NextGen Knowledge Center

Example: ECS Fargate/EC2 Deployment

Here is one example of what a Mirth® Connect network might look like:

  • VPC with CIDR 10.0.0.0/16 (65,536 IPs)
  • Internet Gateway attached to the VPC
  • Public Subnets
    • Load Balancer Subnet 1
      • Availability zone: A
      • CIDR block: 10.0.2.0/25 (123 IPs)
      • Route table routes:
        • 10.0.0.0/16 - local
        • 0.0.0.0/0 - Internet gateway
    • Load Balancer Subnet 2
      • Availability Zone - B
      • CIDR block: 10.0.2.128/25 (123 IPs)
      • Route table routes:
        • 10.0.0.0/16 - local
        • 0.0.0.0/0 - Internet gateway
    • NAT Gateway Subnet
      • CIDR block: 10.0.3.0/25 (123 IPs)
      • Route table routes:
        • 10.0.0.0/16 - local
        • 0.0.0.0/0 - Internet gateway
  • NAT Gateway
    • Subnet: Nat Gateway Subnet
    • Connectivity Type: Public
    • Ip: Allocated Elastic IP
  • Route Tables
    • Public Route Table
      • Route: 0.0.0.0/0 to internet gateway
    • Nat Gateway Route Table
      • Route: 0.0.0.0/0 to NAT gateway
  • Private Subnets
    • Connect Subnet 1
      • Availability zone: A
      • CIDR block: 10.0.0.0/25 (123 IPs)
      • Route table routes:
        • 10.0.0.0/16 - local
        • 0.0.0.0/0 - NAT gateway
    • Connect Subnet 2
      • Availability zone: B
      • CIDR block: 10.0.0.128/25 (123 IPs)
      • Route table routes:
        • 10.0.0.0/16 - local
        • 0.0.0.0/0 - NAT gateway
    • RDS Subnet 1
      • Availability zone: A
      • CIDR block: 10.0.1.0/25 (123 IPs)
      • Route table routes:
        • 10.0.0.0/16 - local
    • RDS Subnet 2
      • Availability zone: B
      • CIDR block: 10.0.1.128/25 (123 IPs)
      • Route table routes:
        • 10.0.0.0/16 - local
  • RDS Database
    • Database subnet group
      • RDS Subnet 1
      • RDS Subnet 2
    • Public access: No
    • Security group
      • Inbound rule allowing traffic originating from Connect cluster subnets (CIDR 10.0.0.0/24) on port 5432
      • Outbound rule allowing all traffic out
  • Deploy Connect - Option 1 - ECS
    • Create Cluster
    • Create Task Definition - Be sure to set the port mappings (8080, 8443, 9000)
    • Create Cluster Service
      • Number of tasks: 1 (for a single Connect instance) or 2+ (if using the Advanced Clustering plugin)
      • Select VPC
      • Select Private Connect subnets
      • Select/create Connect security group
        • Inbound rule allowing traffic originating from load balancer subnets (CIDR 10.0.2.0/24) on port 8080, 8443, 9000, etc.
        • Outbound rule allowing all traffic out
      • Auto-assign public IP: Disabled
      • Load Balancer: None. Currently the AWS services have a 5 target group limitation which is too small for most Mirth® Connect servers so you'll have to create and manage your own load balancer, listeners, and target groups.
  • Deploy Connect - Option 2 - EC2
    • Create your EC2 servers in private Mirth® Connect subnets
    • Select/Create a Mirth® Connect security group.
      • Inbound rule allowing traffic originating from load balancer subnets (CIDR 10.0.2.0/24) on port 8080, 8443, 9000, etc.
      • Outbound rule allowing all traffic out
  • Load Balancer
    • Target Groups
      • Target Group 8080
        • Protocol: TCP
        • Port: 8080
        • IP: ECS Cluster Task ENI IP or EC2 instance
      • Target Group 8443
        • Protocol: TCP
        • Port: 8443
        • IP: ECS Cluster Task ENI IP or EC2 instance
      • Target Group 9000
        • Protocol: TCP
        • Port 9000
        • IP: ECS Cluster Task ENI IP or EC2 instance
    • Network Load Balancer
      • Internet facing
      • IPv4
      • Subnets
        • Load balancer subnet 1
        • Load balancer subnet 2
      • Listeners
        • Listener 8080 routed to Target Group 8080
        • Listener 8443 routed to Target Group 8443
        • Listener 9000 routed to Target Group 9000