’t be using the default listener but you’ll have to leave it in there or the wizard won’t let you proceed. Select VPC & one public subnet per AZ & move on to the next step. Create or select security group(s) & target group & finish creating the LB.
Follow the steps here to begin creating the ECS service up to the point of LB selection. There, select NLB instead of ALB & add container to LB as shown here:
Finish creating the ECS service. Next, we create the API Gateway resources. In order to route requests hitting the API Gateway, to our internal NLB, we’ll need to create a VPC link. Follow the steps outlined here to create a VPC link to our NLB & use it as integration type with all API methods. Note that since we’re using NLB, we’ll need a different port listener for each container, such that each API method points to a different port of the same NLB:
Testing the APIs now should get us the expected response:
(Part 6/6 in AWS series)
“Harish KM is a consultant at Systems Plus. The content of this blog is personal & for information purposes only, and is subject to change. Reader discretion is advised”