示例任务定义
此部分提供了一些 JSON 任务定义示例,您可以使用这些示例来开始创建自己的任务定义。
您可以复制这些示例,然后在使用经典控制台中的 Configure via JSON(通过 JSON 配置)选项时粘贴它们。确保自定义示例,例如使用您的账户 ID。有关更多信息,请参阅 使用控制台创建任务定义 和 任务定义参数:
有关更多任务定义示例,请参阅 GitHub 上的 Amazon 示例任务定义
主题
示例:Web 服务器
下面是用于设置 Web 服务器的示例任务定义(使用 Fargate 上的 Linux 容器启动类型):
{ "containerDefinitions": [ { "command": [ "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' > /usr/local/apache2/htdocs/index.html && httpd-foreground\"" ], "entryPoint": [ "sh", "-c" ], "essential": true, "image": "httpd:2.4", "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group" : "/ecs/fargate-task-definition", "awslogs-region": "us-east-1", "awslogs-stream-prefix": "ecs" } }, "name": "sample-fargate-app", "portMappings": [ { "containerPort": 80, "hostPort": 80, "protocol": "tcp" } ] } ], "cpu": "256", "executionRoleArn": "arn:aws:iam::012345678910:role/ecsTaskExecutionRole", "family": "fargate-task-definition", "memory": "512", "networkMode": "awsvpc", "runtimePlatform": { "operatingSystemFamily": "LINUX" }, "requiresCompatibilities": [ "FARGATE" ] }
下面是用于设置 Web 服务器的示例任务定义(使用 Fargate 上的 Windows 容器启动类型):
{ "containerDefinitions": [ { "command": [ "New-Item -Path C:\\inetpub\\wwwroot\\index.html -Type file -Value '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p>'; C:\\ServiceMonitor.exe w3svc" ], "entryPoint": [ "powershell", "-Command" ], "essential": true, "cpu": 2048, "memory": 4096, "image": "mcr.microsoft.com/windows/servercore/iis:windowsservercore-ltsc2019", "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group": "/ecs/fargate-windows-task-definition", "awslogs-region": "us-east-1", "awslogs-stream-prefix": "ecs" } }, "name": "sample_windows_app", "portMappings": [ { "hostPort": 80, "containerPort": 80, "protocol": "tcp" } ] } ], "memory": "4096", "cpu": "2048", "networkMode": "awsvpc", "family": "windows-simple-iis-2019-core", "executionRoleArn": "arn:aws:iam::012345678910:role/ecsTaskExecutionRole", "runtimePlatform": { "operatingSystemFamily": "WINDOWS_SERVER_2019_CORE" }, "requiresCompatibilities": [ "FARGATE" ] }
示例:splunk 日志驱动程序
以下示例演示如何在任务定义中使用 splunk 日志驱动程序,以将日志发送到远程服务。Splunk 令牌参数指定为密钥选项,因为它可能被视为敏感数据。有关更多信息,请参阅将敏感数据传递给容器。
"containerDefinitions": [{ "logConfiguration": { "logDriver": "splunk", "options": { "splunk-url": "https://cloud.splunk.com:8080", "tag": "tag_name", }, "secretOptions": [{ "name": "splunk-token", "valueFrom": "arn:aws:secretsmanager:region:aws_account_id:secret:splunk-token-KnrBkD" }],
示例:fluentd 日志驱动程序
以下示例演示如何在任务定义中使用 fluentd 日志驱动程序,以将日志发送到远程服务。fluentd-address 值被指定为密钥选项,因为它可能会视为敏感数据。有关更多信息,请参阅将敏感数据传递给容器。
"containerDefinitions": [{ "logConfiguration": { "logDriver": "fluentd", "options": { "tag": "fluentd demo" }, "secretOptions": [{ "name": "fluentd-address", "valueFrom": "arn:aws:secretsmanager:region:aws_account_id:secret:fluentd-address-KnrBkD" }] }, "entryPoint": [], "portMappings": [{ "hostPort": 80, "protocol": "tcp", "containerPort": 80 }, { "hostPort": 24224, "protocol": "tcp", "containerPort": 24224 }] }],
示例:gelf 日志驱动程序
以下示例演示如何在任务定义中使用 gelf 日志驱动程序,以将日志发送到远程主机(此主机运行将 Gelf 日志作为输入的 Logstash)。有关更多信息,请参阅logConfiguration。
