Create an Amazon ECS task definition and mount a file system on EC2 instances using Amazon EFS - AWS Prescriptive Guidance
SummaryPrerequisites and limitationsArchitectureToolsEpicsRelated resourcesAttachments

Create an Amazon ECS task definition and mount a file system on EC2 instances using Amazon EFS

Created by Durga Prasad Cheepuri (AWS)

Environment: PoC or pilot

Technologies: Containers & microservices; CloudNative; Management & governance; Storage & backup; Web & mobile apps

AWS services: Amazon ECS; Amazon EFS

Summary

This pattern provides code samples and steps to create an Amazon Elastic Container Service (Amazon ECS) task definition that runs on Amazon Elastic Compute Cloud (Amazon EC2) instances in the Amazon Web Services (AWS) Cloud, while using Amazon Elastic File System (Amazon EFS) to mount a file system on those EC2 instances. Amazon ECS tasks that use Amazon EFS automatically mount the file systems that you specify in the task definition and make these file systems available to the task’s containers across all Availability Zones in an AWS Region.

To meet your persistent storage and shared storage requirements, you can use Amazon ECS and Amazon EFS together. For example, you can use Amazon EFS to store persistent user data and application data for your applications with active and standby ECS container pairs running in different Availability Zones for high availability. You can also use Amazon EFS to store shared data that can be accessed in parallel by ECS containers and distributed job workloads.

To use Amazon EFS with Amazon ECS, you can add one or more volume definitions to a task definition. A volume definition includes an Amazon EFS file system ID, access point ID, and a configuration for AWS Identity and Access Management (IAM) authorization or Transport Layer Security (TLS) encryption in transit. You can use container definitions within task definitions to specify the task definition volumes that get mounted when the container runs. When a task that uses an Amazon EFS file system runs, Amazon ECS ensures that the file system is mounted and available to the containers that need access to it.

Prerequisites and limitations

Prerequisites

Limitations

  • Amazon ECS container agent versions earlier than 1.35.0 don’t support Amazon EFS file systems for tasks that use the EC2 launch type.

Architecture

The following diagram shows an example of an application that uses Amazon ECS to create a task definition and mount an Amazon EFS file system on EC2 instances in ECS containers.

AWS Cloud architecture showing ECS task definition, ECS service, and EFS file system interaction.

The diagram shows the following workflow:

  1. Create an Amazon EFS file system.

  2. Create a task definition with a container.

  3. Configure the container instances to mount the Amazon EFS file system. The task definition references the volume mounts, so the container instance can use the Amazon EFS file system. ECS tasks have access to the same Amazon EFS file system, regardless of which container instance those tasks are created on.

  4. Create an Amazon ECS service with three instances of the task definition.

Technology stack

  • Amazon EC2

  • Amazon ECS

  • Amazon EFS

Tools

  • Amazon EC2 – Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the AWS Cloud. You can use Amazon EC2 to launch as many or as few virtual servers as you need, and you can scale out or scale in.

  • Amazon ECS – Amazon Elastic Container Service (Amazon ECS) is a highly scalable, fast container management service for running, stopping, and managing containers on a cluster. You can run your tasks and services on a serverless infrastructure that is managed by AWS Fargate. Alternatively, for more control over your infrastructure, you can run your tasks and services on a cluster of EC2 instances that you manage.

  • Amazon EFS – Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources.

  • AWS CLI – The AWS Command Line Interface (AWS CLI) is an open-source tool for interacting with AWS services through commands in your command-line shell. With minimal configuration, you can run AWS CLI commands that implement functionality equivalent to that provided by the browser-based AWS Management Console from a command prompt.

Epics

TaskDescriptionSkills required
Create an Amazon EFS file system by using the AWS Management Console.

  1. Create an Amazon EFS file system and choose the VPC that includes your containers. Note: If you use a different VPC, set up a VPC peering connection.

  2. Note the file system ID.

AWS DevOps
TaskDescriptionSkills required
Create a task definition using an Amazon EFS file system.

Create a task definition by using the new Amazon ECS console or classic Amazon ECS console with the following configurations:

  • If you use the new console, choose Amazon EC2 instances for App environment. If you use the classic console, choose EC2 as the launch type.

  • Add a volume. Enter a name for the volume, choose EFS for volume type, and then choose the file system ID that you noted earlier. For the root directory, choose the Amazon EFS file system path that you want to host on the Amazon ECS container host.

AWS DevOps
Create a task definition using the AWS CLI.

  1. To create a JSON template with input parameter placeholders for your task definition, run the following command:

    aws ecs register-task-definition --generate-cli-skeleton

  2. To create the task definition with the JSON template, run the following command:

    aws ecs register-task-definition --cli-input-json file://<path_to_your_json_file>

  3. Enter the input parameters in your JSON template based on the task_definition_parameters.json file (attached). Note: For more information on input parameters, see Task definition parameters (Amazon ECS documentation) and register-task-definition (AWS CLI Command Reference).

AWS DevOps

Related resources

Attachments

To access additional content that is associated with this document, unzip the following file: attachment.zip