Fargateに初挑戦してnginxを動かすまでのメモ
1. ecs-cliのインストール
https://docs.aws.amazon.com/ja_jp/AmazonECS/latest/developerguide/ECS_CLI_installation.html
2. プロファイル等の事前設定
$ ecs-cli configure profile --profile-name fargate-test --access-key $AWS_ACCESS_KEY --secret-key $AWS_SECRET_ACCESS_KEY
$ ecs-cli configure --cluster fargate-test --default-launch-type FARGATE --region us-east-1 --config-name fargate-test
3. クラスタの立ち上げ
$ ecs-cli up
INFO[0000] Created cluster cluster=fargate-test region=us-east-1
INFO[0000] Waiting for your cluster resources to be created...
INFO[0001] Cloudformation stack status stackStatus=CREATE_IN_PROGRESS
INFO[0061] Cloudformation stack status stackStatus=CREATE_IN_PROGRESS
VPC created: vpc-22fef559
Subnet created: subnet-82ad7be5
Subnet created: subnet-8864b1a6
Cluster creation succeeded.
4. 生成されたVPCに紐づくセキュリティグループを作成
後ほどecs-params.ymlに書き込みます
$ aws ec2 create-security-group --group-name "fargate-sg" --description "My security group" --vpc-id "vpc-22fef559"
{
"GroupId": "sg-0a333542"
}
$ aws ec2 authorize-security-group-ingress --group-id "sg-0a333542" --protocol tcp --port 80 --cidr 0.0.0.0/0
5. ECSタスク実行用のIAMロールを作成
6. docker-compose.yml と ecs-params.yml を作成
$ vim docker-compose.yml
$ vim ecs-params.yml
docker-compose.yml
version: '2'
services:
nginx:
image: nginx
ports:
- "80:80"
logging:
driver: awslogs
options:
awslogs-group: tutorial
awslogs-region: us-east-1
awslogs-stream-prefix: nginx
ecs-params.yml
version: 1
task_definition:
task_execution_role: ecsExecutionRole <- あらかじめ作成が必要(cloudwatch logs の書き込み権限がいる)
ecs_network_mode: awsvpc
task_size:
mem_limit: 512
cpu_limit: 256
run_params:
network_configuration:
awsvpc_configuration:
subnets:
- "subnet-82ad7be5"
- "subnet-8864b1a6"
security_groups:
- "sg-0a333542"
assign_public_ip: ENABLED
7. タスクを起動・停止する
$ ecs-cli compose --project-name tutorial service up (--create-log-groups)初回のupのみ
$ ecs-cli compose --project-name tutorial service ps
$ ecs-cli compose --project-name tutorial service down
Read other posts