"containerDefinitions": [{ "logConfiguration": { "logDriver": "gelf", "options": { "gelf-address": "udp://logstash-service-address:5000", "tag": "gelf task demo" } }, "entryPoint": [], "portMappings": [{ "hostPort": 5000, "protocol": "udp", "containerPort": 5000 }, { "hostPort": 5000, "protocol": "tcp", "containerPort": 5000 } ] }],
示例:Amazon ECR 映像和任务定义 IAM 角色
以下示例使用 123456789012.dkr.ecr.us-west-2.amazonaws.com 注册表中带 v1 标记的名为 aws-nodejs-sample 的 Amazon ECR 映像。此任务中的容器继承来自 arn:aws:iam::123456789012:role/AmazonECSTaskS3BucketRole 角色的 IAM 权限。有关更多信息,请参阅任务 IAM 角色。
{ "containerDefinitions": [ { "name": "sample-app", "image": "123456789012.dkr.ecr.us-west-2.amazonaws.com/aws-nodejs-sample:v1", "memory": 200, "cpu": 10, "essential": true } ], "family": "example_task_3", "taskRoleArn": "arn:aws:iam::123456789012:role/AmazonECSTaskS3BucketRole" }
示例:带命令的入口点
以下示例演示使用入口点和命令参数的 Docker 容器的语法。此容器将对 google.com 执行四次 ping 操作,然后退出。
{ "containerDefinitions": [ { "memory": 32, "essential": true, "entryPoint": [ "ping" ], "name": "alpine_ping", "readonlyRootFilesystem": true, "image": "alpine:3.4", "command": [ "-c", "4", "google.com" ], "cpu": 16 } ], "family": "example_task_2" }
示例:容器依赖项
此示例展示了具有多个容器(其中指定了容器依赖项)的任务定义的语法。在以下任务定义中,envoy 容器必须达到正常运行状态(由必需的容器运行状况检查参数决定),然后 app 容器才能启动。有关更多信息,请参阅容器依赖项。
{ "family": "appmesh-gateway", "runtimePlatform": { "operatingSystemFamily": "LINUX" }, "proxyConfiguration":{ "type": "APPMESH", "containerName": "envoy", "properties": [ { "name": "IgnoredUID", "value": "1337" }, { "name": "ProxyIngressPort", "value": "15000" }, { "name": "ProxyEgressPort", "value": "15001" }, { "name": "AppPorts", "value": "9080" }, { "name": "EgressIgnoredIPs", "value": "169.254.170.2,169.254.169.254" } ] }, "containerDefinitions": [ { "name": "app", "image": "application_image", "portMappings": [ { "containerPort":9080, "hostPort":9080, "protocol": "tcp" } ], "essential": true, "dependsOn": [ { "containerName": "envoy", "condition": "HEALTHY" } ] }, { "name": "envoy", "image": "840364872350.dkr.ecr.region-code.amazonaws.com/aws-appmesh-envoy:v1.15.1.0-prod", "essential": true, "environment": [ { "name": "APPMESH_VIRTUAL_NODE_NAME", "value": "mesh/meshName/virtualNode/virtualNodeName" }, { "name": "ENVOY_LOG_LEVEL", "value": "info" } ], "healthCheck": { "command": [ "CMD-SHELL", "echo hello" ], "interval": 5, "timeout": 2, "retries": 3 } } ], "executionRoleArn": "arn:aws:iam::123456789012:role/ecsTaskExecutionRole", "networkMode": "awsvpc" }
Windows 示例任务定义
以下示例任务定义可帮助您在 Amazon ECS 上开始使用 Windows 容器。
例 适用于 Windows 的 Amazon ECS 控制台示例应用程序
以下任务定义是 Amazon ECS 的首次运行向导中生成的 Amazon ECS 控制台示例应用程序;它已转为使用 microsoft/iis Windows 容器映像。
{ "family": "windows-simple-iis", "containerDefinitions": [ { "name": "windows_sample_app", "image": "mcr.microsoft.com/windows/servercore/iis", "cpu": 1024, "entryPoint":["powershell", "-Command"], "command":["New-Item -Path C:\\inetpub\\wwwroot\\index.html -Type file -Value '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p>'; C:\\ServiceMonitor.exe w3svc"], "portMappings": [ { "protocol": "tcp", "containerPort": 80 } ], "memory": 1024, "essential": true } ], "networkMode": "awsvpc", "memory": "1024", "cpu": "1024" }