Deployment tool for Amazon ECS.
pip install ecs-deplojo
Usage: ecs-deplojo [OPTIONS] Options: --config FILENAME [required] --var VAR --dry-run --output-path PATH --role-arn <optional arn> --help Show this message and exit.
--- cluster_name: example environment: DATABASE_URL: postgresql:// task_definitions: web: template: task_definitions/web.json overrides: uwsgi: memory: 512 portMappings: - hostPort: 0 containerPort: 8080 protocol: tcp manage: template: task_definitions/manage.json services: web: task_definition: web before_deploy: - task_definition: manage container: uwsgi command: manage.py migrate --noinput after_deploy: - task_definition: manage container: uwsgi command: manage.py clearsessions
Using SSM secrets
Warning secrets will become visible in the container's environent, use with caution
When you want to use the AWS SSM secrets in your configuration you can use the secrets section, however this needs some additional configuration within AWS
At first you need an AWS IAM role to use as the ECS execution role, this role needs access to the secrets in Secrets Manager or Parameter store and will only be used during the startup of your Docker container.
-- cluster_name: example environment: NORMAL_ENV_VAR: value_of_variable secrets: DATABASE_URL: /path/to/secret/DATABASE_URL task_definitions: web: execution_role_arn: arn:aws:iam::<account_id>:role/execution_role_name template: task_definitions/web.json services: web: task_definition: web
When the container is started the secrets are available as environment variables and hidden in the AWS ECS console, this is not recommended in production.
AWS Default VPC
When running your servers in the AWS default VPC you need
your task definition JSON file, this will ensure that no hostnames are set for the
containers, since this isn't supported by AWS.
Unlike EC2 based clusters AWS Fargate needs a
execution_role_arn to work, this can be
set in your service definition in the YAML file.
Example log output
Starting deploy on cluster example (1 services) Registered new task definition web:10 Starting one-off task 'manage.py migrate --noinput' via manage:10 (uwsgi) Updating service web with task defintion web:10 Waiting for deployments Waiting for services: web (0/2) Waiting for services: web (1/2) Waiting for services: web (2/2) Deployment finished: web (2/2) Starting one-off task 'manage.py clearsessions' via manage:10 (uwsgi)