AWS Elastic Container Service (ECS) setup

This guide shows how to create a deployment in AWS ECS to add Signal Sciences in a sidecar configuration. This deployment setup is compatible with both Fargate and EC2 launch types.

Installation

NOTE

This guide assumes you're using the classic AWS Management Console.

  1. Create a new task definition.

  2. Select either Fargate or EC2.

  3. Under Volumes, click Add volume to add the Shared Volume for the containers to use for the Unix Socket file.

  4. In the Add Volume window:

    1. In the Name field, enter a name for the volume.
    2. Select the type of Bind mount.
    3. Click Add.
  5. On the main Task page, click Add Container.

  6. In the Add Container window:

    1. In the Container name field, enter a Display Name for the container.
    2. In the Image field, enter a name for the Docker image. For example, username/example-app:latest.
    3. Under Port mappings, add any ports that should be available for your app.
  7. Create the container.

  8. Click Add Container to add a second container for the Signal Sciences Agent.

  9. In the Add Container window:

    1. In the Container name field, enter sigsci-agent.
    2. In the Image field, enter signalsciences/sigsci-agent:latest.
    3. Under Port mappings, add any ports that should be available for your app.
  10. In the Resource Limits section, modify the base ulimits:

    1. Under ulimits, add nofile to the limit name.
    2. Set the soft limit to 65335.
    3. Set the hard limit to 65335.
  11. Locate the Agent Keys for your Signal Sciences site:

    1. Log in to the Signal Sciences console.
    2. From the Sites menu, select a site if you have more than one site.
    3. Click Agents in the navigation bar.

      View agent keys' button.

    4. Click View agent keys.

    5. Copy the Agent Access Key and Agent Secret Key.

      The agent keys window.

  12. In the Environment section in AWS, enter the Agent Access Key and Agent Secret Key for your site as Environment variables named SIGSCI_ACCESSKEYID and SIGSCI_SECRETACCESSKEY.

    The environment variable fields with 'SIGSCI_ACCESSKEYID' and 'SIGSCI-SECRETACCESSKEY' entered as key names and 'REPLACEME' entered as key values.

  13. Under Mount Points in the Storage and Logging section of the Container Definition, select the same mount point as the previous Container.

  14. Create the container.

  15. Finish creating the task definition.

  16. From the Actions menu, select Run Task or Create Service and run on one of your configured clusters.

Example JSON configuration

NOTE

You will need to replace all instances of REPLACEME in this example JSON.

1{
2 "ipcMode": null,
3 "executionRoleArn": "arn:aws:iam::REPLACEME:role/ecsTaskExecutionRole",
4 "containerDefinitions": [
5 {
6 "dnsSearchDomains": null,
7 "logConfiguration": {
8 "logDriver": "awslogs",
9 "secretOptions": null,
10 "options": {
11 "awslogs-group": "/ecs/sigsci-example",
12 "awslogs-region": "us-west-1",
13 "awslogs-stream-prefix": "ecs"
14 }
15 },
16 "entryPoint": null,
17 "portMappings": [
18 {
19 "hostPort": 8080,
20 "protocol": "tcp",
21 "containerPort": 8080
22 }
23 ],
24 "command": null,
25 "linuxParameters": null,
26 "cpu": 0,
27 "environment": [
28 {
29 "name": "apache_port",
30 "value": "8080"
31 },
32 {
33 "name": "sigsci_rpc",
34 "value": "/var/run/sigsci.sock"
35 }
36 ],
37 "dnsServers": null,
38 "mountPoints": [
39 {
40 "readOnly": null,
41 "containerPath": "/var/run",
42 "sourceVolume": "run"
43 }
44 ],
45 "workingDirectory": null,
46 "secrets": null,
47 "dockerSecurityOptions": null,
48 "memory": null,
49 "memoryReservation": null,
50 "volumesFrom": [],
51 "stopTimeout": null,
52 "image": "signalsciences/sigsci-agent:latest",
53 "startTimeout": null,
54 "firelensConfiguration": null,
55 "dependsOn": null,
56 "disableNetworking": null,
57 "interactive": null,
58 "healthCheck": null,
59 "essential": true,
60 "links": null,
61 "hostname": null,
62 "extraHosts": null,
63 "pseudoTerminal": null,
64 "user": null,
65 "readonlyRootFilesystem": null,
66 "dockerLabels": null,
67 "systemControls": null,
68 "privileged": null,
69 "name": "apache"
70 },
71 {
72 "dnsSearchDomains": null,
73 "logConfiguration": {
74 "logDriver": "awslogs",
75 "secretOptions": null,
76 "options": {
77 "awslogs-group": "/ecs/sigsci-example",
78 "awslogs-region": "us-west-1",
79 "awslogs-stream-prefix": "ecs"
80 }
81 },
82 "entryPoint": null,
83 "portMappings": [],
84 "command": null,
85 "linuxParameters": null,
86 "cpu": 0,
87 "environment": [
88 {
89 "name": "SIGSCI_ACCESSKEYID",
90 "value": "REPLACEME"
91 },
92 {
93 "name": "SIGSCI_SECRETACCESSKEY",
94 "value": "REPLACEME"
95 }
96 ],
97 "ulimits": [
98 {
99 "name": "nofile",
100 "softLimit": 65335,
101 "hardLimit": 65335
102 }
103 ],
104 "dnsServers": null,
105 "mountPoints": [
106 {
107 "readOnly": null,
108 "containerPath": "/var/run",
109 "sourceVolume": "run"
110 }
111 ],
112 "workingDirectory": null,
113 "secrets": null,
114 "dockerSecurityOptions": null,
115 "memory": null,
116 "memoryReservation": null,
117 "volumesFrom": [],
118 "stopTimeout": null,
119 "image": "signalsciences/sigsci-agent:latest",
120 "startTimeout": null,
121 "firelensConfiguration": null,
122 "dependsOn": null,
123 "disableNetworking": null,
124 "interactive": null,
125 "healthCheck": null,
126 "essential": true,
127 "links": null,
128 "hostname": null,
129 "extraHosts": null,
130 "pseudoTerminal": null,
131 "user": null,
132 "readonlyRootFilesystem": null,
133 "dockerLabels": null,
134 "systemControls": null,
135 "privileged": null,
136 "name": "agent"
137 }
138 ],
139 "memory": "4096",
140 "taskRoleArn": "arn:aws:iam::REPLACEME:role/EcsServiceRole2",
141 "family": "sigsci-example",
142 "pidMode": null,
143 "requiresCompatibilities": [
144 "FARGATE"
145 ],
146 "networkMode": "host",
147 "cpu": "2048",
148 "inferenceAccelerators": null,
149 "proxyConfiguration": null,
150 "volumes": [
151 {
152 "efsVolumeConfiguration": null,
153 "name": "run",
154 "host": {
155 "sourcePath": null
156 },
157 "dockerVolumeConfiguration": null
158 }
159 ],
160 "tags": []
161}
Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.