This package will create an Optimized ECS image which includes the following components:
- Latest security updates
- SSM agent
- AWS inspector agent
- Encrypted EBS store (optional)
- Customize the EBS volume size (optional)
The package relies on an aws profile from your ~/.aws/credentials file.
Export the desired profile:
export AWS_PROFILE='your profile name from the ~/.aws/credentials file'Update the variables.json file with the correct values for your environment
| Variable | Description | Default Value |
|---|---|---|
| instance_type | The instance type | t2.micro |
| aws_region | Specify the AWS region | "" |
| aws_vpc_id | Specify a VPC ID | "" |
| public_subnet_id | Specify a public subnet ID | "" |
| xvda_volume_size | The root volume size | 8 |
| xvdcz_volume_size | The data volume size | 22 |
| encrypted | Encrypt the data volume | "false" |
| ami_name | The AMI name | "allcloud-amzn-ecs-{{isotime}}" |
packer validate -var-file=variables.json packer.jsonVarify you get the output:
$ packer validate -var-file=variables.json packer.json
$ Template validated successfully.packer build -var-file=variables.json packer.jsonLogin to your AWS account and locate your AMI.
Update your ECS cluster with the new AMI and perform rolling update
IMPORTANT: Verifty that the ECS instance role includes the SSM agent and AWS inspector policies for it to work properly.
- SSM agent policy:
AmazonEC2RoleforSSM