Creating a single-node job definition on Amazon Fargate resources - Amazon Batch
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating a single-node job definition on Amazon Fargate resources

To create a new job definition on Amazon Fargate resources:

  1. Open the Amazon Batch console at https://console.amazonaws.cn/batch/.

  2. From the top navigation bar, choose the Amazon Web Services Region to use.

  3. In the left navigation pane, choose Job definitions.

  4. Choose Create.

  5. For Orchestration type, choose Fargate. For more information, see Amazon Batch on Amazon Fargate.

  6. For Name, enter a unique name for your job definition. The name can be up to 128 characters in length. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).

  7. (Optional) For Execution timeout, enter the timeout value (in seconds). The execution timeout is the length of time before an unfinished job is terminated. If an attempt exceeds the timeout duration, the attempt is stopped and moves to a FAILED status. For more information, see Job timeouts. The minimum value is 60 seconds.

  8. (Optional) Turn on Scheduling priority. Enter a scheduling priority value between 0 and 100. Higher values are given higher priority over lower values.

  9. (Optional) Expand Tags, and then choose Add tag to add tags to the resource. Turn on Propagate tags to propagate tags from the job and job definition.

  10. In the Fargate platform configuration section:

    1. For Runtime platform, choose the compute environment architecture.

    2. For Operating System Family, choose the operating system for the compute environment.

    3. For CPU Architecture, choose the vCPU architecture.

    4. For Fargate platform version, enter LATEST or a specific runtime environment version.

    5. (Optional) Turn on Assign public IP to assign a public IP address to a Fargate job network interface. For a job that's running in a private subnet to send outbound traffic to the internet, the private subnet requires a NAT gateway be attached to route requests to the internet. You might want to do this so that you can pull container images. For more information, see Amazon ECS task networking in the Amazon Elastic Container Service Developer Guide.

    6. (Optional) For Ephemeral storage, enter the amount of ephemeral storage to allocate to the task. The amount of ephemeral storage must be between 21 GiB and 200 GiB. By default, 20 GiB of ephemeral storage is allocated if you don't enter a value.

      Note

      Ephemeral storage requires Fargate platform version 1.4 or later.

    7. For Execution role, specify an IAM role that grants the Amazon ECS container and Fargate agents permission to make Amazon API calls on your behalf. This feature uses Amazon ECS IAM roles for task functionality. For more information including configuration prerequisites, see Amazon ECS task execution IAM roles in the Amazon Elastic Container Service Developer Guide.

    8. For Job attempts, enter the number of times that Amazon Batch attempts to move the job to a RUNNABLE status. Enter a number between 1 and 10.

    9. Optional) For Retry strategy conditions, choose Add evaluate on exit. Enter at least one parameter value and then choose an Action. For each set of conditions, Action must be set to either Retry or Exit. These actions mean the following:

      • Retry – Amazon Batch retries until the number of job attempts that you specified is reached.

      • Exit – Amazon Batch stops retrying the job.

      Important

      If you choose Add evaluate on exit, you must configure at least one parameter and choose an Action or choose Remove evaluate on exit.

  11. Choose Next page.

  12. In the Container configuration section:

    1. For Image, choose the Docker image to use for your job. By default, images in the Docker Hub registry are available. You can also specify other repositories with repository-url/image:tag. The name can be up to 225 characters in length. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.

      Note

      Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, Arm based Docker images can only run on Arm based compute resources.

      • Images in Amazon ECR Public repositories use the full registry/repository[:tag] or registry/repository[@digest] naming conventions (for example, public.ecr.aws/registry_alias/my-web-app:latest).

      • Images in Amazon ECR repositories use the full registry/repository[:tag] naming convention (for example, aws_account_id.dkr.ecr.region.amazonaws.com/my-web-app:latest).

      • Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo).

      • Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent).

      • Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu).

    2. For Command syntax, choose Bash or JSON.

    3. For Command, specify the command to pass to the container. For simple commands, enter the command as you do for a command prompt and then verify that the JSON result is correct. It's passed to the Docker daemon. For more complicated commands (for example, with special characters), use JSON syntax.

      Tip

      Choose Info to view Bash and JSON code samples.

      This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information about the Docker CMD parameter, see https://docs.docker.com/engine/reference/builder/#cmd.

      Note

      You can use default values for parameter substitution and placeholders in your command. For more information, see Parameters.

    4. (Optional) Add parameters to the job definition as name-value mappings to override the job definition defaults. To add a parameter:

      1. For Parameters, choose Add parameters, enter a name-value pair, then choose Add parameter.

        Important

        If you choose Add parameter, you must either configure at least one parameter or choose Remove parameter

    5. In the Environment configuration section:

      1. For Job role configuration, choose an IAM role that has permissions to the Amazon APIs. This feature uses Amazon ECS IAM roles for task functionality. For more information, see IAM Roles for Tasks in the Amazon Elastic Container Service Developer Guide.

        Note

        Only roles that have the Amazon Elastic Container Service Task Role trust relationship are shown here. For more information about how to create an IAM role for your Amazon Batch jobs, see Creating an IAM Role and Policy for your Tasks in the Amazon Elastic Container Service Developer Guide.

      2. For vCPUs, enter the number of vCPUs to reserve for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares. You must specify at least one vCPU.

      3. For Memory, enter the memory limit that's available to the container. If your container attempts to exceed the memory specified here, the container is stopped. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run. You must specify at least 4 MiB of memory for a job.

        If you use GuardDuty Runtime Monitoring, there is a slight memory overhead for the GuardDuty security agent. Therefore the memory limit must include the size of the GuardDuty security agent. For information about the GuardDuty security agent memory limits, see CPU and memory limits in the GuardDuty User Guide. For information about the best practices, see How do I remediate out of memory errors on my Fargate tasks after enabling Runtime Monitoring in the Amazon ECS Developer Guide.

        Note

        To maximize your resource utilization, prioritze memory for jobs of a specific instance type. For more information, see Compute Resource Memory Management.

    6. (Optional) For Environment variables, choose Add environment variable to add environment variables as name-value pairs. These variables are passed to the container.

    7. (Optional) For Secrets, choose Add secret to add secrets as a name-value pairs. These secrets are exposed in the container. For more information, see secretOptions in Job definition parameters for ContainerProperties.

    8. Choose Next page.

  13. (Optional) In the Linux configuration section:

    1. For User, enter a user name to use inside the container.

    2. Turn on Enable init process to run an init process inside the container. This process forwards signals and reaps processes.

    3. Turn on Enable read only filesystem to remove write access to the volume.

    4. (Optional) Expand Additional configuration.

    5. For Mount points configuration, choose Add mount points configuration to add mount points for data volumes. You must specify the source volume and container path. These mount points are passed to the Docker daemon on a container instance.

    6. For Volumes configuration, choose Add volume to create a list of volumes to pass to the container. Enter a Name and Source path for the volume, and then choose Add volume.

    7. In the Logging configuration section:

      1. (Optional) For Log driver, choose the log driver to use. For more information about the available log drivers, see logDriver in Job definition parameters for ContainerProperties.

        Note

        By default, the awslogs log driver is used.

      2. (Optional) For Options, choose Add option to add an option. Enter a name-value pair, and then choose Add option.

      3. (Optional) For Secrets, choose Add secret to add a secret. Then, enter a name-value pair, and choose Add secret.

        Tip

        For more information, see secretOptions in Job definition parameters for ContainerProperties.

  14. Choose Next page.

  15. For Job definition review, review the configuration steps. If you need to make changes, choose Edit. When you're finished, choose Create job definition.