Amazon ECS-optimized AMI
Amazon ECS provides the Amazon ECS-optimized AMIs that are preconfigured with the requirements and recommendations to run your container workloads. We recommend that you use the Amazon ECS-optimized Amazon Linux 2023 AMI for your Amazon EC2 instances unless your application requires Amazon EC2 GPU-based instances, a specific operating system or a Docker version that is not yet available in that AMI. For information about the Amazon Linux 2 and Amazon Linux 2023 instances, see Comparing Amazon Linux 2 and Amazon Linux 2023 in the Amazon Linux 2023 User Guide. Launching your container instances from the most recent Amazon ECS-Optimized AMI ensures that you receive the current security updates and container agent version. For information about how to launch an instance, see Launching an Amazon ECS Linux container instance.
The Linux variants of the Amazon ECS-optimized AMI use the Amazon Linux 2 AMI as their base. The
Amazon Linux 2 AMI release notes are available as well. For more information, see Amazon Linux 2 release notes
We recommend that you use an AMI with Linux kernel 5.10 because Linux kernel 4.14 reached end-of-life on January 10, 2024.
The following variants of the Amazon ECS-optimized AMI are available for your Amazon EC2 instances.
| Operating system | AMI | Description | Storage configuration |
|---|---|---|---|
| Amazon Linux 2023 |
Amazon ECS-optimized Amazon Linux 2023 AMI |
Amazon Linux 2023 is the next generation of Amazon Linux from Amazon. For most cases, recommended for launching your Amazon EC2 instances for your Amazon ECS workloads. For more information, see What is Amazon Linux 2023 in the Amazon Linux 2023 User Guide. |
By default, the Amazon ECS-optimized Amazon Linux 2023 AMI ships with a single 30-GiB root
volume. You can modify the 30-GiB root volume size at launch time to
increase the available storage on your container instance. This storage is
used for the operating system and for Docker images and metadata. The
default filesystem for the Amazon ECS-optimized Amazon Linux 2023 AMI is |
| Amazon Linux 2023 (arm64) |
Amazon ECS-optimized Amazon Linux 2023 (arm64) AMI |
Based on Amazon Linux 2023 this AMI is recommended for use when launching your Amazon EC2 instances, which are powered by Arm-based Amazon Graviton/Graviton 2 Processors, for your Amazon ECS workloads. For more information, see General Purpose Instances in the Amazon EC2 User Guide for Linux Instances. The Amazon ECS-optimized Amazon Linux 2023 (arm64) AMI does not come with the Amazon CLI preinstalled. |
|
| Amazon Linux 2023 (Neuron) |
Amazon ECS optimized Amazon Linux 2023 (Neuron) AMI |
Based on Amazon Linux 2023, this AMI is recommended for use when launching your Amazon EC2 Inf1 instances. It comes pre-configured with Amazon Inferentia drivers and the Amazon Neuron runtime for Docker which makes running machine learning inference workloads easier on Amazon ECS. For more information, see Using Amazon Neuron on Amazon Linux 2 on Amazon ECS. The Amazon ECS optimized Amazon Linux 2023 (Neuron) AMI does not come with the Amazon CLI preinstalled. | |
|
Amazon Linux 2 |
Amazon ECS-optimized Amazon Linux 2 kernel 5.10 AMI |
Based on Amazon Linux 2, this AMI is for use when launching your Amazon EC2 instances and you want to use Linux kernel 5.10 instead of kernel 4.14 for your Amazon ECS workloads. The Amazon ECS-optimized Amazon Linux 2 kernel 5.10 AMI does not come with the Amazon CLI preinstalled. |
By default, the Amazon Linux 2-based Amazon ECS-optimized AMIs
(Amazon ECS-optimized Amazon Linux 2 AMI, Amazon ECS-optimized Amazon Linux 2 (arm64) AMI, and Amazon ECS GPU-optimized AMI) ship with a single 30-GiB root
volume. You can modify the 30-GiB root volume size at launch time to
increase the available storage on your container instance. This storage is
used for the operating system and for Docker images and metadata. The
default filesystem for the Amazon ECS-optimized Amazon Linux 2 AMI is |
|
Amazon ECS-optimized Amazon Linux 2 AMI |
This is for your Amazon ECS workloads. The Amazon ECS-optimized Amazon Linux 2 AMI does not come with the Amazon CLI preinstalled. | ||
|
Amazon Linux 2 (arm64) |
Amazon ECS-optimized Amazon Linux 2 kernel 5.10 (arm64) AMI |
Based on Amazon Linux 2, this AMI is for your Amazon EC2 instances, which are powered by Arm-based Amazon Graviton/Graviton 2 Processors, and you want to use Linux kernel 5.10 instead of Linux kernel 4.14 for your Amazon ECS workloads. For more information, see General Purpose Instances in the Amazon EC2 User Guide for Linux Instances. The Amazon ECS-optimized Amazon Linux 2 (arm64) AMI does not come with the Amazon CLI preinstalled. |
|
|
Amazon ECS-optimized Amazon Linux 2 (arm64) AMI |
Based on Amazon Linux 2, this AMI is for use when launching your Amazon EC2 instances, which are powered by Arm-based Amazon Graviton/Graviton 2 Processors, for your Amazon ECS workloads. The Amazon ECS-optimized Amazon Linux 2 (arm64) AMI does not come with the Amazon CLI preinstalled. |
