ecs-cli 卡住创建容器
ecs-cli stuck creating containers
我正在尝试使用 ecs-cli 命令行在 AWS 上获得一个工作的 Docker 环境。
我有一个工作的本地 Docker 环境,使用 Docker 文件、docker-compose.yml、一个 .env 文件和一个 entrypoint.sh 脚本。容器是一个 apache 网络服务器 运行 PHP 和一堆扩展,以及一个 MySQL db.
骨架文件结构是这样的:
./db <-- mounted by db container for persistence
./docker
./docker/database
./docker/database/Dockerfile
./docker/database/dump.sql
./docker/webserver
./docker/webserver/apache-config.conf
./docker/webserver/Dockerfile
./docker/webserver/entrypoint.sh
./docker-compose.yml
./web <!-- mounted by web server, contains all public web code
这是 2 个 Docker 文件:
./docker/database/Dockerfile
FROM mysql:5.6
ADD dump.sql /docker-entrypoint-initdb.d
./docker/webserver/Dockerfile
FROM php:5.6-apache
RUN apt-get update
RUN curl -sL https://deb.nodesource.com/setup_8.x | bash -
RUN apt-get install -y zlib1g-dev nodejs gdal-bin
RUN npm install -g topojson
RUN docker-php-ext-install mysql mysqli pdo pdo_mysql zip
RUN pecl install dbase
RUN docker-php-ext-enable dbase
COPY apache-config.conf /etc/apache2/sites-enabled/000-default.conf
RUN a2enmod rewrite headers
RUN service apache2 restart
COPY entrypoint.sh /entrypoint.sh
RUN chmod 0755 /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh", "apache2-foreground"]
entrypoint.sh在web目录下创建一些目录供apache写入:
./docker/webserver/entrypoint.sh
#!/bin/sh
mkdir /var/www/html/maps
chown www-data /var/www/html/maps
chgrp www-data /var/www/html/maps
exec "$@"
这是docker-compose.yml
version: '2'
services:
webserver:
image: ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-webserver
ports:
- "8080:80"
volumes:
- ./web:${APACHE_DOC_ROOT}
links:
- db
environment:
- HTTP_ROOT=http://${DOCKER_HOST_IP}:${DOCKER_HOST_PORT}/
- PHP_TMP_DIR=${PHP_TMP_DIR}
- APACHE_LOG_DIR=${APACHE_LOG_DIR}
- APACHE_DOC_ROOT=${APACHE_DOC_ROOT}/
- SERVER_ADMIN_EMAIL=${SERVER_ADMIN_EMAIL}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
env_file: .env
db:
user: "1000:50"
image: ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-database
ports:
- "4406:3306"
volumes:
- ./db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
env_file: .env
要构建此处引用的图像,我:
创建了具有管理员权限的 AWS IAM 用户并在配置文件名称下的 ~/.aws/credentials 中设置密钥,然后使用设置本地 ENV
导出 AWS_PROFILE=我的项目配置文件
然后在本地构建镜像如下:
docker/webserver $ docker build -t ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-webserver .
docker/database $ docker build -t ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-database .
docker 登录到 ECR(运行 docker 登录命令回显到标准输出):
$aws ecr get-login --no-include-email
创建了存储库:
$ aws ecr create-repository --repository-name project/project-webserver
$ aws ecr create-repository --repository-name project/project-database
推送图片:
$docker推ACCOUNT_NUMBER.dkr.ecr.eu-西-1.amazonaws.com/project/project-webserver
$docker推ACCOUNT_NUMBER.dkr.ecr.eu-西-1.amazonaws.com/project/project-database
已检查它们是否存在:
$ aws ecr describe-images --repository-name project/project-webserver
$ aws ecr describe-images --repository-name project/project-database
一切正常。
在同一区域创建了一个 EC2 密钥对
$ecs-cli 配置 --region eu-west-1 --cluster 项目
$猫~/.ecs/config
在 ECS 上尝试 运行 它们:
$ecs-cli up --keypair project --capability-iam --size 1 --instance-type t2.micro --force
但是如果我在生成的 EC2 实例的安全组中打开端口 22 并在其中打开 SSH,我可以看到代理容器 运行,但看不到其他容器:
[ec2-user@ip-10-0-0-122 ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d011f1402c26 amazon/amazon-ecs-agent:latest "/agent" 8 minutes ago Up 8 minutes ecs-agent
我在代理的日志中没有看到任何不好的东西
[ec2-user@ip-10-0-1-102 ~]$ docker 记录 ecs-agent
2017-09-22T13:32:55Z [INFO] Loading configuration
2017-09-22T13:32:55Z [INFO] Loading state! module="statemanager"
2017-09-22T13:32:55Z [INFO] Event stream ContainerChange start listening...
2017-09-22T13:32:55Z [INFO] Registering Instance with ECS
2017-09-22T13:32:55Z [INFO] Registered! module="api client"
2017-09-22T13:32:55Z [INFO] Registration completed successfully. I am running as 'arn:aws:ecs:eu-west-1:248221388880:container-instance/ba24ead4-21a5-4bc7-ba9f-4d3ba0f29c6b' in cluster 'gastrak'
2017-09-22T13:32:55Z [INFO] Saving state! module="statemanager"
2017-09-22T13:32:55Z [INFO] Beginning Polling for updates
2017-09-22T13:32:55Z [INFO] Event stream DeregisterContainerInstance start listening...
2017-09-22T13:32:55Z [INFO] Initializing stats engine
2017-09-22T13:32:55Z [INFO] NO_PROXY set:169.254.169.254,169.254.170.2,/var/run/docker.sock
2017-09-22T13:33:05Z [INFO] Saving state! module="statemanager"
2017-09-22T13:44:50Z [INFO] Connection closed for a valid reason: websocket: close 1000 (normal): ConnectionExpired: Reconnect to continue
我想我需要弄清楚为什么这些容器没有初始化,但我要看哪里,更好的是,接下来我需要做什么才能让它工作?
以防其他人运行漂流到这里,缺少的咒语是
$ ecs-cli compose create
它从您的撰写文件构建一个 ECS 任务定义(假设它是兼容的...)
和
$ecs-cli compose run
这将在远程 EC2 机器上构建和 运行 容器。
SSH 到远程机器并执行 "docker ps -a" 应该会显示容器 运行ning。或者"docker logs [container_name]"看看哪里出了问题...
我正在尝试使用 ecs-cli 命令行在 AWS 上获得一个工作的 Docker 环境。
我有一个工作的本地 Docker 环境,使用 Docker 文件、docker-compose.yml、一个 .env 文件和一个 entrypoint.sh 脚本。容器是一个 apache 网络服务器 运行 PHP 和一堆扩展,以及一个 MySQL db.
骨架文件结构是这样的:
./db <-- mounted by db container for persistence
./docker
./docker/database
./docker/database/Dockerfile
./docker/database/dump.sql
./docker/webserver
./docker/webserver/apache-config.conf
./docker/webserver/Dockerfile
./docker/webserver/entrypoint.sh
./docker-compose.yml
./web <!-- mounted by web server, contains all public web code
这是 2 个 Docker 文件:
./docker/database/Dockerfile
FROM mysql:5.6
ADD dump.sql /docker-entrypoint-initdb.d
./docker/webserver/Dockerfile
FROM php:5.6-apache
RUN apt-get update
RUN curl -sL https://deb.nodesource.com/setup_8.x | bash -
RUN apt-get install -y zlib1g-dev nodejs gdal-bin
RUN npm install -g topojson
RUN docker-php-ext-install mysql mysqli pdo pdo_mysql zip
RUN pecl install dbase
RUN docker-php-ext-enable dbase
COPY apache-config.conf /etc/apache2/sites-enabled/000-default.conf
RUN a2enmod rewrite headers
RUN service apache2 restart
COPY entrypoint.sh /entrypoint.sh
RUN chmod 0755 /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh", "apache2-foreground"]
entrypoint.sh在web目录下创建一些目录供apache写入:
./docker/webserver/entrypoint.sh #!/bin/sh
mkdir /var/www/html/maps
chown www-data /var/www/html/maps
chgrp www-data /var/www/html/maps
exec "$@"
这是docker-compose.yml
version: '2'
services:
webserver:
image: ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-webserver
ports:
- "8080:80"
volumes:
- ./web:${APACHE_DOC_ROOT}
links:
- db
environment:
- HTTP_ROOT=http://${DOCKER_HOST_IP}:${DOCKER_HOST_PORT}/
- PHP_TMP_DIR=${PHP_TMP_DIR}
- APACHE_LOG_DIR=${APACHE_LOG_DIR}
- APACHE_DOC_ROOT=${APACHE_DOC_ROOT}/
- SERVER_ADMIN_EMAIL=${SERVER_ADMIN_EMAIL}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
env_file: .env
db:
user: "1000:50"
image: ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-database
ports:
- "4406:3306"
volumes:
- ./db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
env_file: .env
要构建此处引用的图像,我:
创建了具有管理员权限的 AWS IAM 用户并在配置文件名称下的 ~/.aws/credentials 中设置密钥,然后使用设置本地 ENV 导出 AWS_PROFILE=我的项目配置文件
然后在本地构建镜像如下:
docker/webserver $ docker build -t ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-webserver .
