See vars.tf for all the variables you can set on this module.
See the ecs-service module for how to run Docker containers across this cluster.
What is an ECS Cluster?
To use ECS with the EC2 launch type, you first deploy one or more EC2 Instances into a "cluster". The ECS scheduler can
then deploy Docker containers across any of the instances in this cluster. Each instance needs to have the Amazon ECS
Agent installed so it can communicate with
ECS and register itself as part of the right cluster.
To add additional security group rules to the EC2 Instances in the ECS cluster, you can use the
aws_security_group_rule resource, and set its
security_group_id argument to the Terraform output of this module called ecs_instance_security_group_id. For
example, here is how you can allow the EC2 Instances in this cluster to allow incoming HTTP requests on port 8080:
Note: The security group rules you add will apply to ALL Docker containers running on these EC2 Instances. There is
currently no way in ECS to manage security group rules on a per-Docker-container basis.
How do you add additional IAM policies?
To add additional IAM policies to the EC2 Instances in the ECS cluster, you can use the
aws_iam_role_policy or
aws_iam_policy_attachment resources, and
set the IAM role id to the Terraform output of this module called ecs_instance_iam_role_name . For example, here is how
you can allow the EC2 Instances in this cluster to access an S3 bucket:
Note: The IAM policies you add will apply to ALL Docker containers running on these EC2 Instances. There is
currently no way in ECS to manage IAM policies on a per-Docker-container basis.
How do you make changes to the EC2 Instances in the cluster?
To deploy an update to an ECS Service, see the ecs-service module. To deploy an update to the
EC2 Instances in your ECS cluster, such as a new AMI, read on.
Terraform and AWS do not provide a way to automatically roll out a change to the Instances in an ECS Cluster. Due to
Terraform limitations (see here for a discussion), there is
currently no way to implement this purely in Terraform code. Therefore, we've created a script called
roll-out-ecs-cluster-update.py that can do a zero-downtime roll out for you.
How to use the roll-out-ecs-cluster-update.py script
First, make sure you have the latest version of the AWS Python SDK (boto3) installed
(e.g. pip install boto3).
To deploy a change such as rolling out a new AMI to all ECS Instances:
Make sure the cluster_max_size is at least twice the size of cluster_min_size. The extra capacity will be used
to deploy the updated instances.
Update the Terraform code with your changes (e.g. update the cluster_instance_ami variable to a new AMI).
If you have your output variables configured as shown in outputs.tf
of the docker-service-with-elb example, you can use the terraform output
command to fill in most of the arguments automatically:
To avoid the need to install python dependencies on your local machine, you may chose to use docker.
Navigate to the directory that you have downloaded roll-out-ecs-cluster-update.py:
If you use aws-vault, you can run the following to make your aws
credentials available to the container. If you do not use aws-vault, you will have to manually use the --env
option of docker run
The roll-out-ecs-cluster-update.py script does the following:
Double the desired capacity of the Auto Scaling Group that powers the ECS Cluster. This causes EC2 Instances to
deploy with the new launch configuration.
Put all the old ECS Instances in DRAINING state so all ECS Tasks are migrated off of them to the new Instances.
Wait for all ECS Tasks to migrate off the old Instances.
Set the desired capacity of the Auto Scaling Group back to its original value.
Questions? Ask away.
We're here to talk about our services, answer any questions, give advice, or just to chat.
{"treedata":{"name":"root","toggled":true,"children":[{"name":".circleci","children":[{"name":"config.yml","path":".circleci/config.yml","sha":"b9e7aa9778a17e91185eddd6878d3a5c74b2c541"}]},{"name":".gitignore","path":".gitignore","sha":"cd65450bcaeda0f80c95d09a33442c16474e7f51"},{"name":".pre-commit-config.yaml","path":".pre-commit-config.yaml","sha":"f1c2078a2f571b67d25e7ab70e8c68a7e2d3cb2e"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"ecbeaab263c59e955b621268f161059633041e3d"},{"name":"LICENSE.txt","path":"LICENSE.txt","sha":"f4e3d9bd4717a044ed31ad847a300eee74371a78"},{"name":"README.adoc","path":"README.adoc","sha":"77af879e5e6f25292cc9d27df778fc93dc4b1f3a"},{"name":"_docs","children":[{"name":"ecs-architecture.png","path":"_docs/ecs-architecture.png","sha":"7caa9342bfc7ff5c74f26626a9831f22e914ff8e"},{"name":"ecs-fargate-service-icon.png","path":"_docs/ecs-fargate-service-icon.png","sha":"b8825b62a8b9170889c747320e1c79a9298c9bcb"},{"name":"ecs-icon.png","path":"_docs/ecs-icon.png","sha":"8ffdf43575d96d27ceced3d492871fa12403140e"},{"name":"ecs-service-architecture.png","path":"_docs/ecs-service-architecture.png","sha":"1bef2e6b95cb016b8e2c0219679d2d2d3ddd1769"},{"name":"ecs-service-icon.png","path":"_docs/ecs-service-icon.png","sha":"30947a9dcd3612d12ab42f40095b81a13fbaaff4"}]},{"name":"core-concepts.md","path":"core-concepts.md","sha":"816b25e1b3df74a01f2f564447c10b5ea5f5dd55"},{"name":"examples","children":[{"name":"deploy-ecs-task","children":[{"name":"README.md","path":"examples/deploy-ecs-task/README.md","sha":"5de7a89dc7a156f82c016fed690214711943bff6"},{"name":"containers","children":[{"name":"container-definitions.json","path":"examples/deploy-ecs-task/containers/container-definitions.json","sha":"1de2f83af666b622739f89debacc7c7faed35a08"}]},{"name":"main.tf","path":"examples/deploy-ecs-task/main.tf","sha":"043d0e903ba789500cf39b42bb776a2a327b357d"},{"name":"outputs.tf","path":"examples/deploy-ecs-task/outputs.tf","sha":"f5df5493e277f4abe61e646fb719af7ca7688323"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/deploy-ecs-task/user-data/user-data.sh","sha":"7b474fe788eb9581b91f5f58b0cc09d4201a2013"}]},{"name":"vars.tf","path":"examples/deploy-ecs-task/vars.tf","sha":"5147059721dca8ae65387caba2b59094302e14b0"}]},{"name":"docker-daemon-service","children":[{"name":"containers","children":[{"name":"datadog-agent-ecs.json","path":"examples/docker-daemon-service/containers/datadog-agent-ecs.json","sha":"2ca20904deaabee35357192e95f8bf6a04fc41b3"}]},{"name":"main.tf","path":"examples/docker-daemon-service/main.tf","sha":"f3adcdb4a8e046a8b7ce5a2aa48f27a90fb71d7d"},{"name":"outputs.tf","path":"examples/docker-daemon-service/outputs.tf","sha":"2a294a1174fdc88601ebe62f9ab3dd4faf2d89fd"},{"name":"vars.tf","path":"examples/docker-daemon-service/vars.tf","sha":"5d47a110c100ec3764dedc79226912d467094614"}]},{"name":"docker-fargate-service-with-alb","children":[{"name":"README.md","path":"examples/docker-fargate-service-with-alb/README.md","sha":"e8754bd39b109b5b181f52596fbddef00302ea15"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-fargate-service-with-alb/containers/container-definition.json","sha":"9091667150daa61c453f31975da897f735812c7c"}]},{"name":"main.tf","path":"examples/docker-fargate-service-with-alb/main.tf","sha":"d4b03c75d1d446eefadaf7b3cf862fcd16db03c7"},{"name":"outputs.tf","path":"examples/docker-fargate-service-with-alb/outputs.tf","sha":"f6b5bea9f779eaaa2b792f363657e7ba326b605e"},{"name":"vars.tf","path":"examples/docker-fargate-service-with-alb/vars.tf","sha":"89c1dfc0c0e8fdb60c432fde45bfae216e75df36"}]},{"name":"docker-fargate-service-with-efs-volume","children":[{"name":"README.md","path":"examples/docker-fargate-service-with-efs-volume/README.md","sha":"ad85406d663a5f4429cf568ba13c781c6c0090fc"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-fargate-service-with-efs-volume/containers/container-definition.json","sha":"0b6cb6d9e9ab8eec112e6120b6eb4def8c94ef35"}]},{"name":"main.tf","path":"examples/docker-fargate-service-with-efs-volume/main.tf","sha":"539304b85082f0da7a85dd44af68e044ba1b5cf6"},{"name":"outputs.tf","path":"examples/docker-fargate-service-with-efs-volume/outputs.tf","sha":"2a10149cd88dc1b73415185c4aaa3ade4bf879bb"},{"name":"vars.tf","path":"examples/docker-fargate-service-with-efs-volume/vars.tf","sha":"04a1222e45ec89ba378a22725e3a2166e453cd0c"}]},{"name":"docker-fargate-service-with-nlb","children":[{"name":"README.md","path":"examples/docker-fargate-service-with-nlb/README.md","sha":"d064e28aebebd7606143feb8e46584f8667c9136"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-fargate-service-with-nlb/containers/container-definition.json","sha":"083fca39166d4b8f243e66cb96f6aa9fad72cbe6"}]},{"name":"main.tf","path":"examples/docker-fargate-service-with-nlb/main.tf","sha":"7dce0a9e1d4e1f19271e58c7f85173a8c9933dfb"},{"name":"outputs.tf","path":"examples/docker-fargate-service-with-nlb/outputs.tf","sha":"b70fb7144134f7a12470711953437ff94aca37d0"},{"name":"vars.tf","path":"examples/docker-fargate-service-with-nlb/vars.tf","sha":"45dc7bf8f56844fba980cd650cf47d6f990b8415"}]},{"name":"docker-fargate-service-without-lb","children":[{"name":"README.md","path":"examples/docker-fargate-service-without-lb/README.md","sha":"fb5e52151d29936dd194ef319fc8f3dda277b26c"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-fargate-service-without-lb/containers/container-definition.json","sha":"205833de7c0eabb367be2b16406cd12455d8e94e"}]},{"name":"main.tf","path":"examples/docker-fargate-service-without-lb/main.tf","sha":"0091f64ee586f96b9d3a3ba0191aaca42d7e410c"},{"name":"outputs.tf","path":"examples/docker-fargate-service-without-lb/outputs.tf","sha":"2a10149cd88dc1b73415185c4aaa3ade4bf879bb"},{"name":"vars.tf","path":"examples/docker-fargate-service-without-lb/vars.tf","sha":"85e201158ab1883911a48c3e03911299ec4b4ded"}]},{"name":"docker-fargate-spot-service-with-alb","children":[{"name":"README.md","path":"examples/docker-fargate-spot-service-with-alb/README.md","sha":"e1911050a7716c9148817d390d640e53a4e979c2"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-fargate-spot-service-with-alb/containers/container-definition.json","sha":"9091667150daa61c453f31975da897f735812c7c"}]},{"name":"main.tf","path":"examples/docker-fargate-spot-service-with-alb/main.tf","sha":"605ddd5b4e35914d5f69af39f801ffbf4a47e67d"},{"name":"outputs.tf","path":"examples/docker-fargate-spot-service-with-alb/outputs.tf","sha":"f6b5bea9f779eaaa2b792f363657e7ba326b605e"},{"name":"vars.tf","path":"examples/docker-fargate-spot-service-with-alb/vars.tf","sha":"550fc692ea4011f37ab500fdb4113eccfe4b2182"}]},{"name":"docker-service-with-alb-and-nlb","children":[{"name":"README.md","path":"examples/docker-service-with-alb-and-nlb/README.md","sha":"d8515f6083fb03e819d8bbf570396b500c128983"},{"name":"main.tf","path":"examples/docker-service-with-alb-and-nlb/main.tf","sha":"062434b9031968e2d427762decdca83f75aece15"},{"name":"outputs.tf","path":"examples/docker-service-with-alb-and-nlb/outputs.tf","sha":"ef9a609942f94398422cc64cc257889bbcb485f8"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-alb-and-nlb/user-data/user-data.sh","sha":"5ed91084021a44a3678872771365e574ef7f40c9"}]},{"name":"vars.tf","path":"examples/docker-service-with-alb-and-nlb/vars.tf","sha":"267da866be06fca9cc5c12429a3ddb14841e2850"}]},{"name":"docker-service-with-alb-autoscaling","children":[{"name":"README.md","path":"examples/docker-service-with-alb-autoscaling/README.md","sha":"8ef7623bdc0058639976fed36e2540763aafac95"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-alb-autoscaling/containers/container-definition.json","sha":"4e28c983a3050ab7a18fd3e9d9ac4730bd9b285e"}]},{"name":"main.tf","path":"examples/docker-service-with-alb-autoscaling/main.tf","sha":"5f816db5e2dcfec014ef04eae1a9b1f83cd30d2b"},{"name":"outputs.tf","path":"examples/docker-service-with-alb-autoscaling/outputs.tf","sha":"2d96077e349d62d3e60a0eea34529ceb33e4da52"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-alb-autoscaling/user-data/user-data.sh","sha":"5ed91084021a44a3678872771365e574ef7f40c9"}]},{"name":"vars.tf","path":"examples/docker-service-with-alb-autoscaling/vars.tf","sha":"b5da959dff86c3b9bcec29b01b294d889dbf1d1a"}]},{"name":"docker-service-with-alb-canary","children":[{"name":"README.md","path":"examples/docker-service-with-alb-canary/README.md","sha":"d0036aaa886915db2ba8976fd7e21486f111e11c"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-alb-canary/containers/container-definition.json","sha":"4e28c983a3050ab7a18fd3e9d9ac4730bd9b285e"}]},{"name":"main.tf","path":"examples/docker-service-with-alb-canary/main.tf","sha":"c6c5589d7c4a96f9b2574ec32112ef8a663b28a3"},{"name":"outputs.tf","path":"examples/docker-service-with-alb-canary/outputs.tf","sha":"2d96077e349d62d3e60a0eea34529ceb33e4da52"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-alb-canary/user-data/user-data.sh","sha":"5ed91084021a44a3678872771365e574ef7f40c9"}]},{"name":"vars.tf","path":"examples/docker-service-with-alb-canary/vars.tf","sha":"66d5e62ef077265a81611f242c0f434667484d25"}]},{"name":"docker-service-with-alb","children":[{"name":"README.md","path":"examples/docker-service-with-alb/README.md","sha":"589149955be5732eb79a478aed058fc632dc371c"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-alb/containers/container-definition.json","sha":"4a3a2851994cdf389b9a3a9a0bb324981f0d4d59"}]},{"name":"main.tf","path":"examples/docker-service-with-alb/main.tf","sha":"68792e5c66af8c878ba2dc567cb72bb4db08421b"},{"name":"outputs.tf","path":"examples/docker-service-with-alb/outputs.tf","sha":"5ca6edc9e60ae3bfb6ef13003fe8236ebbb39821"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-alb/user-data/user-data.sh","sha":"5ed91084021a44a3678872771365e574ef7f40c9"}]},{"name":"vars.tf","path":"examples/docker-service-with-alb/vars.tf","sha":"8b9b459c2c1f27cefe0beeca63dc1022729239ac"}]},{"name":"docker-service-with-autoscaling","children":[{"name":"README.md","path":"examples/docker-service-with-autoscaling/README.md","sha":"a57a30c7214f71ffc08650301d46a2ea973aa1ba"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-autoscaling/containers/container-definition.json","sha":"ddcd10cc00465f84a8ce9eb7d937f1cc648bfa7b"}]},{"name":"main.tf","path":"examples/docker-service-with-autoscaling/main.tf","sha":"4077830f9b19e33ce4942750383f797359bf320d"},{"name":"outputs.tf","path":"examples/docker-service-with-autoscaling/outputs.tf","sha":"c30e145beded6bc152c3e290c6230b31cb89ff71"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-autoscaling/user-data/user-data.sh","sha":"5ed91084021a44a3678872771365e574ef7f40c9"}]},{"name":"vars.tf","path":"examples/docker-service-with-autoscaling/vars.tf","sha":"241c6c462b329433f28ca06ae6bbde09577b3b8e"}]},{"name":"docker-service-with-canary-deployment","children":[{"name":"README.md","path":"examples/docker-service-with-canary-deployment/README.md","sha":"2eeccfce1d53f5bc3b12fffaa830538a78400cd7"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-canary-deployment/containers/container-definition.json","sha":"ddcd10cc00465f84a8ce9eb7d937f1cc648bfa7b"}]},{"name":"main.tf","path":"examples/docker-service-with-canary-deployment/main.tf","sha":"11aea3ea5f9d5545f6a736e4faaccedd8634d875"},{"name":"outputs.tf","path":"examples/docker-service-with-canary-deployment/outputs.tf","sha":"c30e145beded6bc152c3e290c6230b31cb89ff71"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-canary-deployment/user-data/user-data.sh","sha":"5ed91084021a44a3678872771365e574ef7f40c9"}]},{"name":"vars.tf","path":"examples/docker-service-with-canary-deployment/vars.tf","sha":"dbdb54a0d7c12b021ca4c37a2b1a526e86b3fdb9"}]},{"name":"docker-service-with-elb","children":[{"name":"README.md","path":"examples/docker-service-with-elb/README.md","sha":"f22cb6c52c7e991992c9cf7683a5f71d60c904ae"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-elb/containers/container-definition.json","sha":"ddcd10cc00465f84a8ce9eb7d937f1cc648bfa7b"}]},{"name":"main.tf","path":"examples/docker-service-with-elb/main.tf","sha":"28c2c6c85ee40f5ff13a7b015fd54af451d75620"},{"name":"outputs.tf","path":"examples/docker-service-with-elb/outputs.tf","sha":"9e06fbf3bd18efdea1c96669b89cf69ddbc69f39"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-elb/user-data/user-data.sh","sha":"83a55d65d90492a33029e246ecd0ca9046a4e27d"}]},{"name":"vars.tf","path":"examples/docker-service-with-elb/vars.tf","sha":"58a0978bac48cf9508d4a94f031ab4858ef833d8"}]},{"name":"docker-service-with-private-discovery","children":[{"name":"README.md","path":"examples/docker-service-with-private-discovery/README.md","sha":"03c1d0863e05e6be054b9f8ae83ddc236ecc4c0f"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-private-discovery/containers/container-definition.json","sha":"d5beb20e8e729d072992009ac38fe67018ef684a"}]},{"name":"main.tf","path":"examples/docker-service-with-private-discovery/main.tf","sha":"e28485d60b963002ad95586857a1fd3147844b33"},{"name":"outputs.tf","path":"examples/docker-service-with-private-discovery/outputs.tf","sha":"ac153ce17150d268fb0567f0ba66cabce6daf63f"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-private-discovery/user-data/user-data.sh","sha":"7b474fe788eb9581b91f5f58b0cc09d4201a2013"}]},{"name":"vars.tf","path":"examples/docker-service-with-private-discovery/vars.tf","sha":"eebcce7a48919fd9fe07667886d3ca1c382e1c43"}]},{"name":"docker-service-with-public-discovery","children":[{"name":"README.md","path":"examples/docker-service-with-public-discovery/README.md","sha":"d7d87171441af601b8a554b3de49fc87b7fd0772"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-with-public-discovery/containers/container-definition.json","sha":"d5beb20e8e729d072992009ac38fe67018ef684a"}]},{"name":"main.tf","path":"examples/docker-service-with-public-discovery/main.tf","sha":"872cf125c9a1d435b0c848ee7fcf1af766bc3f31"},{"name":"outputs.tf","path":"examples/docker-service-with-public-discovery/outputs.tf","sha":"ac153ce17150d268fb0567f0ba66cabce6daf63f"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-with-public-discovery/user-data/user-data.sh","sha":"7b474fe788eb9581b91f5f58b0cc09d4201a2013"}]},{"name":"vars.tf","path":"examples/docker-service-with-public-discovery/vars.tf","sha":"a2a3637fd1a2bcdd161d607e1987677c252757ae"}]},{"name":"docker-service-without-elb","children":[{"name":"README.md","path":"examples/docker-service-without-elb/README.md","sha":"178a8376a2225be3c9d760f26c72e46841e0c2b7"},{"name":"containers","children":[{"name":"container-definition.json","path":"examples/docker-service-without-elb/containers/container-definition.json","sha":"ddcd10cc00465f84a8ce9eb7d937f1cc648bfa7b"}]},{"name":"main.tf","path":"examples/docker-service-without-elb/main.tf","sha":"d51384a22a031fef6e4b7c4142ac65e0245c0f8c"},{"name":"outputs.tf","path":"examples/docker-service-without-elb/outputs.tf","sha":"ca3a10bee0379ce40a82d45806fa72350f5ae641"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/docker-service-without-elb/user-data/user-data.sh","sha":"5ed91084021a44a3678872771365e574ef7f40c9"}]},{"name":"vars.tf","path":"examples/docker-service-without-elb/vars.tf","sha":"679bab7c39f3d2303c153912b5dcf69c385c16ce"}]},{"name":"example-docker-image","children":[{"name":"Dockerfile","path":"examples/example-docker-image/Dockerfile","sha":"f2d4b71ade7473254eb2af4bc49f4e0088e4f77b"},{"name":"README.md","path":"examples/example-docker-image/README.md","sha":"272b6c12cad7ba326582bfca11fce195912021c4"},{"name":"server.js","path":"examples/example-docker-image/server.js","sha":"965b6a2342144bac9559d1328c09f64f31fb4501"}]},{"name":"example-ecs-instance-ami","children":[{"name":"README.md","path":"examples/example-ecs-instance-ami/README.md","sha":"0a239a9c1d5aa7e1a889d40650fbed1cb14f8e8a"},{"name":"build.json","path":"examples/example-ecs-instance-ami/build.json","sha":"5eaaca739381f47b427f021fb464894a87c67948"}]},{"name":"example-vpc","children":[{"name":"README.md","path":"examples/example-vpc/README.md","sha":"f938024fd49977302bcb7982a0b7e9049574a78d"},{"name":"main.tf","path":"examples/example-vpc/main.tf","sha":"c5a37db7dd18e45df6642b43c1c6f310ded75b27"},{"name":"outputs.tf","path":"examples/example-vpc/outputs.tf","sha":"29fe3a59a33e3648c3cdf0afbcc6b7224e1b81ea"},{"name":"vars.tf","path":"examples/example-vpc/vars.tf","sha":"668e867d5bc0938a092cc35a52093d05ede78cfe"}]}]},{"name":"modules","children":[{"name":"ecs-cluster","children":[{"name":"README.md","path":"modules/ecs-cluster/README.md","sha":"d7ce3143346786e3726dd80f8ce163a58d7362f3","toggled":true},{"name":"main.tf","path":"modules/ecs-cluster/main.tf","sha":"d3beb5bfc646502962f57e3fda523d33f74c9102"},{"name":"outputs.tf","path":"modules/ecs-cluster/outputs.tf","sha":"4fb19d2044c94fcd8890c2afc76065f943317a97"},{"name":"roll-out-ecs-cluster-update.py","path":"modules/ecs-cluster/roll-out-ecs-cluster-update.py","sha":"45943e2c81e886d64eb0b437183a52b87466efd2"},{"name":"vars.tf","path":"modules/ecs-cluster/vars.tf","sha":"05e74a3b04bd966c6d6fb359cc04267bb9abc9cf"}],"toggled":true},{"name":"ecs-daemon-service","children":[{"name":"README.md","path":"modules/ecs-daemon-service/README.md","sha":"93e576a1648fab47ad7b6bb013140f361d19c5ba"},{"name":"main.tf","path":"modules/ecs-daemon-service/main.tf","sha":"f07f5876850e9f6eaec9e98139dc4fe928c4c973"},{"name":"outputs.tf","path":"modules/ecs-daemon-service/outputs.tf","sha":"b14be6c2f9498c05be9d3843437940b933b3b669"},{"name":"vars.tf","path":"modules/ecs-daemon-service/vars.tf","sha":"195dc115d942df92aef93852df6b3e7e30236eaa"}]},{"name":"ecs-deploy-check-binaries","children":[{"name":"README.md","path":"modules/ecs-deploy-check-binaries/README.md","sha":"5f819dfaab1a1fe16f29314a2117cd14fcb4bb33"},{"name":"bin","children":[{"name":"check-ecs-service-deployment","path":"modules/ecs-deploy-check-binaries/bin/check-ecs-service-deployment","sha":"b162ec0c95bd1260995ccc383b89fb1528086d65"},{"name":"check_ecs_service_deployment_env.pex","path":"modules/ecs-deploy-check-binaries/bin/check_ecs_service_deployment_env.pex","sha":"089742e3c1d2b6d38c953adb7f66606858fd4ec1"},{"name":"entrypoint.py","path":"modules/ecs-deploy-check-binaries/bin/entrypoint.py","sha":"09af8e557b93844ce66a028e594b885498eef99c"}]},{"name":"build.sh","path":"modules/ecs-deploy-check-binaries/build.sh","sha":"c4195f1c571a197e2a40b46e8a5896080aa0c260"},{"name":"check_ecs_service_deployment","children":[{"name":"__init__.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/__init__.py","sha":"e69de29bb2d1d6434b8b29ae775ad8c2e48c5391"},{"name":"checker","children":[{"name":"__init__.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/checker/__init__.py","sha":"b3604eaedc6d77c18dd31a282af88377b642073d"},{"name":"active_tasks_checker.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/checker/active_tasks_checker.py","sha":"5aa07c2ef3265ecdd3396be3eca962dfed893975"},{"name":"base.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/checker/base.py","sha":"b43e7a9f8989b2b6ec9c428c02b7129146c03c9e"},{"name":"daemon_service_checker.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/checker/daemon_service_checker.py","sha":"2843fa595ebfb6137601051d3c5183727605c6ad"},{"name":"loadbalancer_checker.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/checker/loadbalancer_checker.py","sha":"8d0dbd74f85aa74171899a2b3e27295ac0e523c4"}]},{"name":"exceptions.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/exceptions.py","sha":"12ef9651649f2c99ac6cba7a54314a8da197a2b3"},{"name":"utils.py","path":"modules/ecs-deploy-check-binaries/check_ecs_service_deployment/utils.py","sha":"d37d04f0265fe0a6a1faa0bad67358d4c21dc2ac"}]},{"name":"dev_requirements.txt","path":"modules/ecs-deploy-check-binaries/dev_requirements.txt","sha":"923be60db2d99bbeefbedf796478539f78712828"},{"name":"requirements.txt","path":"modules/ecs-deploy-check-binaries/requirements.txt","sha":"1b1257ceb0ad6adb051fe8a2c90392bd93d24a29"}]},{"name":"ecs-deploy","children":[{"name":"README.md","path":"modules/ecs-deploy/README.md","sha":"5bfb0c6c4d6197666f9df3a8ef7c0a63f2579171"},{"name":"bin","children":[{"name":"run-ecs-task","path":"modules/ecs-deploy/bin/run-ecs-task","sha":"86161970f9dae0d327ace437a1dfe6dec39ccef5"}]},{"name":"install.sh","path":"modules/ecs-deploy/install.sh","sha":"c322bebba62fd5a63e7bcb73010f9a52da1137f1"}]},{"name":"ecs-fargate","children":[{"name":"README.md","path":"modules/ecs-fargate/README.md","sha":"d3233fc90051979d17b6d4d9654aa003245837c9"}]},{"name":"ecs-scripts","children":[{"name":"README.md","path":"modules/ecs-scripts/README.md","sha":"d1ece4d7573a4e157409ae72075bc5d2a1849812"},{"name":"bin","children":[{"name":"configure-ecs-instance","path":"modules/ecs-scripts/bin/configure-ecs-instance","sha":"6c1a6a842e1d88cda9fb81d9c61817ebf0232bad"}]},{"name":"install.sh","path":"modules/ecs-scripts/install.sh","sha":"927760f5584ad2019b0ff31424ba8853a27aeffc"}]},{"name":"ecs-service-with-alb","children":[{"name":"README.md","path":"modules/ecs-service-with-alb/README.md","sha":"51c9015df45f7eb2470a826a9113463035ea00fb"}]},{"name":"ecs-service-with-discovery","children":[{"name":"README.md","path":"modules/ecs-service-with-discovery/README.md","sha":"40f05c5aeb3245e474f98605753b9051adef3e4c"}]},{"name":"ecs-service","children":[{"name":"README-ECS-Fargate.adoc","path":"modules/ecs-service/README-ECS-Fargate.adoc","sha":"06c828c343a03aaa8fe84a291c8eeb0ce31d1669"},{"name":"README.adoc","path":"modules/ecs-service/README.adoc","sha":"67662d058d09066a4da6823ca90c460e10bb1477"},{"name":"auto_scaling.tf","path":"modules/ecs-service/auto_scaling.tf","sha":"c344260ad32cdc38a284433f90a3c9f500f38db2"},{"name":"core-concepts.md","path":"modules/ecs-service/core-concepts.md","sha":"7743123a8acf9203348b063715ce2ffa5b5686da"},{"name":"deployment_check.tf","path":"modules/ecs-service/deployment_check.tf","sha":"2062aa9be3e08794466c975299dab3febcabf50b"},{"name":"elb.tf","path":"modules/ecs-service/elb.tf","sha":"16837ad6323ce3915b5dc1129cfaa44ee796338a"},{"name":"main.tf","path":"modules/ecs-service/main.tf","sha":"37460475e3e1b4b44d645cef549180f543c4caf3"},{"name":"outputs.tf","path":"modules/ecs-service/outputs.tf","sha":"a26219239f25d23969cead060c178c0338147934"},{"name":"service_discovery.tf","path":"modules/ecs-service/service_discovery.tf","sha":"27096ac9b2593fdd4b78dc548ddfb05d0f26c10c"},{"name":"task_definition.tf","path":"modules/ecs-service/task_definition.tf","sha":"5f691a7c1ae93c9044fb38763eacda9e2802404d"},{"name":"vars.tf","path":"modules/ecs-service/vars.tf","sha":"669556a59ea88346e4bf54c6c0c93fd3a36586e0"}]}],"toggled":true},{"name":"setup.cfg","path":"setup.cfg","sha":"6deafc261704e20369c0983af88042e502ae4880"},{"name":"test","children":[{"name":"README.md","path":"test/README.md","sha":"b830ee03876dc0fc207b0c0fc9a72d83013ec6f1"},{"name":"deploy_ecs_task_test.go","path":"test/deploy_ecs_task_test.go","sha":"47e0d76b58ab5a3685f4777c3098bc4735efaaab"},{"name":"docker_daemon_service_test.go","path":"test/docker_daemon_service_test.go","sha":"5f0744dbc3de66ea12282eda437153a339ce3c2c"},{"name":"docker_ec2_service_test.go","path":"test/docker_ec2_service_test.go","sha":"dda5bbb1b4e6b319cadb657bbaa1f6000106df97"},{"name":"docker_fargate_service_alb_deployment_check_fail_by_container_test.go","path":"test/docker_fargate_service_alb_deployment_check_fail_by_container_test.go","sha":"b2e4eef2e3868262d653766927ce2da384a3bb28"},{"name":"docker_fargate_service_nlb_deployment_check_fail_by_container_test.go","path":"test/docker_fargate_service_nlb_deployment_check_fail_by_container_test.go","sha":"e2ee6b72b7400b344dadca3e26a0812a20457f57"},{"name":"docker_fargate_service_with_alb_test.go","path":"test