AWS Elastic Container Service (ECS) setup
Last updated 2023-05-05
This guide shows how to create a deployment in AWS ECS to add Signal Sciences in a sidecar configuration. This deployment setup is compatible with both Fargate and EC2 launch types.
Installation
NOTE
This guide assumes you're using the classic AWS Management Console.
Create a new task definition.
Select either Fargate or EC2.
Under Volumes, click Add volume to add the Shared Volume for the containers to use for the Unix Socket file.
In the Add Volume window:
- In the Name field, enter a name for the volume.
- Select the type of Bind mount.
- Click Add.
On the main Task page, click Add Container.
In the Add Container window:
- In the Container name field, enter a Display Name for the container.
- In the Image field, enter a name for the Docker image. For example,
username/example-app:latest. - Under Port mappings, add any ports that should be available for your app.
Create the container.
Click Add Container to add a second container for the Signal Sciences Agent.
In the Add Container window:
- In the Container name field, enter
sigsci-agent. - In the Image field, enter
signalsciences/sigsci-agent:latest. - Under Port mappings, add any ports that should be available for your app.
- In the Container name field, enter
In the Resource Limits section, modify the base
ulimits:- Under
ulimits, addnofileto thelimit name. - Set the soft limit to
65335. - Set the hard limit to
65335.
- Under
Locate the Agent Keys for your Signal Sciences site:
- Log in to the Signal Sciences console.
- From the Sites menu, select a site if you have more than one site.
Click Agents in the navigation bar.
Click View agent keys.
Copy the Agent Access Key and Agent Secret Key.
In the Environment section in AWS, enter the Agent Access Key and Agent Secret Key for your site as Environment variables named
SIGSCI_ACCESSKEYIDandSIGSCI_SECRETACCESSKEY.
Under Mount Points in the Storage and Logging section of the Container Definition, select the same mount point as the previous Container.
Create the container.
Finish creating the task definition.
From the Actions menu, select Run Task or Create Service and run on one of your configured clusters.
Example JSON configuration
NOTE
You will need to replace all instances of REPLACEME in this example JSON.
1{2 "ipcMode": null,3 "executionRoleArn": "arn:aws:iam::REPLACEME:role/ecsTaskExecutionRole",4 "containerDefinitions": [5 {6 "dnsSearchDomains": null,7 "logConfiguration": {8 "logDriver": "awslogs",9 "secretOptions": null,10 "options": {11 "awslogs-group": "/ecs/sigsci-example",12 "awslogs-region": "us-west-1",13 "awslogs-stream-prefix": "ecs"14 }15 },16 "entryPoint": null,17 "portMappings": [18 {19 "hostPort": 8080,20 "protocol": "tcp",21 "containerPort": 808022 }23 ],24 "command": null,25 "linuxParameters": null,26 "cpu": 0,27 "environment": [28 {29 "name": "apache_port",30 "value": "8080"31 },32 {33 "name": "sigsci_rpc",34 "value": "/var/run/sigsci.sock"35 }36 ],37 "dnsServers": null,38 "mountPoints": [39 {40 "readOnly": null,41 "containerPath": "/var/run",42 "sourceVolume": "run"43 }44 ],45 "workingDirectory": null,46 "secrets": null,47 "dockerSecurityOptions": null,48 "memory": null,49 "memoryReservation": null,50 "volumesFrom": [],51 "stopTimeout": null,52 "image": "signalsciences/sigsci-agent:latest",53 "startTimeout": null,54 "firelensConfiguration": null,55 "dependsOn": null,56 "disableNetworking": null,57 "interactive": null,58 "healthCheck": null,59 "essential": true,60 "links": null,61 "hostname": null,62 "extraHosts": null,63 "pseudoTerminal": null,64 "user": null,65 "readonlyRootFilesystem": null,66 "dockerLabels": null,67 "systemControls": null,68 "privileged": null,69 "name": "apache"70 },71 {72 "dnsSearchDomains": null,73 "logConfiguration": {74 "logDriver": "awslogs",75 "secretOptions": null,76 "options": {77 "awslogs-group": "/ecs/sigsci-example",78 "awslogs-region": "us-west-1",79 "awslogs-stream-prefix": "ecs"80 }81 },82 "entryPoint": null,83 "portMappings": [],84 "command": null,85 "linuxParameters": null,86 "cpu": 0,87 "environment": [88 {89 "name": "SIGSCI_ACCESSKEYID",90 "value": "REPLACEME"91 },92 {93 "name": "SIGSCI_SECRETACCESSKEY",94 "value": "REPLACEME"95 }96 ],97 "ulimits": [98 {99 "name": "nofile",100 "softLimit": 65335,101 "hardLimit": 65335102 }103 ],104 "dnsServers": null,105 "mountPoints": [106 {107 "readOnly": null,108 "containerPath": "/var/run",109 "sourceVolume": "run"110 }111 ],112 "workingDirectory": null,113 "secrets": null,114 "dockerSecurityOptions": null,115 "memory": null,116 "memoryReservation": null,117 "volumesFrom": [],118 "stopTimeout": null,119 "image": "signalsciences/sigsci-agent:latest",120 "startTimeout": null,121 "firelensConfiguration": null,122 "dependsOn": null,123 "disableNetworking": null,124 "interactive": null,125 "healthCheck": null,126 "essential": true,127 "links": null,128 "hostname": null,129 "extraHosts": null,130 "pseudoTerminal": null,131 "user": null,132 "readonlyRootFilesystem": null,133 "dockerLabels": null,134 "systemControls": null,135 "privileged": null,136 "name": "agent"137 }138 ],139 "memory": "4096",140 "taskRoleArn": "arn:aws:iam::REPLACEME:role/EcsServiceRole2",141 "family": "sigsci-example",142 "pidMode": null,143 "requiresCompatibilities": [144 "FARGATE"145 ],146 "networkMode": "host",147 "cpu": "2048",148 "inferenceAccelerators": null,149 "proxyConfiguration": null,150 "volumes": [151 {152 "efsVolumeConfiguration": null,153 "name": "run",154 "host": {155 "sourcePath": null156 },157 "dockerVolumeConfiguration": null158 }159 ],160 "tags": []161}Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.