I want to create a cloudformation template for my ECS cluster so that I can deploy it automatically when needed.
My cluster contains 3 tasks definitions, and 2 instances, and no ECS services.
I created the tasks definitions and the cluster, but I'm stuck in the creation of the EC2 instances. In the documentation here
There is only
AWS::ECS::Cluster,
AWS::ECS::Service and
AWS::ECS::TaskDefinition.
How am I supposed to create the resources of EC2 in the template ??
When you make a AWS::ECS::Service declare it as DependsOn a suitable AWS::AutoScaling::AutoScalingGroup that is declared elsewhere
Or you can make the AWS::ECS::Service depend on a ALB, and the ALB ultimately depends on a AWS::ElasticLoadBalancingV2::TargetGroup
This example http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ecs.html shows how to use an ALB to do this
Related
I'm trying to create ECS cluster based on EC2 using Terraform and it creates every resources however EC2 instance is not getting registered at ECS and my tasks are failing. I created IAM roles for ECS instance and ECS services and attached respective policies.
Here is the full Terraform code for ECS cluster
https://gist.github.com/billyboar/4c7f1fa5b011896b2d3baa49574977a0
Seems like my VPC didn't make the route table that I created as default. I tried making the route table as default and somehow EC2 instance was registered as ECS container.
I would like to add lifecycle hooks to my Elastic Beanstalk's autoscaling group. I see how lifecycle hooks can be added to an autoscaling group through cloudformation, but I don't know how this can be done through Elastic Beanstalk.
To create a lifecycle hook on an autoscaling group, you need the autoscaling group's name. This doesn't appear to be possible since the Elastic Beanstalk resource doesn't have an export for the ASG name.
Type: AWS::AutoScaling::LifecycleHook
Properties:
AutoScalingGroupName: String
DefaultResult: String
HeartbeatTimeout: Integer
LifecycleHookName: String
LifecycleTransition: String
NotificationMetadata: String
NotificationTargetARN: String
RoleARN: String
The Elastic Beanstalk doesn't allow defining this configuration either. It does allow defining an sns topic, but adding one doesn't appear to change the configuration in the console, and scaling operations don't appear to be using this topic.
- Namespace: aws:elasticbeanstalk:sns:topics
OptionName: NotificationTopicARN
Value: !ImportValue MyLifecycleHookTopic
How can I add Lifecycle hooks to my Elastic Beanstalk application, so that terminating an environment can go through my graceful shutdown process?
You might be able to use .ebextensions files to further modify settings like these.
Resources:
lifecyclehook:
Type: AWS::AutoScaling::LifecycleHook
Properties:
AutoScalingGroupName: { "Ref" : "AWSEBAutoScalingGroup" }
LifecycleHookName: "autoscaling:EC2_INSTANCE_TERMINATING"
https://github.com/awsdocs/aws-elastic-beanstalk-developer-guide/blob/master/doc_source/environment-resources.md
I am trying to create an ECS cluster(using cloudformation template), where i can create an instance installed with an provided AMI through Yaml file
But the problem i am facing -
In Yaml file -
I am creating a cluster then creating a service and task with minimum required values
The cluster is creating service is also creating but I can't see any Container instance there.
How can I be able to see container instance, what kind of changes/modifications I need to make in my YAML file?
ECS is amazon manage service you donot have any type of access to underlying resources.
ECS also known as fargate and in that task is there it & not create container instances.
there is total two launch type in ECS where
ECS fargate launch type
EC2 launch type
in second launch type ec2 only it create container instance and you can watch it in ec2 section while with fargate you have to manage it as task defination
Launch type definition documentation : https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html
you can read more here : https://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html
For EC2 launch type your cluster type will be same
Type: AWS::ECS::Cluster
But SG, VPC,NATGateway and other resources will change
EcsHostSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Access to the ECS hosts that run containers
VpcId: !Ref 'VPC'
In the article Getting Started with Amazon EKS, it recommends creating a VPC for the cluster using this provided cloudformation template. That template creates a VPC with three public subnets and 0 private subnets.
In the article Cluster VPC Considerations it says
We recommend a network architecture that uses private subnets for your worker nodes and public subnets for Kubernetes to create internet-facing load balancers within
Does a cloudformation template exist anywhere that is actually in line with their own recommendations?
The Cluster VPC Considerations document is only to provide recommendation and guidelines and the real architecture implementation depends on your requirements. If you are looking into creating a private and public subnet on a VPC, there is a sample of cloudformation template : Sample template that you can use to help you to get started writing your own template.
EKS cluster can be created on an existing VPC either using existing subnets or new subnets as long as it fulfils the requirements listed on the VPC consideration : Cluster VPC Considerations , such as tagging for internal load balancer, VPC DNS hostname and DNS resolution support. When creating an EKS cluster, you can pick any VPC and subnets (within the VPC) in the region : Getting Started with Amazon EKS - Step 1: Create Your Amazon EKS Cluster and it doesn’t have to be the one created by cloudformation.
I have started 2 ECS optimized instances on EC2, but how can I register them as ECS container instances ?
Can not figure out a way of doing that.
When you start an ECS optimized image, it starts the ECS agent on the instance by default. The ecs agent registers the instance with the default ecs cluster.
For your instance to be available on the cluster, you will have to create the default cluster.
if you have a custom ecs cluster, you can set the cluster name using the userdata section.
The ecs agent expects the cluster name inside the ecs.config file available at /etc/ecs/ecs.config.
You can set it up at instance boot up using userdata script
#!/bin/bash
echo ECS_CLUSTER={cluster_name} >> /etc/ecs/ecs.config
Please refer to the following ecs documentation for more information
http://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_container_instance.html
When you create an EC2 instance, you must specified the IAM role linked to your ECS container (if using SDK/..., you must specified the "Instance Profile ARN" of this role in the parameters), if you use the interactive ECS cluster creation at your first ECS use on the aws website, you should already have an ecsInstanceRole link to the default cluster.
Then, after being launched, your EC2 instance will be automatically register as ECS container in this cluster.
Other than the user-data script echoing the non-default cluster's name, remember that the container instances need external network access to communicate with the Amazon ECS service. So, if your container instances do not have public IP addresses, then they must use network address translation (NAT) gateway to provide this access.
Source: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_container_instance.html
One more thing you can do to register instances in the cluster is to:
Create a service and assign it a task;
When creating a service - choose a load balancer and respective number of tasks that should be launched;
Afterwards, create a target group for the load balancer (if one doesn't exist already);
You have 2 options now - either create desired instances manually or edit a launch template of your cluster (based on the template, the instances will be created automatically);
If you create instances via the launch template - they will be linked to the target group automatically (because you selected the respective load balancer when creating the service);
Otherwise add them manually - any instance that passes health checks and is in your service target group will be automatically added to the cluster, unless the cluster already has the max. amount of instances.