Introduction
This tutorial explains how to deploy Grafana to an AWS ECS Fargate cluster with Terraform.
Skill level:
- Beginner
Prerequisites:
- An AWS account
- Credentials configured in ~/.aws/ or environment variables
Overview
We're going to focus on a simple playground environment to get Grafana up and running quickly.
All of our resources will be created with basic Terraform code. No modules or third-party dependencies. Just sweet plain HCL.
What's that you say? You don't have an easy way to collaborate and apply Terraform changes? Oh, the humanity!
Shameless plug: Terrateam Sign Up
Moving on...
Grafana + ECS (Like Lamb and Tuna Fish)
Terrateam engineering (all two of us!) are proud Grafana and ECS users. We love Grafana for its flexibility and native support for all of the data sources we use.
We also prefer ECS over Kubernetes! :shrug:
But that's another post for another day. And yes, it's going to be controversial.
Setup
We started using Grafana way back in the day when the only data source available was Graphite. We're showing our age. Oh, those were the days...
Anyway, ever since we started using Grafana, we were hooked. Of course, anything was a step up from the old Graphite UI.
Nostalgia screenshot because why not:
Okay, okay. Back to the thing.
Official Docker Image
The fine folks over at Grafana have created an official public docker image.
Also, you can configure Grafana via environment variables.
Phew. This makes life soooo much easier. Thank you Grafana.
Terraform Configuration
1) AWS Provider
1provider "aws" {
2 region = "eu-north-1" # Terrateam likes eu-north-1. You do you boo.
3}
4
2) VPC Configuration
1module "vpc" {
2 source = "terraform-aws-modules/vpc/aws"
3
4 name = "dev"
5 cidr = "10.0.0.0/16"
6
7 azs = ["eu-north-1a", "eu-north-1b", "eu-north-1c"]
8 public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
9
10 tags = {
11 Terraform = "true"
12 Environment = "dev"
13 }
14}
15
3) ECS Cluster
1resource "aws_ecs_cluster" "grafana" { 2 name = "grafana" 3} 4
4) Security Group
The security group below opens up the Grafana endpoint to the world. You should restrict access as you see fit.
1resource "aws_security_group" "grafana" {
2 name = "grafana"
3 description = "Grafana"
4 vpc_id = module.vpc.vpc_id
5
6 ingress {
7 description = "Grafana"
8 from_port = 3000
9 to_port = 3000
10 protocol = "tcp"
11 cidr_blocks = ["0.0.0.0/0"] # you should change this. really.
12 }
13
14 egress {
15 from_port = 0
16 to_port = 0
17 protocol = "-1"
18 cidr_blocks = ["0.0.0.0/0"]
19 ipv6_cidr_blocks = ["::/0"]
20 }
21
22 tags = {
23 Name = "grafana"
24 }
25}
26
5) ECS Task Definition
1resource "aws_ecs_task_definition" "grafana" {
2 family = "grafana"
3 requires_compatibilities = ["FARGATE"]
4 network_mode = "awsvpc"
5 cpu = "256"
6 memory = "512"
7
8 container_definitions = <<DEFINITION
9[
10 {
11 "name": "grafana",
12 "image": "grafana/grafana:latest",
13 "essential": true,
14 "portMappings": [
15 {
16 "containerPort": 3000,
17 "hostPort": 3000
18 }
19 ]
20 }
21]
22DEFINITION
23}
24
6) ECS Service
1resource "aws_ecs_service" "grafana" {
2 name = "grafana"
3 cluster = aws_ecs_cluster.grafana.id
4 task_definition = aws_ecs_task_definition.grafana.arn
5 desired_count = 1
6 network_configuration {
7 subnets = module.vpc.public_subnets
8 security_groups = [aws_security_group.grafana.id]
9 assign_public_ip = true
10 }
11 launch_type = "FARGATE"
12}
13
Plan & Apply
1$ terraform plan 2$ terraform apply 3
Grafana Public Endpoint
You can easily grab your new Grafana endpoint navigating to the AWS ECS console.
Navigate to the Tasks tab to see the Grafana task. Drill into the task to see the public IP.
Now you can open up your browser and navigate to the public IP on port 3000.
In the screenshot above, AWS assigned me the public IP of 13.53.131.211.
This means, I can use the following URL: http://13.53.131.211:3000
The link above won't work for you because I restricted the security group like you were supposed to. Sorry (not sorry).
The default Grafana login and password is admin/admin. Please change this immediately upon login!
Closing
There you have it. A fast and easy way to get Grafana up and running on AWS ECS Fargate.
Remember, this is not a productionalized setup. What we've just set up is mainly for a development or sandbox environment to get more familiar with Grafana.
I'd recommend checking out the official Grafana getting started guide.
Thanks for getting this far and I hope you learned something!