Docs How It Works

Deploying a Container App

End-to-end walkthrough of deploying a containerized application with Opsitron.

This guide walks through deploying a containerized application (like a Rails, Node, or Go app) from scratch using Opsitron.

Prerequisites

Before deploying a container app, you need:

  • A SharedServices account with ECR repository provisioned
  • A workload account (e.g., AcmeDev) linked and validated
  • DNS configured for the workload account (service discovery zone + certificate)
  • A GitHub repository for your application code with a Dockerfile

Step 1: Create the Application

In the Opsitron portal, navigate to your client and create a new Application:

  • Name: Your app name (e.g., “web-app”)
  • Deployment Type: Container
  • Tech Stack: Rails, Node, Go, etc.

Step 2: Provision ECR Repository

Click “Provision ECR” on the application page. This creates a request to add your app’s ECR repository to the SharedServices account. The repository is named {namespace}/{app-slug} (e.g., 123456789012-acme/web-app).

Step 3: Scaffold the Application Repository

Link your GitHub repository and click Scaffold. This:

  • Creates a build.yml workflow that builds your Docker image and pushes to ECR
  • Sets GitHub Actions variables (ECR_REPOSITORY_URI, AWS_REGION, etc.)
  • Configures OIDC authentication for AWS access (no stored credentials)

Step 4: Deploy Infrastructure

Create a Module Deploy request targeting your application and dev1 environment. The AI agent will:

  1. Read the ecs-webapp module’s variables and outputs
  2. Generate Terraform files at apps/{app-slug}/dev1/
  3. Run tofu plan to validate
  4. Create a pull request

The infrastructure workflow runs plan, shows cost estimate, and applies after approval. This creates:

  • ECS cluster and Fargate service
  • Application Load Balancer with HTTPS
  • Aurora Serverless database (or standard RDS for dev)
  • Security groups, IAM roles, CloudWatch log groups
  • SSM parameters for deploy workflow discovery
  • DNS record pointing to the ALB

Step 5: Push Code and Deploy

Push to your app’s main branch. The build workflow:

  1. Builds the Docker image
  2. Pushes to ECR with tag sha-{short-sha}
  3. Notifies Opsitron

Opsitron auto-deploys to dev1:

  1. Dispatches the container deploy workflow
  2. Workflow reads ECS config from SSM parameters
  3. Registers a new ECS task definition with the updated image
  4. Updates the ECS service
  5. Waits for stability

Your app is live. Subsequent pushes auto-deploy to dev.

Step 6: Promote to Staging and Production

Create environments for stage1 and prod1 (each in their own AWS account). Submit Module Deploy requests for each. Once infrastructure is provisioned, deployments promote automatically through the pipeline:

Push to main → Build → Auto-deploy to dev1 → Approve → Deploy to stage1 → Client approves → Deploy to prod1

What Gets Created

ResourcePurpose
ECS ClusterContainer orchestration
ECS Service + Task DefinitionYour app running on Fargate
ALB + Target GroupHTTPS load balancing
Aurora Serverless / RDSPostgreSQL database
Security GroupsNetwork access control
IAM RolesECS execution and task roles
CloudWatch Log GroupsApplication and cluster logs
SSM ParametersDeploy workflow configuration
Route53 A RecordDNS pointing to ALB
ACM CertificateHTTPS for your domain
Deploying a Static Site