/docker_fargate_service_with_alb_test.go","sha":"78bd52c37c402807900f52cac2600edc8babec50"},{"name":"docker_fargate_service_with_efs_volume_test.go","path":"test/docker_fargate_service_with_efs_volume_test.go","sha":"a1a1ea8565f4e2c90d4c45ea0db582c142d17440"},{"name":"docker_fargate_service_with_nlb_test.go","path":"test/docker_fargate_service_with_nlb_test.go","sha":"03d16ba7bfafce73f646ae0b435a5927b4586efd"},{"name":"docker_fargate_service_without_lb_deployment_check_fail_by_container_test.go","path":"test/docker_fargate_service_without_lb_deployment_check_fail_by_container_test.go","sha":"79cc5d902515349ecded94ce243ba5389e43dfe3"},{"name":"docker_fargate_service_without_lb_test.go","path":"test/docker_fargate_service_without_lb_test.go","sha":"7ebffbe0dd7221a154edb62e2b58dd9d1e6493e5"},{"name":"docker_fargate_spot_service_with_alb_test.go","path":"test/docker_fargate_spot_service_with_alb_test.go","sha":"136f85e2ab314a8dc3f1af248c2608aadb992b9d"},{"name":"docker_service_failure_testing_utils.go","path":"test/docker_service_failure_testing_utils.go","sha":"69a9c18c777338e1b5a06e8d73f4aa60b5778311"},{"name":"docker_service_utils.go","path":"test/docker_service_utils.go","sha":"1ba9fc710ef612c16c3a78087624c9433e4bd702"},{"name":"docker_service_with_alb_and_nlb_test.go","path":"test/docker_service_with_alb_and_nlb_test.go","sha":"23410ceb1e9e008d2327fc75556924e38f65f893"},{"name":"docker_service_with_alb_deployment_check_fail_test.go","path":"test/docker_service_with_alb_deployment_check_fail_test.go","sha":"9191b6561b3f03aff5e3237594bf30815220e763"},{"name":"docker_service_with_alb_test.go","path":"test/docker_service_with_alb_test.go","sha":"634d085812ab6e6d3223e10bd4afd7109c46ae7a"},{"name":"docker_service_with_autoscaling_deployment_check_fail_test.go","path":"test/docker_service_with_autoscaling_deployment_check_fail_test.go","sha":"5fd68e10a0e39e75bca60f54e8de0049463006b1"},{"name":"docker_service_with_autoscaling_test.go","path":"test/docker_service_with_autoscaling_test.go","sha":"1f8235bafea1e161fe16d090ba7a7b920588a43e"},{"name":"docker_service_with_canary_deployment_check_fail_test.go","path":"test/docker_service_with_canary_deployment_check_fail_test.go","sha":"e9510f9b5b9657ae7d84e5be6ecf1fa57f630773"},{"name":"docker_service_with_canary_deployment_test.go","path":"test/docker_service_with_canary_deployment_test.go","sha":"dd2557690c5ff82a2a6e07ad6fda11cd23881647"},{"name":"docker_service_with_discovery_check_fail_test.go","path":"test/docker_service_with_discovery_check_fail_test.go","sha":"16ed1d879885c6b08389646e6978d4310a03630a"},{"name":"docker_service_with_discovery_test.go","path":"test/docker_service_with_discovery_test.go","sha":"1bb23ee2db08a16e8ec5d8d1159f6701456a8b43"},{"name":"docker_service_with_elb_deployment_check_fail_test.go","path":"test/docker_service_with_elb_deployment_check_fail_test.go","sha":"7511d8951bdd002d75f4fa0b0d1744edbd30f536"},{"name":"docker_service_with_elb_test.go","path":"test/docker_service_with_elb_test.go","sha":"42883f7151820be8925b11b23c35a303c443d7e6"},{"name":"docker_service_without_elb_deployment_check_fail_test.go","path":"test/docker_service_without_elb_deployment_check_fail_test.go","sha":"b60ee57bab6a76516fcddb081ebb53a687a396a7"},{"name":"docker_service_without_elb_test.go","path":"test/docker_service_without_elb_test.go","sha":"c473118e08a5cacaac408036a83bade7648d1cfc"},{"name":"ec2_amazon_linux2_test.go","path":"test/ec2_amazon_linux2_test.go","sha":"8d34c658442be08dce0fff2ddf2e2ec4a326cd9c"},{"name":"go.mod","path":"test/go.mod","sha":"4b74de9b9dc032b2e000d4490e60825a915b455c"},{"name":"go.sum","path":"test/go.sum","sha":"0e45822ec320a7e63a25898067c5dfca650ebafc"},{"name":"script_tests","children":[{"name":"executor.sh","path":"test/script_tests/executor.sh","sha":"dedf71d5d3120275daa4df86b8a91c85b58a66b6"},{"name":"requirements.txt","path":"test/script_tests/requirements.txt","sha":"d1d1278133fea59fee5fc14c2a5db35c99bd6fe1"},{"name":"test_check_ecs_service_deployment.py","path":"test/script_tests/test_check_ecs_service_deployment.py","sha":"daabc761bdaeaf467cbfbca0cb2d91efb3179c4a"},{"name":"tox.ini","path":"test/script_tests/tox.ini","sha":"96464a47dbc3209aac0b6eeb9ddb72daff7cb72e"}]},{"name":"terratest_options.go","path":"test/terratest_options.go","sha":"eff051a03b62f1ddbb3e2c2ca4af64cb69837586"},{"name":"test_helpers.go","path":"test/test_helpers.go","sha":"d733b7ec8561340af3840b3e35ee3434673ffd1d"}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"ecs-cluster-module\">ECS Cluster Module</h1><div class=\"preview__body--border\"></div><p>This Terraform Module launches an <a href=\"http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_clusters.html\" class=\"preview__body--description--blue\" target=\"_blank\">EC2 Container Service\nCluster</a> that you can use to run\nDocker containers and services (see the <a href=\"/repos/v0.20.4/module-ecs/modules/ecs-service/README.adoc\" class=\"preview__body--description--blue\">ecs-service module</a>).</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-use-this-module\">How do you use this module?</h2>\n<ul>\n<li>See the <a href=\"/repos/v0.20.4/module-ecs/README.adoc\" class=\"preview__body--description--blue\">root README</a> for instructions on using Terraform modules.</li>\n<li>See the <a href=\"/repos/v0.20.4/module-ecs/examples\" class=\"preview__body--description--blue\">examples</a> folder for example usage.