The Ops Community

Cover image for How To SSH Your ECS Server(Running Fargate)
Feng Lei
Feng Lei

Posted on

How To SSH Your ECS Server(Running Fargate)

1.Install ACLI V2

2.Install and Run Docker On EC2

3.Use ECR create repository

4.Attach IAM Role To EC2

5.Build and Push Image to Repository

6.Create ECS Task Definition

7.Create Cluster

8.Create Service

9.Use SSH Tool connect your container

1.Install ACLI V2 On Ami-2

In here,I use Amazon Linux 2, t3.micro instance type.
Image description

First,We need give the instance right IAM Role

Image description

Install ACLI V2,I will put the code

rm -rf /bin/aws
rm -rf /bin/aws*
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
ln -s /usr/local/bin/aws /bin/aws

Enter fullscreen mode Exit fullscreen mode

Image description

[root@ip-172-31-43-69 ~]# yum install docker && systemctl start docker
Enter fullscreen mode Exit fullscreen mode

Image description

Use ECR create repository

Image description

Attach IAM Role To EC2

https://docs.amazonaws.cn/en_us/AmazonECR/latest/userguide/registry-permissions-create.html
Image description

Build and Push Image to Repository

1.Write Dockerfile

FROM centos:7

RUN yum install -y openssh-server sudo
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config 
RUN useradd admin  
RUN echo "admin:123456" | chpasswd
RUN echo "admin   ALL=(ALL)       ALL" >> /etc/sudoers 

RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

RUN mkdir /var/run/sshd
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]
Enter fullscreen mode Exit fullscreen mode

2.Build Image

[root@ip-172-31-43-69 ~]# docker build -t sshd .
Enter fullscreen mode Exit fullscreen mode

Image description

3.Tag and Push Image

aws ecr get-login-password --region region | docker login --username AWS --password-stdin aws_account_id.dkr.ecr.region.amazonaws.com
docker tag sshd:latest aws_account_id.dkr.ecr.region.amazonaws.com/sshd:latest
docker push aws_account_id.dkr.ecr.region.amazonaws.com/sshd:latest
Enter fullscreen mode Exit fullscreen mode

Image description
Image description
Image description

Create Fargate Task Definitions(I put my json code)

Notice:Replace the capital letter identification part

{
  "ipcMode": null,
  "executionRoleArn": "YOUR_EXEC_ROLE_ARN": [
    {
      "dnsSearchDomains": null,
      "environmentFiles": null,
      "logConfiguration": {
        "logDriver": "awslogs",
        "secretOptions": null,
        "options": {
          "awslogs-group": "/ecs/sshd_task",
          "awslogs-region": "YOUR_REGION",
          "awslogs-stream-prefix": "ecs"
        }
      },
      "entryPoint": null,
      "portMappings": [
        {
          "hostPort": 22,
          "protocol": "tcp",
          "containerPort": 22
        }
      ],
      "command": null,
      "linuxParameters": null,
      "cpu": 0,
      "environment": [],
      "resourceRequirements": null,
      "ulimits": null,
      "dnsServers": null,
      "mountPoints": [],
      "workingDirectory": null,
      "secrets": null,
      "dockerSecurityOptions": null,
      "memory": null,
      "memoryReservation": 2048,
      "volumesFrom": [],
      "stopTimeout": null,
      "image": "YOU_CREATE_IMG_URL",
      "startTimeout": null,
      "firelensConfiguration": null,
      "dependsOn": null,
      "disableNetworking": null,
      "interactive": null,
      "healthCheck": null,
      "essential": true,
      "links": null,
      "hostname": null,
      "extraHosts": null,
      "pseudoTerminal": null,
      "user": null,
      "readonlyRootFilesystem": null,
      "dockerLabels": null,
      "systemControls": null,
      "privileged": null,
      "name": "sshd_container"
    }
  ],
  "placementConstraints": [],
  "memory": "2048",
  "taskRoleArn": "USE_YOURSELF_TASK_ROLE",
  "compatibilities": [
    "EC2",
    "FARGATE"
  ],
  "taskDefinitionArn": "USE_YOURSELF_ARN",
  "family": "sshd_task",
  "requiresAttributes": [
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.execution-role-awslogs"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.ecr-auth"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.task-iam-role"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.execution-role-ecr-pull"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.task-eni"
    }
  ],
  "pidMode": null,
  "requiresCompatibilities": [
    "FARGATE"
  ],
  "networkMode": "awsvpc",
  "cpu": "1024",
  "revision": 2,
  "status": "ACTIVE",
  "inferenceAccelerators": null,
  "proxyConfiguration": null,
  "volumes": []
}
Enter fullscreen mode Exit fullscreen mode

7.Create Cluster

Image description
Image description

8.Create Service

Image description
Image description
Image description
Image description
Image description

9.Use SSH Tool connect your container

Image description

Discussion (0)