Created
May 18, 2018 12:18
-
-
Save droidlabour/344592b9c20dde306a641b41d4e6d8f4 to your computer and use it in GitHub Desktop.
Create Base AWS ECS Container Instance (Ubuntu 16.04) AMI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Create Base AWS ECS Container Instance (Ubuntu 16.04) AMI | |
| ########################### NOTE ########################## | |
| # To use the base Ubuntu ECS AMI | |
| # Add following lines to UserData | |
| # echo ECS_CLUSTER=ecs-cluster-name >> /etc/ecs/ecs.config | |
| # systemctl enable docker-container@ecs-agent.service | |
| # systemctl start docker-container@ecs-agent.service | |
| # Install Docker | |
| apt-get remove docker docker-engine docker.io | |
| apt-get update | |
| apt-get install -y linux-image-extra-$(uname -r) linux-image-extra-virtual | |
| apt-get update | |
| apt-get install -y apt-transport-https ca-certificates curl software-properties-common | |
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
| apt-key fingerprint 0EBFCD88 | |
| add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | |
| apt-get update | |
| apt-get install -y docker-ce | |
| # Set iptables rules | |
| echo 'net.ipv4.conf.all.route_localnet = 1' >> /etc/sysctl.conf | |
| sysctl -p /etc/sysctl.conf | |
| iptables -t nat -A PREROUTING -p tcp -d 169.254.170.2 --dport 80 -j DNAT --to-destination 127.0.0.1:51679 | |
| iptables -t nat -A OUTPUT -d 169.254.170.2 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679 | |
| # Write iptables rules to persist after reboot | |
| mkdir /etc/iptables | |
| iptables-save > /etc/iptables/rules.v4 | |
| # Create directories for ECS agent | |
| mkdir -p /var/log/ecs /var/lib/ecs/data /etc/ecs | |
| # Write ECS config file | |
| cat << EOF > /etc/ecs/ecs.config | |
| ECS_DATADIR=/data | |
| ECS_ENABLE_TASK_IAM_ROLE=true | |
| ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST=true | |
| ECS_LOGFILE=/log/ecs-agent.log | |
| ECS_AVAILABLE_LOGGING_DRIVERS=["json-file","awslogs"] | |
| ECS_LOGLEVEL=info | |
| EOF | |
| # Write systemd unit file | |
| cat << EOF > /etc/systemd/system/docker-container@ecs-agent.service | |
| [Unit] | |
| Description=Docker Container %I | |
| Requires=docker.service | |
| After=docker.service | |
| [Service] | |
| Restart=always | |
| ExecStartPre=-/usr/bin/docker rm -f %i | |
| ExecStart=/usr/bin/docker run --name %i \ | |
| --restart=on-failure:10 \ | |
| --volume=/var/run:/var/run \ | |
| --volume=/var/log/ecs/:/log \ | |
| --volume=/var/lib/ecs/data:/data \ | |
| --volume=/etc/ecs:/etc/ecs \ | |
| --net=host \ | |
| --env-file=/etc/ecs/ecs.config \ | |
| amazon/amazon-ecs-agent:latest | |
| ExecStop=/usr/bin/docker stop %i | |
| [Install] | |
| WantedBy=default.target | |
| EOF | |
| docker pull amazon/amazon-ecs-agent:latest |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment