Example: ECS Fargate/EC2 Deployment

Here is one example of what a Mirth® Connect network might look like:

• VPC with CIDR 10.0.0.0/16 (65,536 IPs)
• Internet Gateway attached to the VPC
• Public Subnets
  • Load Balancer Subnet 1
    • Availability zone: A
    • CIDR block: 10.0.2.0/25 (123 IPs)
    • Route table routes:
      • 10.0.0.0/16 - local
      • 0.0.0.0/0 - Internet gateway
  • Load Balancer Subnet 2
    • Availability Zone - B
    • CIDR block: 10.0.2.128/25 (123 IPs)
    • Route table routes:
      • 10.0.0.0/16 - local
      • 0.0.0.0/0 - Internet gateway
  • NAT Gateway Subnet
    • CIDR block: 10.0.3.0/25 (123 IPs)
    • Route table routes:
      • 10.0.0.0/16 - local
      • 0.0.0.0/0 - Internet gateway
• NAT Gateway
  • Subnet: Nat Gateway Subnet
  • Connectivity Type: Public
  • Ip: Allocated Elastic IP
• Route Tables
  • Public Route Table
    • Route: 0.0.0.0/0 to internet gateway
  • Nat Gateway Route Table
    • Route: 0.0.0.0/0 to NAT gateway
• Private Subnets
  • Connect Subnet 1
    • Availability zone: A
    • CIDR block: 10.0.0.0/25 (123 IPs)
    • Route table routes:
      • 10.0.0.0/16 - local
      • 0.0.0.0/0 - NAT gateway
  • Connect Subnet 2
    • Availability zone: B
    • CIDR block: 10.0.0.128/25 (123 IPs)
    • Route table routes:
      • 10.0.0.0/16 - local
      • 0.0.0.0/0 - NAT gateway
  • RDS Subnet 1
    • Availability zone: A
    • CIDR block: 10.0.1.0/25 (123 IPs)
    • Route table routes:
      • 10.0.0.0/16 - local
  • RDS Subnet 2
    • Availability zone: B
    • CIDR block: 10.0.1.128/25 (123 IPs)
    • Route table routes:
      • 10.0.0.0/16 - local
• RDS Database
  • Database subnet group
    • RDS Subnet 1
    • RDS Subnet 2
  • Public access: No
  • Security group
    • Inbound rule allowing traffic originating from Connect cluster subnets (CIDR 10.0.0.0/24) on port 5432
    • Outbound rule allowing all traffic out
• Deploy Connect - Option 1 - ECS
  • Create Cluster
  • Create Task Definition - Be sure to set the port mappings (8080, 8443, 9000)
  • Create Cluster Service
    • Number of tasks: 1 (for a single Connect instance) or 2+ (if using the Advanced Clustering plugin)
    • Select VPC
    • Select Private Connect subnets
    • Select/create Connect security group
      • Inbound rule allowing traffic originating from load balancer subnets (CIDR 10.0.2.0/24) on port 8080, 8443, 9000, etc.
      • Outbound rule allowing all traffic out
    • Auto-assign public IP: Disabled
    • Load Balancer: None. Currently the AWS services have a 5 target group limitation which is too small for most Mirth® Connect servers so you'll have to create and manage your own load balancer, listeners, and target groups.
• Deploy Connect - Option 2 - EC2
  • Create your EC2 servers in private Mirth® Connect subnets
  • Select/Create a Mirth® Connect security group.
    • Inbound rule allowing traffic originating from load balancer subnets (CIDR 10.0.2.0/24) on port 8080, 8443, 9000, etc.
    • Outbound rule allowing all traffic out
• Load Balancer
  • Target Groups
    • Target Group 8080
      • Protocol: TCP
      • Port: 8080
      • IP: ECS Cluster Task ENI IP or EC2 instance
    • Target Group 8443
      • Protocol: TCP
      • Port: 8443
      • IP: ECS Cluster Task ENI IP or EC2 instance
    • Target Group 9000
      • Protocol: TCP
      • Port 9000
      • IP: ECS Cluster Task ENI IP or EC2 instance
  • Network Load Balancer
    • Internet facing
    • IPv4
    • Subnets
      • Load balancer subnet 1
      • Load balancer subnet 2
    • Listeners
      • Listener 8080 routed to Target Group 8080
      • Listener 8443 routed to Target Group 8443
      • Listener 9000 routed to Target Group 9000