ECSでのタスク実行方法
課題
- fargateで運用している場合、sshで接続してコマンドを実行ということができない。そのため外部からツールを利用して実行しなければいけない
対処法
今回は例としてseedを考える
seed用のタスク定義を作成する.
{ "networkMode": "awsvpc", "cpu": "256", "memory": "512", "requiresCompatibilities": [ "FARGATE"], "executionRoleArn": "arn:aws:iam::467531687456:role/ecs_task_execution_role", "containerDefinitions": [ { "name": "seed", "image": "467531687456.dkr.ecr.ap-northeast-1.amazonaws.com/match-project-app-development:latest", "essential": true, "entryPoint": ["/bin/sh"], "command": ["-c", "php artisan db:seed --class=DatabaseSeeder"], "environment": [ { "name": "APP_NAME", "value": "match-project" }, { "name": "APP_ENV", "value": "development" }, { "name": "APP_DEBUG", "value": "true" }, { "name": "LOG_CHANNEL", "value": "cloudwatch" }, { "name": "CLOUDWATCH_LOG_RETENTION", "value": "60" }, { "name": "DB_CONNECTION", "value": "mysql" }, { "name": "DB_HOST", "value": "match-project-dev-aurora-cluster.cluster-clfk8ycueurb.ap-northeast-1.rds.amazonaws.com" }, { "name": "DB_PORT", "value": "3306" }, { "name": "DB_USERNAME", "value": "organizer" }, { "name": "DB_PASSWORD", "value": "pass1234" }, { "name": "DB_DATABASE", "value": "lara_match" }, { "name": "BROADCAST_DRIVER", "value": "log" }, { "name": "CACHE_DRIVER", "value": "redis" }, { "name": "SESSION_DRIVER", "value": "redis" }, { "name": "SESSION_LIFETIME", "value": "10080" }, { "name": "REDIS_HOST", "value": "$REDIS_HOST_DEV" }, { "name": "REDIS_PASSWORD", "value": "null" }, { "name": "REDIS_PORT", "value": "6379" }, { "name": "AWS_BUCKET", "value": "match-project.dev.uploads" }, { "name": "MAIL_DRIVER", "value": "ses" }, { "name": "MAIL_FROM_ADDRESS", "value": "tmp" }, { "name": "MAIL_FROM_NAME", "value": "dev" }, { "name": "SES_REGION", "value": "us-east-1" }, { "name": "ADMIN_HTTPS", "value": "true" } ] } ] }
- タスクをecsクラスターに登録する。
aws ecs register-task-definition --family match-project-dev-seed --cli-input-json file://seed-task-definition.json --region ap-northeast-1
- あとは以下を状況に合わせて変更して、実行
SUBNETS=$(aws ecs describe-services --cluster match-project-dev --service app --region ap-northeast-1 --query "services[0].networkConfiguration.awsvpcConfiguration.subnets" --output text | awk '{printf "%s,%s",$1,$2}') SECURITY_GROUPS=$(aws ecs describe-services --cluster match-project-dev --service app --region ap-northeast-1 --query "services[0].networkConfiguration.awsvpcConfiguration.securityGroups" --output text) aws ecs run-task --launch-type FARGATE --cluster match-project-dev --task-definition match-project-dev-migrate --region ap-northeast-1 --count 1 --network-configuration "awsvpcConfiguration={subnets=[$SUBNETS],securityGroups=[$SECURITY_GROUPS],assignPublicIp=ENABLED}" --query "tasks[0].taskArn" --output text