diff --git a/docs/roles/deploy_container.md b/docs/roles/deploy_container.md index 3e5a9c30..8e5872cb 100644 --- a/docs/roles/deploy_container.md +++ b/docs/roles/deploy_container.md @@ -38,7 +38,7 @@ Naturally you can always create custom policies and roles to have tighter access ```yaml --- deploy_container: - container_name: example + container_name: example-container container_tag: latest # tag will take format container_name:container_tag container_force_build: true # force Docker to build and tag a new image docker_registry_name: index.docker.io/example # combines with container_name to make the full registry name, docker_registry_name/container_name @@ -70,9 +70,10 @@ deploy_container: - example-dev-a - example-dev-b security_groups: [] # list of security groups, accepts names or IDs - cluster_name: example - family_name: example + cluster_name: example-cluster + family_name: example-task-definition task_definition_revision: "" # integer, but must be presented as a string for Jinja2 + task_definition_force_create: false # creates a task definition revision every time if set to true task_count: 1 task_minimum_count: 1 task_maximum_count: 4 @@ -81,8 +82,21 @@ deploy_container: service_autoscale_up_cooldown: 120 service_autoscale_down_cooldown: 120 service_autoscale_target_value: 70 # the value to trigger a scaling event at + service_force_refresh: false # forces a refresh of all containers if set to true execution_role_arn: "arn:aws:iam::000000000000:role/ecsTaskExecutionRole" # ARN of the IAM role to run the task as, must have access to the ECR repository if applicable - containers: [] # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers + containers: # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers + - name: example-container + essential: true + image: index.docker.io/example:latest + portMappings: + - containerPort: 8080 # should match target_group_port + hostPort: 8080 + logConfiguration: + logDriver: awslogs + options: + awslogs-group: /ecs/example-cluster + awslogs-region: eu-west-1 + awslogs-stream-prefix: "ecs-example-task" cpu: 512 # these values can be set globally or per container memory: 1024 launch_type: FARGATE @@ -90,7 +104,7 @@ deploy_container: #volumes: [] # list of additional volumes to attach target_group_name: example # 32 character limit target_group_protocol: http - target_group_port: 80 + target_group_port: 8080 # ports lower than 1024 will require the app to be configured to run as a privileged user in the Dockerfile target_group_wait_timeout: 200 # how long to wait for target group events to complete targets: [] # typically we do not specify targets at this point, this will be handled automatically by the ECS service #- Id: 10.0.0.2 diff --git a/roles/deploy_container/README.md b/roles/deploy_container/README.md index 3e5a9c30..8e5872cb 100644 --- a/roles/deploy_container/README.md +++ b/roles/deploy_container/README.md @@ -38,7 +38,7 @@ Naturally you can always create custom policies and roles to have tighter access ```yaml --- deploy_container: - container_name: example + container_name: example-container container_tag: latest # tag will take format container_name:container_tag container_force_build: true # force Docker to build and tag a new image docker_registry_name: index.docker.io/example # combines with container_name to make the full registry name, docker_registry_name/container_name @@ -70,9 +70,10 @@ deploy_container: - example-dev-a - example-dev-b security_groups: [] # list of security groups, accepts names or IDs - cluster_name: example - family_name: example + cluster_name: example-cluster + family_name: example-task-definition task_definition_revision: "" # integer, but must be presented as a string for Jinja2 + task_definition_force_create: false # creates a task definition revision every time if set to true task_count: 1 task_minimum_count: 1 task_maximum_count: 4 @@ -81,8 +82,21 @@ deploy_container: service_autoscale_up_cooldown: 120 service_autoscale_down_cooldown: 120 service_autoscale_target_value: 70 # the value to trigger a scaling event at + service_force_refresh: false # forces a refresh of all containers if set to true execution_role_arn: "arn:aws:iam::000000000000:role/ecsTaskExecutionRole" # ARN of the IAM role to run the task as, must have access to the ECR repository if applicable - containers: [] # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers + containers: # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers + - name: example-container + essential: true + image: index.docker.io/example:latest + portMappings: + - containerPort: 8080 # should match target_group_port + hostPort: 8080 + logConfiguration: + logDriver: awslogs + options: + awslogs-group: /ecs/example-cluster + awslogs-region: eu-west-1 + awslogs-stream-prefix: "ecs-example-task" cpu: 512 # these values can be set globally or per container memory: 1024 launch_type: FARGATE @@ -90,7 +104,7 @@ deploy_container: #volumes: [] # list of additional volumes to attach target_group_name: example # 32 character limit target_group_protocol: http - target_group_port: 80 + target_group_port: 8080 # ports lower than 1024 will require the app to be configured to run as a privileged user in the Dockerfile target_group_wait_timeout: 200 # how long to wait for target group events to complete targets: [] # typically we do not specify targets at this point, this will be handled automatically by the ECS service #- Id: 10.0.0.2 diff --git a/roles/deploy_container/defaults/main.yml b/roles/deploy_container/defaults/main.yml index 7605f796..0ca73b42 100644 --- a/roles/deploy_container/defaults/main.yml +++ b/roles/deploy_container/defaults/main.yml @@ -1,6 +1,6 @@ --- deploy_container: - container_name: example + container_name: example-container container_tag: latest # tag will take format container_name:container_tag container_force_build: true # force Docker to build and tag a new image docker_registry_name: index.docker.io/example # combines with container_name to make the full registry name, docker_registry_name/container_name @@ -32,9 +32,10 @@ deploy_container: - example-dev-a - example-dev-b security_groups: [] # list of security groups, accepts names or IDs - cluster_name: example - family_name: example + cluster_name: example-cluster + family_name: example-task-definition task_definition_revision: "" # integer, but must be presented as a string for Jinja2 + task_definition_force_create: false # creates a task definition revision every time if set to true task_count: 1 task_minimum_count: 1 task_maximum_count: 4 @@ -43,8 +44,21 @@ deploy_container: service_autoscale_up_cooldown: 120 service_autoscale_down_cooldown: 120 service_autoscale_target_value: 70 # the value to trigger a scaling event at + service_force_refresh: false # forces a refresh of all containers if set to true execution_role_arn: "arn:aws:iam::000000000000:role/ecsTaskExecutionRole" # ARN of the IAM role to run the task as, must have access to the ECR repository if applicable - containers: [] # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers + containers: # list of container definitions, see docs: https://docs.ansible.com/ansible/latest/collections/community/aws/ecs_taskdefinition_module.html#parameter-containers + - name: example-container + essential: true + image: index.docker.io/example:latest + portMappings: + - containerPort: 8080 # should match target_group_port + hostPort: 8080 + logConfiguration: + logDriver: awslogs + options: + awslogs-group: /ecs/example-cluster + awslogs-region: eu-west-1 + awslogs-stream-prefix: "ecs-example-task" cpu: 512 # these values can be set globally or per container memory: 1024 launch_type: FARGATE @@ -52,7 +66,7 @@ deploy_container: #volumes: [] # list of additional volumes to attach target_group_name: example # 32 character limit target_group_protocol: http - target_group_port: 80 + target_group_port: 8080 # ports lower than 1024 will require the app to be configured to run as a privileged user in the Dockerfile target_group_wait_timeout: 200 # how long to wait for target group events to complete targets: [] # typically we do not specify targets at this point, this will be handled automatically by the ECS service #- Id: 10.0.0.2 diff --git a/roles/deploy_container/tasks/main.yml b/roles/deploy_container/tasks/main.yml index 34866aa1..8238e080 100644 --- a/roles/deploy_container/tasks/main.yml +++ b/roles/deploy_container/tasks/main.yml @@ -138,6 +138,7 @@ state: present network_mode: "{{ deploy_container.aws_ecs.network_mode }}" volumes: "{{ deploy_container.aws_ecs.volumes | default(omit) }}" + force_create: "{{ deploy_container.aws_ecs.task_definition_force_create }}" delegate_to: localhost when: deploy_container.aws_ecs.enabled @@ -294,6 +295,7 @@ security_groups: "{{ deploy_container.aws_ecs.security_groups }}" assign_public_ip: true # must be true for now - details: https://stackoverflow.com/a/66802973 tags: "{{ deploy_container.aws_ecs.tags }}" + force_new_deployment: "{{ deploy_container.aws_ecs.service_force_refresh }}" wait: true delegate_to: localhost when: deploy_container.aws_ecs.enabled