Architecture of swarm

This is not a direct problem, more a question of how to best organize a swarm and I’m curious how others have solved it. I’m about to setup some web sites, simple in the sense that all files are static, using ReactJS or AngularJS to work against some REST API:s.

  1. Are you running test, staging and production environment as different services within the same cloud formation? And do you label/tag nodes so that the different services go to specific nodes only?

  2. When having multiple services that are to be exposed publicly with separate domains, are you putting the containers within each service to listen to separate ports and use ELB to direct to each service or do you use a specific service to route between services?

  3. Are you, and if so how, using cloud front to serve images/css/js along with services?

  4. The services are only to be used over a secure http connection - how do you redirect users who enter a site using unencrypted http? Can this be achieved in ELB or do one need to use a rewrite at server level (checking x-forwarded-proto header for example)?