docker/database $ docker build -t ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/project/project-database .
docker 登录到 ECR(运行 docker 登录命令回显到标准输出):
$aws ecr get-login --no-include-email
创建了存储库:
$ aws ecr create-repository --repository-name project/project-webserver
$ aws ecr create-repository --repository-name project/project-database
推送图片:
$docker推ACCOUNT_NUMBER.dkr.ecr.eu-西-1.amazonaws.com/project/project-webserver
$docker推ACCOUNT_NUMBER.dkr.ecr.eu-西-1.amazonaws.com/project/project-database
已检查它们是否存在:
$ aws ecr describe-images --repository-name project/project-webserver
$ aws ecr describe-images --repository-name project/project-database
一切正常。
在同一区域创建了一个 EC2 密钥对
$ecs-cli 配置 --region eu-west-1 --cluster 项目 $猫~/.ecs/config
在 ECS 上尝试 运行 它们:
$ecs-cli up --keypair project --capability-iam --size 1 --instance-type t2.micro --force
但是如果我在生成的 EC2 实例的安全组中打开端口 22 并在其中打开 SSH,我可以看到代理容器 运行,但看不到其他容器:
[ec2-user@ip-10-0-0-122 ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d011f1402c26 amazon/amazon-ecs-agent:latest "/agent" 8 minutes ago Up 8 minutes ecs-agent
我在代理的日志中没有看到任何不好的东西
[ec2-user@ip-10-0-1-102 ~]$ docker 记录 ecs-agent
2017-09-22T13:32:55Z [INFO] Loading configuration
2017-09-22T13:32:55Z [INFO] Loading state! module="statemanager"
2017-09-22T13:32:55Z [INFO] Event stream ContainerChange start listening...
2017-09-22T13:32:55Z [INFO] Registering Instance with ECS
2017-09-22T13:32:55Z [INFO] Registered! module="api client"
2017-09-22T13:32:55Z [INFO] Registration completed successfully. I am running as 'arn:aws:ecs:eu-west-1:248221388880:container-instance/ba24ead4-21a5-4bc7-ba9f-4d3ba0f29c6b' in cluster 'gastrak'
2017-09-22T13:32:55Z [INFO] Saving state! module="statemanager"
2017-09-22T13:32:55Z [INFO] Beginning Polling for updates
2017-09-22T13:32:55Z [INFO] Event stream DeregisterContainerInstance start listening...
2017-09-22T13:32:55Z [INFO] Initializing stats engine
2017-09-22T13:32:55Z [INFO] NO_PROXY set:169.254.169.254,169.254.170.2,/var/run/docker.sock
2017-09-22T13:33:05Z [INFO] Saving state! module="statemanager"
2017-09-22T13:44:50Z [INFO] Connection closed for a valid reason: websocket: close 1000 (normal): ConnectionExpired: Reconnect to continue
我想我需要弄清楚为什么这些容器没有初始化,但我要看哪里,更好的是,接下来我需要做什么才能让它工作?
以防其他人运行漂流到这里,缺少的咒语是
$ ecs-cli compose create
它从您的撰写文件构建一个 ECS 任务定义(假设它是兼容的...)
和
$ecs-cli compose run
这将在远程 EC2 机器上构建和 运行 容器。
SSH 到远程机器并执行 "docker ps -a" 应该会显示容器 运行ning。或者"docker logs [container_name]"看看哪里出了问题...