Amazon ECS Operations

From NovaOrdis Knowledge Base
Revision as of 17:44, 7 February 2019 by Ovidiu (talk | contribs)
Jump to navigation Jump to search

External

Internal

Overview

Create a Cluster

Create a Cluster - Reference

Before you Start

Optionally, a VPC and one or more subnets can be created in advance. They can also be created during the cluster creation procedure.

Create a VPC
Create a Subnet

Procedure

Amazon ECS -> Clusters -> Create Cluster

Networking only (Fargate)

Cluster Name

Networking

Create VPC.


CIDR block 10.0.0.0/16

Subnet 1: 10.0.0.0/16

Make it a public subnet: add an Internet Gateway otherwise container pull fails.

Configure security group to allow access

Delete Subnet 2.

It will create:

  • ECS cluster
  • CloudFormation Stack
  • VPC
  • Subnet 1
  • Subnet 1 route table association
  • VPC Availability Zones
  • Internet gateway
  • Route table
  • Amazon EC2 route
  • Virtual private gateway attachment

Create a Task Definition

Create a Task Definition - Reference

Amazon ECS -> Task Definitions -> Create a New Task Definition -> FARGATE -> Next Step

Task Definition Name: themyscira

Requires Compatibilities: FARGATE

Task Role:

Create an IAM Task Role

After the task role is correctly created, it should show up in the "Task Role" drop-down box.

Network Mode: awsvpc

Task execution IAM role - this is the role that authorizes Amazon ECS to pull private images and publish logs for the task. This takes the place of the EC2 Instance role when running tasks:

Create an IAM Task Execution Role

After the task role is correctly created, it should show up in the "Task execution role" drop-down box. If it does not show up, refresh the page.

Task size:

Task memory (GB): 4GB

Task CPU (vCPU): 2 vCPU

Container Definitions: Add Container

Container name: themyscira

Image: 673499572719.dkr.ecr.us-west-2.amazonaws.com/com.uplift/playground/themyscira:playground

If the repository does not exist, create it:

Amazon ECR Operations - Create Repository

The tag should coincide with the name of the cluster the image will be deployed into.

No Private repository authentication.

Memory Limits (MiB): Hard Limit 4096

Port Mappings: 10001 (tcp)


Host port mappings are not valid when the network mode for a task definition is host or awsvpc. To specify different host and container port mappings, choose the Bridge network mode.

Advanced container configuration

Healthcheck

Environment

CPU Units: 2048

Essential: If the essential parameter of a container is marked as true, the failure of that container will stop the task.

Entry point:

Command:

Working directory:

Environment variables:

Key: SPRING_PROFILES_ACTIVE Value: playground

Network Settings:

Storage and Logging:

Read only root file system

Mount points:

Volumes from:

Log configuration: Unselect "Auto-configure CloudWatch Logs"

Log driver: awslogs

Values:

awslogs-group: /up/playground/themyscira

awslogs-region: us-west-2

awslogs-stream-prefix: dev

Create a Service

Must create at least a Task Definition first. See:

Create a Task Definition

Clusters -> <Cluster Name> -> Services tab -> Create:

Launch Type: FARGATE

Task Definition: Family themyscira

Revision: latest

Platform version: LATEST

Cluster: playground

Service name: themyscira

Service type: REPLICA

Number of Tasks: 1

Minimum healthy percent: 100

Maximum percent: 200

Deployment type: Rolling update.

Cluster VPC: vpc-*

Subnets:

Security groups: themys-3144

Auto-assign public IP: DISABLED

Load balancer type: Return here

Service IAM role:

Service discovery (optional)

NO

Set Auto Scaling (optional)

Do not adjust the service's desired count.





Load balancer:

Retrieved from "https://kb.novaordis.com/index.php?title=Amazon_ECS_Operations&oldid=54618"