</li>\n<li>See <a href=\"/repos/v0.20.4/module-ecs/modules/ecs-cluster/vars.tf\" class=\"preview__body--description--blue\">vars.tf</a> for all the variables you can set on this module.</li>\n<li>See the <a href=\"/repos/v0.20.4/module-ecs/modules/ecs-service/README.adoc\" class=\"preview__body--description--blue\">ecs-service module</a> for how to run Docker containers across this cluster.</li>\n</ul>\n<h2 class=\"preview__body--subtitle\" id=\"what-is-an-ecs-cluster\">What is an ECS Cluster?</h2>\n<p>To use ECS with the EC2 launch type, you first deploy one or more EC2 Instances into a "cluster". The ECS scheduler can\nthen deploy Docker containers across any of the instances in this cluster. Each instance needs to have the <a href=\"http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_agent.html\" class=\"preview__body--description--blue\" target=\"_blank\">Amazon ECS\nAgent</a> installed so it can communicate with\nECS and register itself as part of the right cluster.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-run-docker-containers-on-the-cluster\">How do you run Docker containers on the cluster?</h2>\n<p>See the <a href=\"/repos/v0.20.4/module-ecs/modules/ecs-service/README.adoc\" class=\"preview__body--description--blue\">service module</a>.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-add-additional-security-group-rules\">How do you add additional security group rules?</h2>\n<p>To add additional security group rules to the EC2 Instances in the ECS cluster, you can use the\n<a href=\"https://www.terraform.io/docs/providers/aws/r/security_group_rule.html\" class=\"preview__body--description--blue\" target=\"_blank\">aws_security_group_rule</a> resource, and set its\n<code>security_group_id</code> argument to the Terraform output of this module called <code>ecs_instance_security_group_id</code>. For\nexample, here is how you can allow the EC2 Instances in this cluster to allow incoming HTTP requests on port 8080:</p>\n<pre>module <span class=\"hljs-string\">\"ecs_cluster\"</span> {\n # (arguments omitted)\n}\n<span class=\"hljs-built_in\">\nresource </span><span class=\"hljs-string\">\"aws_security_group_rule\"</span> <span class=\"hljs-string\">\"allow_inbound_http_from_anywhere\"</span> {\n <span class=\"hljs-built_in\"> type </span>= <span class=\"hljs-string\">\"ingress\"</span>\n from_port = 8080\n to_port = 8080\n protocol = <span class=\"hljs-string\">\"tcp\"</span>\n cidr_blocks = [<span class=\"hljs-string\">\"0.0.0.0/0\"</span>]\n\n security_group_id = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${module.ecs_cluster.ecs_instance_security_group_id}</span>\"</span>\n}\n</pre>\n<p><strong>Note</strong>: The security group rules you add will apply to ALL Docker containers running on these EC2 Instances. There is\ncurrently no way in ECS to manage security group rules on a per-Docker-container basis.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-add-additional-iam-policies\">How do you add additional IAM policies?</h2>\n<p>To add additional IAM policies to the EC2 Instances in the ECS cluster, you can use the\n<a href=\"https://www.terraform.io/docs/providers/aws/r/iam_role_policy.html\" class=\"preview__body--description--blue\" target=\"_blank\">aws_iam_role_policy</a> or\n<a href=\"https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html\" class=\"preview__body--description--blue\" target=\"_blank\">aws_iam_policy_attachment</a> resources, and\nset the IAM role id to the Terraform output of this module called <code>ecs_instance_iam_role_name</code> . For example, here is how\nyou can allow the EC2 Instances in this cluster to access an S3 bucket:</p>\n<pre>module <span class=\"hljs-string\">\"ecs_cluster\"</span> {\n # (arguments omitted)\n}\n<span class=\"hljs-built_in\">\nresource </span><span class=\"hljs-string\">\"aws_iam_role_policy\"</span> <span class=\"hljs-string\">\"access_s3_bucket\"</span> {\n name = <span class=\"hljs-string\">\"access_s3_bucket\"</span>\n role = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${module.ecs_cluster.ecs_instance_iam_role_name}</span>\"</span>\n <span class=\"hljs-built_in\"> policy </span>= <<EOF\n{\n <span class=\"hljs-string\">\"Version\"</span>: <span class=\"hljs-string\">\"2012-10-17\"</span>,\n <span class=\"hljs-string\">\"Statement\"</span>: [\n {\n <span class=\"hljs-string\">\"Sid\"</span>: <span class=\"hljs-string\">\"\"</span>,\n <span class=\"hljs-string\">\"Effect\"</span>:<span class=\"hljs-string\">\"Allow\"</span>,\n <span class=\"hljs-string\">\"Action\"</span>: <span class=\"hljs-string\">\"s3:GetObject\"</span>,\n <span class=\"hljs-string\">\"Resource\"</span>: <span class=\"hljs-string\">\"arn:aws:s3:::examplebucket/*\"</span>\n }\n ]\n}\nEOF\n}\n</pre>\n<p><strong>Note</strong>: The IAM policies you add will apply to ALL Docker containers running on these EC2 Instances. There is\ncurrently no way in ECS to manage IAM policies on a per-Docker-container basis.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-make-changes-to-the-ec-2-instances-in-the-cluster\">How do you make changes to the EC2 Instances in the cluster?</h2>\n<p>To deploy an update to an ECS Service, see the <a href=\"/repos/v0.20.4/module-ecs/modules/ecs-service\" class=\"preview__body--description--blue\">ecs-service module</a>. To deploy an update to the\nEC2 Instances in your ECS cluster, such as a new AMI, read on.