Amazon ECS Deployment with CloudFormation: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 72: Line 72:
     Properties:
     Properties:
       [[Amazon_ECS_Concepts#Service_Name|ServiceName]]: !Ref ProjectID
       [[Amazon_ECS_Concepts#Service_Name|ServiceName]]: !Ref ProjectID
       LaunchType: FARGATE
       [[Amazon_ECS_Concepts#Launch_Type_2|LaunchType]]: FARGATE
       Cluster: 'some-cluster'
       Cluster: 'some-cluster'
       TaskDefinition: !Ref TaskDefinition
       TaskDefinition: !Ref TaskDefinition

Revision as of 01:23, 31 March 2019

External

Internal

Procedure

Declare a set of configuration parameters that abstract out operational details, such as project name, etc. Then declare the task definition:

Prerequisites

Parameters:
  ProjectID:
    Type: String
    Default: themyscira
    Description: |
     The key that uniquely identifies a resource consumer (service, tool that requires AWS resources, etc.).
     The project ID is used as root when assembling the names of associated resources.
  Image:
    Type: String
  Tag:
    Type: String

AWS::ECS::TaskDefinition

Resources:
  ...
  TaskDefinition:
    Type: AWS::ECS::TaskDefinition
    Properties:
      Family: !Ref ProjectID
      RequiresCompatibilities: ['FARGATE']
      TaskRoleArn: !GetAtt TaskRole.Arn
      ExecutionRoleArn: !GetAtt TaskExecutionRole.Arn
      NetworkMode: 'awsvpc'
      Memory: '4096'
      Cpu: '2048'
      ContainerDefinitions:
      - Name: !Sub '${ProjectID}-container'
        Image: !Sub ${Image}:${Tag}
        Essential: 'true'
        Memory: '4096'
        Cpu: '2048'
        PortMappings:
        - HostPort: 10002
          ContainerPort: 10002
        Environment:
        - Name: SPRING_PROFILES_ACTIVE
          Value: 'something'
        LogConfiguration:
          LogDriver: "awslogs"
          Options:
            awslogs-group: !Ref ServiceLogGroup
            awslogs-region: !Sub ${AWS::Region}
            awslogs-stream-prefix: 'task'

TaskRole and TaskExecutionRole, a service-specific ServiceLogGroup will also have to be declared, see Dependencies below.

AWS::ECS::Service

Resources:
  ...
  ServiceDefinition:
    Type: AWS::ECS::Service
    DependsOn:
      - LoadBalancerListener
    Properties:
      ServiceName: !Ref ProjectID
      LaunchType: FARGATE
      Cluster: 'some-cluster'
      TaskDefinition: !Ref TaskDefinition
      DesiredCount: 1
      HealthCheckGracePeriodSeconds: 60
      NetworkConfiguration:
        AwsvpcConfiguration:
          AssignPublicIp: DISABLED
          SecurityGroups:
          - !Ref ServiceSecurityGroup
          Subnets:
            - 'blue-subnet'
            - 'green-subnet'
      ServiceRegistries:
      - RegistryArn: !GetAtt ServiceDiscovery.Arn
      LoadBalancers:
      - ContainerName: !Sub '${ProjectID}-container'
        ContainerPort: 10002
        TargetGroupArn: !Ref TargetGroup

The service depends on load balancing infrastructure.

Dependencies

TODO:

  • TaskRole
  • TaskExecutionRole
  • ServiceLogGroup
  • Load balancing infrastructure

Create a Cluster

TODO