本次任务:
aws上创建容器repository,然后push一个image到这个repository,cloudtrail和cloudwatch检测到变化后,调用lambda函数,执行部署到ECS的任务
1. 创建IAM用户access key
(1)IAM页面---user,创建一个user
(2)点击创建好的user,创建access key
(3)本地安装awscli客户端,以下是linux安装步骤:
pip install awscli
aws configure
然后输入access key,即步骤(2)中生成的access key id 和secret access key。
然后用aws lambda list-functions 测试是否安装成功
2. ECR和ECS页面创建容器repository
(1)创建一个容器仓库repository (左侧导航栏可以看到,ECS和ECR在同一个页面)
本地随便建立一个docker项目,用docker build命令打包成image,例如docker build -t hello .
然后docker tag hello:latest xxx (这个repository地址xxx可以是dockerhub的repository,也可以是aws里ECS上面创建的repository地址。)
然后同一目录下,用docker push xxx 上传到远程xxx这个repository上。
(2)创建ECS容器集群cluster(包括service和cluster等)
还在ECS页面,点击cluster--get started
(3)选择custom configure
配置 memory限制128, 端口80
(4)task definition换一个你自己取的名字
接着配置taskdefinition,service,cluster等
3. 创建lambda函数
可以aws网站上创建,也可以用awscli客户端使用命令aws create lambda-function
lambda函数内容如下:
import boto3
import os
## Setting variables and importing libraries.
region = "us-east-1"
client = boto3.client('ecs', region_name=region)
CONTAINER_NAME = os.environ['NAME']
DOCKER_IMAGE = os.environ['IMAGE']
# MEM_SIZE = os.environ['MEMORY']
FAMILY_DEF = os.environ['TASK_DEF']
CLUSTER_NAME = os.environ['CLUSTER']
SERVICE_NAME = os.environ['SERVICE']
def lambda_handler(event, context):
print("----- STARTING -----")
response = client.register_task_definition(
family=FAMILY_DEF,
#taskRoleArn='string',
networkMode='awsvpc',
containerDefinitions=[
{
'name': CONTAINER_NAME,
## Amazon URI for your Docker image in ECS
'image': DOCKER_IMAGE,
'memory': 300,
'portMappings': [
{
'containerPort': 80,
'hostPort': 80,
'protocol': 'tcp'
},
],
'essential': True,
},
],
)
## Setting our TaskDef for updating our service.
response = client.update_service(
cluster=CLUSTER_NAME,
service=SERVICE_NAME,
desiredCount=1,
# taskDefinition=taskDefinitionRev,
# networkConfiguration={
# 'awsvpcConfiguration': {
# 'subnets': [
# 'subnet-0fc126592841487ea',
# 'subnet-0ae7befc18f8498da'
# ],
# 'securityGroups': [
# 'sg-0a367400b36dae0bf'
# ],
# 'assignPublicIp': 'ENABLED'
# }
# },
forceNewDeployment=True,
deploymentConfiguration={
'maximumPercent': 200,
'minimumHealthyPercent': 100
}
)
print("Updated the service named {} under the cluster named {} with an updated task definition".format(SERVICE_NAME, CLUSTER_NAME))
print("----- FINISHED -----")
4. 创建cloudtrail和cloudwatch的event