How Aws ecs fargate availablity zone works?

Question

Main Two Question with terraform code.

1. Alb for Ecs fargate is for routing to another avaliablity zones? or routing to containers
2. If I create a subnet based on the availability zone number (us-east-2a, 2b, 2c, so number is 3 and create 3 subnets) and map it to an ecs cluster with alb, does the availability zone apply?

I'm trying to build infra like under image

resource "aws_vpc" "cluster_vpc" {
  tags = {
    Name = "ecs-vpc"
  }
  cidr_block = "10.30.0.0/16"
}

data "aws_availability_zones" "available" {

}

resource "aws_subnet" "cluster" {
  vpc_id            = aws_vpc.cluster_vpc.id
  count             = length(data.aws_availability_zones.available.names)
  cidr_block        = "10.30.${10 + count.index}.0/24"
  availability_zone = data.aws_availability_zones.available.names[count.index]
  tags = {
    Name = "ecs-subnet"
  }
}


resource "aws_internet_gateway" "cluster_igw" {
  vpc_id = aws_vpc.cluster_vpc.id

  tags = {
    Name = "ecs-igw"
  }
}

resource "aws_route_table" "public_route" {
  vpc_id = aws_vpc.cluster_vpc.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.cluster_igw.id
  }

  tags = {
    Name = "ecs-route-table"
  }
}

resource "aws_route_table_association" "to-public" {
  count          = length(aws_subnet.cluster)
  subnet_id      = aws_subnet.cluster[count.index].id
  route_table_id = aws_route_table.public_route.id
}
resource "aws_ecs_cluster" "staging" {
  name = "service-ecs-cluster"
}

resource "aws_ecs_service" "staging" {
  name            = "staging"
  cluster         = aws_ecs_cluster.staging.id
  task_definition = aws_ecs_task_definition.service.arn
  desired_count   = 1
  launch_type     = "FARGATE"

  network_configuration {
    security_groups  = [aws_security_group.ecs_tasks.id]
    subnets          = aws_subnet.cluster[*].id
    assign_public_ip = true
  }

  load_balancer {
    target_group_arn = aws_lb_target_group.staging.arn
    container_name   = var.app_name
    container_port   = var.container_port
  }

resource "aws_lb" "staging" {
  name               = "alb"
  subnets            = aws_subnet.cluster[*].id
  load_balancer_type = "application"
  security_groups    = [aws_security_group.lb.id]

  access_logs {
    bucket  = aws_s3_bucket.log_storage.id
    prefix  = "frontend-alb"
    enabled = true
  }

  tags = {
    Environment = "staging"
    Application = var.app_name
  }
}

... omit like lb_target, or specific components

Answer 1

Alb for Ecs fargate is for routing to another avaliablity zones? or routing to containers

Not really. It is to provide a single, fixed endpoint (url) to your ECS service. The ALB will automatically distribute incoming connection from the internet across your ECS services. They can be in one or multiple AZs. In your case it is only 1 AZ since you are using desired_count = 1. This means that you will have only 1 ECS service in a single AZ.

If I create a subnet based on the availability zone number (us-east-2a, 2b, 2c, so number is 3 and create 3 subnets) and map it to an ecs cluster with alb, does the availability zone apply?

Yes, because your ALB is enabled for the same subnets as your ECS service through aws_subnet.cluster[*].id. But as explained in the first question, you will have only 1 service in one AZ.

my intent is to build infra which has three availability zone and also deploy aws fargate on three availablity zone.

As explained before, your desired_count = 1 so you will not have ECS services across 3 AZs.

Also you are creating only public subnets, while your schematic diagram shows that ECS services should be in private ones.