||
|
Amazon Linux 2 (GPU) |
Amazon ECS GPU-optimized kernel 5.10 AMI |
Based on Amazon Linux 2, this AMI is recommended for use when launching your Amazon EC2 GPU-based instances with Linux kernel 5.10 for your Amazon ECS workloads. It comes pre-configured with NVIDIA kernel drivers and a Docker GPU runtime which makes running workloads that take advantage of GPUs on Amazon ECS. For more information, see Working with GPUs on Amazon ECS. | |
| Amazon ECS GPU-optimized AMI | Based on Amazon Linux 2, this AMI is recommended for use when launching your Amazon EC2 GPU-based instances with Linux kernel 4.14 for your Amazon ECS workloads. It comes pre-configured with NVIDIA kernel drivers and a Docker GPU runtime which makes running workloads that take advantage of GPUs on Amazon ECS. For more information, see Working with GPUs on Amazon ECS. | ||
| Amazon Linux 2 (Neuron) |
Amazon ECS optimized Amazon Linux 2 (Neuron) kernel 5.10 AMI |
Based on Amazon Linux 2, this AMI is for Amazon EC2 Inf1, Trn1 or Inf2 instances. It comes pre-configured with Amazon Inferentia with Linux kernel 5.10 and Amazon Trainium drivers and the Amazon Neuron runtime for Docker which makes running machine learning inference workloads easier on Amazon ECS. For more information, see Using Amazon Neuron on Amazon Linux 2 on Amazon ECS. The Amazon ECS optimized Amazon Linux 2 (Neuron) AMI does not come with the Amazon CLI preinstalled. | |
| Amazon ECS optimized Amazon Linux 2 (Neuron) AMI | Based on Amazon Linux 2, this AMI is for Amazon EC2 Inf1, Trn1 or Inf2 instances. It comes pre-configured with Amazon Inferentia and Amazon Trainium drivers and the Amazon Neuron runtime for Docker which makes running machine learning inference workloads easier on Amazon ECS. For more information, see Using Amazon Neuron on Amazon Linux 2 on Amazon ECS. The Amazon ECS optimized Amazon Linux 2 (Neuron) AMI does not come with the Amazon CLI preinstalled. |
Amazon ECS provides a changelog for the Linux variant of the Amazon ECS-optimized AMI on GitHub.
For more information, see Changelog
The Linux variants of the Amazon ECS-optimized AMI use the Amazon Linux 2 AMI or Amazon Linux 2023 AMI as
their base. You can retrieve the Amazon Linux 2 source AMI name or the Amazon Linux 2023 AMI name for each
variant by querying the Systems Manager Parameter Store API. For more information, see Retrieving Amazon ECS-Optimized AMI
metadata. The
Amazon Linux 2 AMI release notes are available as well. For more information, see Amazon Linux 2 release notes
The following pages provide additional information about the changes:
-
Source AMI release
notes on GitHub -
Docker Engine release notes
in the Docker documentation -
NVIDIA Driver Documentation
in the NVIDIA documentation -
Amazon ECS agent changelog
on GitHub The source code for the
ecs-initapplication and the scripts and configuration for packaging the agent are now part of the agent repository. For older versions ofecs-initand packaging, see Amazon ecs-init changelogon GitHub
Applying security updates to the Amazon ECS-optimized AMI
The Amazon ECS-optimized AMIs based on Amazon Linux contain a customized version of cloud-init. Cloud-init is a package that is used to bootstrap Linux images in a cloud computing environment and perform desired actions when launching an instance. By default, all Amazon ECS-optimized AMIs based on Amazon Linux released prior to June 12, 2024 have all "Critical" and "Important" security updates applied upon instance launch.
Starting with the June 12, 2024 releases of the Amazon ECS-optimized AMIs based on Amazon Linux 2, the default behavior will no longer include updating packages at launch. Instead, we recommend that you update to a new Amazon ECS-optimized AMI as releases are made available. The Amazon ECS-optimized AMIs are released when there are available security updates or base AMI changes. This will ensure you are receiving the latest package versions and security updates, and that the package versions are immutable through instance launches. For more information on retrieving the latest Amazon ECS-optimized AMI, see Retrieving Amazon ECS-Optimized AMI metadata.
We recommend automating your environment to update to a new AMI as they are made available. You can use managed instance draining to achieve this. For more information, see Amazon ECS managed instance draining.
If you would like to continue applying "Critical" and "Important" security updates manually on a particular AMI version, you can run the following command on your Amazon EC2 instance.
yum update --security
If you want to re-enable security updates at launch, you can add the following line to
the #cloud-config section of the cloud-init user data when launching your
Amazon EC2 instance. For more information, see Using cloud-init on Amazon Linux 2 in
the Amazon Linux User Guide.
#cloud-config repo_upgrade: security