sil*_*hil 15 amazon-web-services amazon-ecs aws-cloudformation
我们希望通过CloudFormation在AWS ECS中创建ScheduledTasks.是否有通过boto或cloudformation创建的编程方式?
Mar*_*ark 18
要在CloudFormation中定义计划的ECS任务,您需要定义"EC :: Events :: Rule"资源,并将ECS任务作为目标.
"TaskSchedule": {
"Type": "AWS::Events::Rule",
"Properties": {
"Description": "dump data every workday at 10",
"Name": "dump-data",
"ScheduleExpression": "cron(0 10 ? * MON-FRI *)",
"State": "ENABLED",
"Targets": [
{
"Id": "dump-data-ecs-task",
"RoleArn": {
"Fn::GetAtt": ["TaskSchedulerRole", "Arn"]
},
"EcsParameters": {
"TaskDefinitionArn": {
"Ref": "TaskDefinition"
},
"TaskCount": 1
},
"Arn": {
"Fn::GetAtt": ["EcsCluster", "Arn"]
}
}
]
}
}
对流层现在允许定义ECS计划任务,你需要三个资源,
任务定义:
from troposphere.ecs import (
ContainerDefinition,
TaskDefinition,
)
scheduled_worker_task_definition = TaskDefinition(
"ScheduledWorkerTask",
template=template,
ContainerDefinitions=[
ContainerDefinition(
Name="ScheduledWorker",
Cpu=200,
Memory=300,
Essential=True,
Image="<image>",
EntryPoint=['<entry_point>']
),
],
)
运行任务的角色:
from troposphere import iam
run_task_role = iam.Role(
"RunTaskRole",
template=template,
AssumeRolePolicyDocument=dict(Statement=[dict(
Effect="Allow",
Principal=dict(Service=["events.amazonaws.com"]),
Action=["sts:AssumeRole"],
)]),
Path="/",
Policies=[
iam.Policy(
PolicyName="RunTaskPolicy",
PolicyDocument=dict(
Statement=[dict(
Effect="Allow",
Action=[
"ecs:RunTask",
],
Resource=["*"],
Condition=dict(
ArnEquals={
"ecs:cluster": GetAtt(cluster, "Arn"),
}
)
)],
),
),
],
)
计划任务的事件规则:
from troposphere.events import Rule, Target, EcsParameters
Rule(
"SchedulingRule",
template=template,
Description="My schedule task rule",
State="ENABLED",
ScheduleExpression="rate(30 minutes)",
Targets=[
Target(
Id="ScheduledWorkerTaskDefinitionTarget",
RoleArn=GetAtt(run_task_role, "Arn"),
Arn=GetAtt(cluster, "Arn"),
EcsParameters=EcsParameters(
TaskCount=1,
TaskDefinitionArn=Ref(scheduled_worker_task_definition),
),
),
]
)
当JSON输出的样子:
...
"ScheduledWorkerTask": {
"Condition": "Deploy",
"Properties": {
"ContainerDefinitions": [
{
"Cpu": 200,
"EntryPoint": [
"<entry_point>"
],
"Essential": "true",
"Image": {
"Fn::Join": [
"",
[
{
"Ref": "AWS::AccountId"
},
".dkr.ecr.",
{
"Ref": "AWS::Region"
},
".amazonaws.com/",
{
"Ref": "ApplicationRepository"
},
":",
"<image>"
]
]
},
"Memory": 300,
"Name": "ScheduledWorker"
}
]
},
"Type": "AWS::ECS::TaskDefinition"
},
"SchedulingRule": {
"Properties": {
"Description": "My schedule task rule",
"ScheduleExpression": "rate(30 minutes)",
"State": "ENABLED",
"Targets": [
{
"Arn": {
"Fn::GetAtt": [
"Cluster",
"Arn"
]
},
"EcsParameters": {
"TaskCount": 1,
"TaskDefinitionArn": {
"Ref": "ScheduledWorkerTask"
}
},
"Id": "ScheduledWorkerTaskDefinitionTarget",
"RoleArn": {
"Fn::GetAtt": [
"RunTaskRole",
"Arn"
]
}
}
]
},
"Type": "AWS::Events::Rule"
},
"RunTaskRole": {
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": [
"sts:AssumeRole"
],
"Effect": "Allow",
"Principal": {
"Service": [
"events.amazonaws.com"
]
}
}
]
},
"Path": "/",
"Policies": [
{
"PolicyDocument": {
"Statement": [
{
"Action": [
"ecs:RunTask"
],
"Condition": {
"ArnEquals": {
"ecs:cluster": {
"Fn::GetAtt": [
"Cluster",
"Arn"
]
}
}
},
"Effect": "Allow",
"Resource": [
"*"
]
}
]
},
"PolicyName": "RunTaskPolicy"
}
]
},
"Type": "AWS::IAM::Role"
},
...
更多信息,请访问https://jeanphix.github.io/2017/10/04/ecs-scheduled-cron-task-with-cloudformation/
| 归档时间: |
|
| 查看次数: |
5891 次 |
| 最近记录: |