Post

ECS CLI

Posted Updated
By Senad Dizdarević 3 min read

AWS DOCS

Configuring the CLI

1

ecs-cli configure profile --profile-name profile_name --access-key $AWS_ACCESS_KEY_ID --secret-key $AWS_SECRET_ACCESS_KEY --session-token $AWS_SESSION_TOKEN

Cluster Configurations

1

ecs-cli configure --cluster cluster_name --region region_name --config-name configuration_name --default-launch-type FARGATE

Configuring Defaults

aws_credentials_example.ini

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

[default]
aws_access_key_id = defaultAwsAccessKey
aws_secret_access_key = defaultAwsSecretKey

[customProfile]
aws_access_key_id = customAKID
aws_secret_access_key = customSKID

[assumeRoleWithCreds]
role_arn = assumeRoleWithCredsRoleArn
source_profile = assumeRoleWithCreds
external_id = 1234
role_session_name = assumeRoleWithCredsSessionName
aws_access_key_id = assumeRoleWithCredsAKID
aws_secret_access_key = assumeRoleWithCredsSKID

aws_config_example.ini

1
2
3
4
5
6
7
8
9
10
11

[default]
region = us-west-2

[customProfile]
region = us-west-1

[assumeRoleWithCreds]
region = us-east-2

[ec2InstanceRole]
region = ap-northeast-1

Creating an ECS Cluster

1

ecs-cli up --cluster test-cluster --empty

Creating a Service

1
2
3
4
5

ecs-cli compose --project-name test-service service create

ecs-cli compose --project-name test-service service start

ecs-cli compose --project-name test-service service ps

Using ECS parameters

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

version: 1
task_definition:
  ecs_network_mode: string               // Supported string values: none, bridge, host, or awsvpc
  task_role_arn: string
  task_execution_role: string            // Needed to use Cloudwatch Logs or ECR with your ECS tasks
  task_size:                             // Required for running tasks with Fargate launch type
    cpu_limit: string
    mem_limit: string                    // Values specified without units default to MiB
  pid_mode: string                       // Supported string values: task or host
  ipc_mode: string                       // Supported string values: task, host, or none
  services:
    <service_name>:
      essential: boolean
      depends_on:
        - container_name: string         // <service_name> of any other service in services
          condition: string              // Valid values: START | COMPLETE | SUCCESS | HEALTHY
      repository_credentials:
        credentials_parameter: string
      cpu_shares: integer
      firelens_configuration:
        type: string                     // Supported string values: fluentd or fluentbit
        options: list of strings
      mem_limit: string                  // Values specified without units default to bytes, as in docker run
      mem_reservation: string
      gpu: string
      init_process_enabled: boolean
      healthcheck:
        test: string or list of strings
        interval: string
        timeout: string
        retries: integer
        start_period: string
      logging:
        secret_options:
          - value_from: string
            name: string
      secrets:
        - value_from: string
          name: string
  docker_volumes:
    - name: string
      scope: string                      // Valid values: "shared" | "task"
      autoprovision: boolean             // only valid if scope = "shared"
      driver: string
      driver_opts:
        string: string
      labels:
        string: string
  efs_volumes:
     - name: string
       filesystem_id: string
       root_directory: string
       transit_encryption: string       // Valid values: "ENABLED" | "DISABLED" (default). Required if 
                                        //   IAM is enabled or an access point ID is  
                                        //   specified
       transit_encryption_port: int64   // required if transit_encryption is enabled
       access_point: string
       iam: string                      // Valid values: "ENABLED" | "DISABLED" (default). Enable IAM 
                                        //   authentication for FS access. 
  placement_constraints:
    - type: string                      // Valid values: "memberOf"
      expression: string

run_params:
  network_configuration:
    awsvpc_configuration:
      subnets: array of strings          // These should be in the same VPC and Availability Zone as your instance
      security_groups: list of strings   // These should be in the same VPC as your instance
      assign_public_ip: string           // supported values: ENABLED or DISABLED
  task_placement:
    strategy:
      - type: string                     // Valid values: "spread"|"binpack"|"random"
        field: string                    // Not valid if type is "random"
    constraints:
      - type: string                     // Valid values: "memberOf"|"distinctInstance"
        expression: string               // Not valid if type is "distinctInstance"
  service_discovery:
    container_name: string
    container_port: integer
    private_dns_namespace:
      id: string
      name: string
      vpc: string
      description: string
    public_dns_namespace:
      id: string
      name: string
    service_discovery_service:
      name: string
      description: string
      dns_config:
        type: string
        ttl: integer
      healthcheck_custom_config:
        failure_threshold: integer
ECS, CLI
aws-cli ecs
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.