ECS服务-使用新的Docker映像自动部署 [英] ECS Service - Automating deploy with new Docker image
问题描述
我想通过使用最新的Docker映像启动ECS服务来自动化应用程序的部署.据我了解,部署新映像版本的方法如下:
I want to automate the deployment of my application by having my ECS service launch with the latest Docker image. From what I've read, the way to deploy a new image version is as follows:
- 创建一个新的任务修订版(在更新Docker存储库上的映像之后).
- 更新服务并指定新版本.
这似乎可行,但是我想通过CLI来完成所有操作,因此可以编写脚本. #2似乎很容易通过update-service通过AWS CLI执行,但是我看不到一种方法,而无需像register-task-definition那样重新指定整个Task JSON(我的JSON将在环境中包含凭证)变量,因此我希望在尽可能少的地方使用该变量).
This seems to work, but I want to do this all through CLI so I can script it. #2 seems easy enough to do through the AWS CLI with update-service, but I don't see a way to do #1 without specifying the entire Task JSON all over again as with register-task-definition (my JSON will include credentials in environment variables, so I want to have that in as few places as possible).
这是我应该如何自动部署ECS服务更新吗?如果是这样,是否有一种好的"方式让任务定义启动新的修订版(即不复制所有内容)?
Is this how I should be automating deployment of my ECS Service updates? And if so, is there a "good" way to have the Task Definition launch a new revision (i.e. without duplicating everything)?
推荐答案
是的,这是正确的方法.
Yes, that is the correct approach.
不,使用当前的API,您不能在不复制现有任务定义的情况下为其注册新版本.
And no, with the current API, you can't register a new revision of an existing task definition without duplicating it.
如果您不使用CLI来生成原始任务定义(或者不想重复使用生成该任务的原始命令),则可以通过CLI尝试以下操作:
If you didn't use the CLI to generate the original task definition (or don't want to reuse the original commands that generated it), you could try something like the following through the CLI:
OLD_TASK_DEF=$(aws ecs describe-task-definition --task-definition <task_family_name>)
NEW_CONTAINER_DEFS=$(echo $OLD_TASK_DEF | jq '.taskDefinition.containerDefinitions' | jq '.[0].image="<new_image_name>"')
aws ecs register-task-definition --family <task_family_name> --container-definitions "'$(echo $NEW_CONTAINER_DEFS)'"
并非100%安全,因为最后一条命令的--container-defintions参数(包括"environment"条目)仍然可以通过诸如ps之类的过程看到.其中一种AWS开发工具包可以让您更加放心.
Not 100% secure as the last command's --container-defintions argument (which includes "environment" entries) will still be visible through processes like ps. One of the AWS SDKs would give better peace of mind.
这篇关于ECS服务-使用新的Docker映像自动部署的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
