Install on Amazon Elastic Container Service (ECS) running on EC2
This page describes how to install the host-based agent into an Elastic Container Service (ECS) cluster running on EC2 using ECS Daemon Scheduling.
There are two ways to setup the agent:
Note: This is the preferred mechanism to deploy the agent across your ECS on EC2 clusters!
See the Amazon ECS Container Instance documentation for using User Data mechanism on new EC2 instances. See also our Install on Linux Hosts section for setting up the agent.
For querying metadata the IAM role
arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess must be assigned to the EC2 Task Definition running the steadybit agent.Alternatively you can create your own policy with the following IAM permissions and attach that to the Task Definition Role:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ec2:Describe*",
"Resource": "*"
}
]
}
Note: Due to security issues the Host Shutdown Attack will not work with this setup method.
For your convenience we have prepared an example task definition to use. Please fill in the missing "replace-with" prefixed fields:
{
"ipcMode": "host",
"placementConstraints": [],
"taskRoleArn": "",
"family": "steadybit-agent",
"pidMode": "host",
"requiresCompatibilities": [
"EC2"
],
"networkMode": "host",
"cpu": "512",
"memory": "1024",
"executionRoleArn": "<replace-with-execution-role-arn>",
"containerDefinitions": [
{
"logConfiguration": {
"logDriver": "json-file"
},
"portMappings": [],
"environment": [
{
"name": "STEADYBIT_AGENT_KEY",
"value": "<replace-with-agent-key>"
}
],
"mountPoints": [
{
"readOnly": false,
"containerPath": "/var/run",
"sourceVolume": "var_run"
},
{
"readOnly": false,
"containerPath": "/run",
"sourceVolume": "run"
},
{
"readOnly": false,
"containerPath": "/sys",
"sourceVolume": "sys"
},
{
"readOnly": false,
"containerPath": "/dev",
"sourceVolume": "dev"
},
{
"readOnly": false,
"containerPath": "/var/log",
"sourceVolume": "var_log"
}
],
"image": "steadybit/agent:latest",
"name": "steadybit-agent"
}
],
"volumes": [
{
"name": "dev",
"host": {
"sourcePath": "/dev"
},
"dockerVolumeConfiguration": null
},
{
"name": "sys",
"host": {
"sourcePath": "/sys"
},
"dockerVolumeConfiguration": null
},
{
"name": "var_run",
"host": {
"sourcePath": "/var/run"
},
"dockerVolumeConfiguration": null
},
{
"name": "run",
"host": {
"sourcePath": "/run"
},
"dockerVolumeConfiguration": null
},
{
"name": "var_log",
"host": {
"sourcePath": "/var/log"
},
"dockerVolumeConfiguration": null
}
]
}
Last modified 3mo ago