search close

AWS Elastic Container Service (ECS) Setup

access_time Updated Dec 5, 2022

Introduction

This guide shows how to create a deployment in AWS ECS to add Signal Sciences in a sidecar configuration. This deployment setup is compatible with both Fargate and EC2 launch types.

Installation

  1. Create a new task definition.

  2. Select either Fargate or EC2.

  3. Under Volumes, click Add volume to add the Shared Volume for the containers to use for the Unix Socket file. The Add volume window appears.

  4. In the Add Volume window:

    1. In the Name field, enter a name for the volume.
    2. Select the type of Bind mount.
    3. Click Add.
  5. On the main Task page, click Add Container. The Add container window appears.

  6. In the Add Container window:

    1. In the Container name field, enter a Display Name for the container.
    2. In the Image field, enter a name for the Docker image. For example, username/example-app:latest.
    3. Under Port mappings, add any ports that should be available for your app.
  7. Create the container.

  8. Click Add Container to add a second container for the Signal Sciences Agent. The Add container window appears.

  9. In the Add Container window:

    1. In the Container name field, enter sigsci-agent.
    2. In the Image field, enter signalsciences/sigsci-agent:latest.
    3. Under Port mappings, add any ports that should be available for your app.
  10. Locate the Agent Keys for your Signal Sciences site:

    1. Log in to the Signal Sciences console.

    2. Select a site if you have more than one site.

    3. Click Agents in the navigation bar. The agents page appears.

    4. Click View agent keys. The agent keys window appears.

      The 'View agent keys' button.
    5. Copy the Agent Access Key and Agent Secret Key.

      The agent keys window.
  11. In the Environment section in AWS, enter the Agent Access Key and Agent Secret Key for your site as Environment variables named SIGSCI_ACCESSKEYID and SIGSCI_SECRETACCESSKEY.

    The environment variable fields with 'SIGSCI_ACCESSKEYID' and 'SIGSCI-SECRETACCESSKEY' entered as key names and 'REPLACEME' entered as key values.
  12. Under Mount Points in the Storage and Logging section of the Container Definition, select the same mount point as the previous Container.

  13. Create the container.

  14. Finish creating the task definition.

  15. From the Actions menu, select Run Task or Create Service and run on one of your configured clusters.

Example JSON configuration

Note: You will need to replace all instances of REPLACEME in this example JSON.

{
    "ipcMode": null,
    "executionRoleArn": "arn:aws:iam::REPLACEME:role/ecsTaskExecutionRole",
    "containerDefinitions": [
        {
            "dnsSearchDomains": null,
            "logConfiguration": {
                "logDriver": "awslogs",
                "secretOptions": null,
                "options": {
                    "awslogs-group": "/ecs/sigsci-example",
                    "awslogs-region": "us-west-1",
                    "awslogs-stream-prefix": "ecs"
                }
            },
            "entryPoint": null,
            "portMappings": [
                {
                    "hostPort": 8080,
                    "protocol": "tcp",
                    "containerPort": 8080
                }
            ],
            "command": null,
            "linuxParameters": null,
            "cpu": 0,
            "environment": [
                {
                    "name": "apache_port",
                    "value": "8080"
                },
                {
                    "name": "sigsci_rpc",
                    "value": "/var/run/sigsci.sock"
                }
            ],
            "ulimits": null,
            "dnsServers": null,
            "mountPoints": [
                {
                    "readOnly": null,
                    "containerPath": "/var/run",
                    "sourceVolume": "run"
                }
            ],
            "workingDirectory": null,
            "secrets": null,
            "dockerSecurityOptions": null,
            "memory": null,
            "memoryReservation": null,
            "volumesFrom": [],
            "stopTimeout": null,
            "image": "trickyhu/sigsci-apache-alpine:latest",
            "startTimeout": null,
            "firelensConfiguration": null,
            "dependsOn": null,
            "disableNetworking": null,
            "interactive": null,
            "healthCheck": null,
            "essential": true,
            "links": null,
            "hostname": null,
            "extraHosts": null,
            "pseudoTerminal": null,
            "user": null,
            "readonlyRootFilesystem": null,
            "dockerLabels": null,
            "systemControls": null,
            "privileged": null,
            "name": "apache"
        },
        {
            "dnsSearchDomains": null,
            "logConfiguration": {
                "logDriver": "awslogs",
                "secretOptions": null,
                "options": {
                    "awslogs-group": "/ecs/sigsci-example",
                    "awslogs-region": "us-west-1",
                    "awslogs-stream-prefix": "ecs"
                }
            },
            "entryPoint": null,
            "portMappings": [],
            "command": null,
            "linuxParameters": null,
            "cpu": 0,
            "environment": [
                {
                    "name": "SIGSCI_ACCESSKEYID",
                    "value": "REPLACEME"
                },
                {
                    "name": "SIGSCI_SECRETACCESSKEY",
                    "value": "REPLACEME"
                }
            ],
            "ulimits": null,
            "dnsServers": null,
            "mountPoints": [
                {
                    "readOnly": null,
                    "containerPath": "/var/run",
                    "sourceVolume": "run"
                }
            ],
            "workingDirectory": null,
            "secrets": null,
            "dockerSecurityOptions": null,
            "memory": null,
            "memoryReservation": null,
            "volumesFrom": [],
            "stopTimeout": null,
            "image": "trickyhu/sigsci-agent-alpine:latest",
            "startTimeout": null,
            "firelensConfiguration": null,
            "dependsOn": null,
            "disableNetworking": null,
            "interactive": null,
            "healthCheck": null,
            "essential": true,
            "links": null,
            "hostname": null,
            "extraHosts": null,
            "pseudoTerminal": null,
            "user": null,
            "readonlyRootFilesystem": null,
            "dockerLabels": null,
            "systemControls": null,
            "privileged": null,
            "name": "agent"
        }
    ],
    "memory": "4096",
    "taskRoleArn": "arn:aws:iam::REPLACEME:role/EcsServiceRole2",
    "family": "sigsci-example",
    "pidMode": null,
    "requiresCompatibilities": [
        "FARGATE"
    ],
    "networkMode": "host",
    "cpu": "2048",
    "inferenceAccelerators": null,
    "proxyConfiguration": null,
    "volumes": [
        {
            "efsVolumeConfiguration": null,
            "name": "run",
            "host": {
                "sourcePath": null
            },
            "dockerVolumeConfiguration": null
        }
    ],
    "tags": []
}