Issue
Below is the ECS task definition for an application:
SomeappTaskDefinition:
Type: "AWS::ECS::TaskDefinition"
Properties:
ContainerDefinitions:
- Name: someapp
Image: someaccounthub/someapp
Memory: 450
Environment:
- Name: DJANGO_SETTINGS_MODULE
Value: someapp.settings.release
- Name: MYSQL_HOST
Value: { "Fn::GetAtt": ["DbInstance", "Endpoint.Address"] }
- Name: MYSQL_USER
Value: { "Ref": "DbUsername" }
- Name: MYSQL_PASSWORD
Value: { "Ref": "DbPassword" }
MountPoints:
- ContainerPath: /var/www/someapp
SourceVolume: webroot
Command:
- uwsgi
- "--socket /var/www/someapp/someapp.sock"
- "--chmod-socket=666"
- "--module someapp.wsgi"
- "--master"
- "--die-on-term"
- Name: nginx
Image: someaccounthub/someapp-nginx
Memory: 300
PortMappings:
- ContainerPort: "8000"
HostPort: "8000"
MountPoints:
- ContainerPath: /var/www/someapp
SourceVolume: webroot
Volumes:
- Name: webroot
Host:
SourcePath: /ecs/webroot
that is launched on an ECS optimised ami instance(EC2). Docker daemon is running in ECS optimised ami instance(EC2).
Did not include CloudFormation code that creates ECS service(AWS::ECS::Service
) and ECS cluster(AWS::ECS::Cluster
), as it is not necessary for this query.
ECS service - AWS::ECS::Service
resource type
ECS instance - AWS::EC2::Instance
resource type
1) Is ECS service responsible to deploy new task definiton onto ECS instance? by talking to ECS agent running in ECS instance.
2)
Is ECS agent running in ECS instance responsible to stop and start the existly running ECS task(SomeappTaskDefinition
)? and inform that service is up to ECS service..
3)
Is ECS agent running in ECS instance responsible to place request to docker daemon running in ECS instance to pull docker image someaccthub/someapp
from docker repo? amidst start of ECS task
Solution
1) Yes, your task definition is configured with the appropriate ECR repository version. And the Service under your cluster is responsible for ensuring the correct tasks are up and running within your EC2 instance.
2) Yes, depending on your Cluster's definition, the amazon/amazon-ecs-agent which is a docker container on your EC2 as well, will ensure there are healthy tasks (which are docker containers) running on your EC2.
3) Not entirely, the agent will only ensure to keep docker containers of the relevant task definition that the service was configured within ECR. And not pick up any other repository. It will only update if you update your Cluster's service.
The ecs agent is responsible for the pull and run. But, let's say your task definition version is 1. And, version 1 of your task definition is configured with a docker image let's say version 1. And your ECS cluster is configured with a Service with task definition v1. In this case, the agent will only ensure the pull and run of task definition v1. If you would want a different docker image to be managed by the agent. You would have to update your definition and service accordingly.
Answered By - Arnab Saha