</p>\n<p>Terraform and AWS do not provide a way to automatically roll out a change to the Instances in an ECS Cluster. Due to\nTerraform limitations (see <a href=\"/repos/v0.20.4/module-ecs\" class=\"preview__body--description--blue\">here for a discussion</a>), there is\ncurrently no way to implement this purely in Terraform code. Therefore, we've created a script called\n<code>roll-out-ecs-cluster-update.py</code> that can do a zero-downtime roll out for you.</p>\n<h3 class=\"preview__body--subtitle\" id=\"how-to-use-the-roll-out-ecs-cluster-update-py-script\">How to use the roll-out-ecs-cluster-update.py script</h3>\n<p>First, make sure you have the latest version of the <a href=\"https://github.com/boto/boto3\" class=\"preview__body--description--blue\" target=\"_blank\">AWS Python SDK (boto3)</a> installed\n(e.g. <code>pip install boto3</code>).</p>\n<p>To deploy a change such as rolling out a new AMI to all ECS Instances:</p>\n<ol>\n<li>\n<p>Make sure the <code>cluster_max_size</code> is at least twice the size of <code>cluster_min_size</code>. The extra capacity will be used\nto deploy the updated instances.</p>\n</li>\n<li>\n<p>Update the Terraform code with your changes (e.g. update the <code>cluster_instance_ami</code> variable to a new AMI).</p>\n</li>\n<li>\n<p>Run <code>terraform apply</code>.</p>\n</li>\n<li>\n<p>Run the script:</p>\n<pre><span class=\"hljs-keyword\">python</span> <span class=\"hljs-keyword\">roll</span>-out-ecs-<span class=\"hljs-keyword\">cluster</span>-update.py --asg-name ASG_NAME --<span class=\"hljs-keyword\">cluster</span>-name CLUSTER_NAME --aws-region AWS_REGION\n</pre>\n<p>If you have your output variables configured as shown in <a href=\"/repos/v0.20.4/module-ecs/examples/docker-service-with-elb/outputs.tf\" class=\"preview__body--description--blue\">outputs.tf</a>\nof the <a href=\"/repos/v0.20.4/module-ecs/examples/docker-service-with-elb\" class=\"preview__body--description--blue\">docker-service-with-elb example</a>, you can use the <code>terraform output</code>\ncommand to fill in most of the arguments automatically:</p>\n<pre>python roll-out-ecs-cluster-update.py \\\n --asg-name <span class=\"hljs-constructor\">$(<span class=\"hljs-params\">terragrunt</span> <span class=\"hljs-params\">output</span> -<span class=\"hljs-params\">no</span>-<span class=\"hljs-params\">color</span> <span class=\"hljs-params\">asg_name</span>)</span> \\\n --cluster-name <span class=\"hljs-constructor\">$(<span class=\"hljs-params\">terragrunt</span> <span class=\"hljs-params\">output</span> -<span class=\"hljs-params\">no</span>-<span class=\"hljs-params\">color</span> <span class=\"hljs-params\">ecs_cluster_name</span>)</span> \\\n --aws-region <span class=\"hljs-constructor\">$(<span class=\"hljs-params\">terragrunt</span> <span class=\"hljs-params\">output</span> -<span class=\"hljs-params\">no</span>-<span class=\"hljs-params\">color</span> <span class=\"hljs-params\">aws_region</span>)</span>\n</pre>\n</li>\n</ol>\n<p>To avoid the need to install python dependencies on your local machine, you may chose to use docker.</p>\n<ol>\n<li>\n<p>Navigate to the directory that you have downloaded <code>roll-out-ecs-cluster-update.py</code>:</p>\n</li>\n<li>\n<p>If you use <a href=\"https://github.com/99designs/aws-vault\" class=\"preview__body--description--blue\" target=\"_blank\">aws-vault</a>, you can run the following to make your aws\ncredentials available to the container. If you do not use <code>aws-vault</code>, you will have to manually use the <code>--env</code>\noption of <code>docker run</code></p>\n<pre>docker run \\\n -<span class=\"ruby\">it --rm -v <span class=\"hljs-string\">\"$PWD\"</span><span class=\"hljs-symbol\">:/usr/src</span> -w /usr/src \\\n</span> -<span class=\"ruby\">-env-file <(aws-vault exec --assume-role-ttl=<span class=\"hljs-number\">1</span>h PROFIE -- env <span class=\"hljs-params\">| grep AWS) \\\n</span></span> python:2.7-alpine \\\n sh -c \"pip install boto3 && python roll-out-ecs-cluster-update.py \\\n -<span class=\"ruby\"><span class=\"hljs-params\">-asg-name ASG_NAME \\\n</span></span> -<span class=\"ruby\"><span class=\"hljs-params\">-cluster-name CLUSTER_NAME \\\n</span></span> -<span class=\"ruby\"><span class=\"hljs-params\">-aws-region AWS_REGION\"\n</span></span></pre>\n</li>\n</ol>\n<h3 class=\"preview__body--subtitle\" id=\"how-roll-out-ecs-cluster-update-py-works\">How roll-out-ecs-cluster-update.py works</h3>\n<p>The <code>roll-out-ecs-cluster-update.py</code> script does the following:</p>\n<ol>\n<li>Double the desired capacity of the Auto Scaling Group that powers the ECS Cluster. This causes EC2 Instances to\ndeploy with the new launch configuration.</li>\n<li>Put all the old ECS Instances in DRAINING state so all ECS Tasks are migrated off of them to the new Instances.</li>\n<li>Wait for all ECS Tasks to migrate off the old Instances.</li>\n<li>Set the desired capacity of the Auto Scaling Group back to its original value.</li>\n</ol>\n","repoName":"module-ecs","repoRef":"v0.20.7","serviceDescriptor":{"serviceName":"ECS Service","serviceRepoName":"module-ecs","serviceRepoOrg":"gruntwork-io","serviceMainReadmePath":"/modules/ecs-service-with-alb","cloudProviders":["aws"],"description":"Deploy an ECS service with zero-downtime, rolling deployment, IAM Role, auto scaling, and more.","imageUrl":"ecs.png","licenseType":"subscriber","technologies":["Terraform","Python"],"compliance":[],"tags":[""]},"serviceCategoryName":"Docker services","fileName":"README.md","filePath":"/modules/ecs-cluster","title":"Repo Browser: ECS Service","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}