Running Flatcar Linux with AWS EC2 Container Service

Amazon EC2 Container Service (ECS) is a container management service which provides a set of APIs for scheduling container workloads across EC2 clusters. It supports Flatcar Linux with Docker containers.

Your Flatcar Linux machines communicate with ECS via an agent. The agent interacts with Docker to start new containers and gather information about running containers.

Set up a new cluster

When booting your Flatcar Linux Machines on EC2, configure the ECS agent to be started via Ignition.

Be sure to change ECS_CLUSTER to the cluster name you've configured via the ECS CLI or leave it empty for the default. Here's a full config example:

systemd:
 units:
   - name: amazon-ecs-agent.service
     enable: true
     contents: |
       [Unit]
       Description=AWS ECS Agent
       Documentation=https://docs.aws.amazon.com/AmazonECS/latest/developerguide/
       Requires=docker.socket
       After=docker.socket

       [Service]
       Environment=ECS_CLUSTER=your_cluster_name
       Environment=ECS_LOGLEVEL=info
       Environment=ECS_VERSION=latest
       Restart=on-failure
       RestartSec=30
       RestartPreventExitStatus=5
       SyslogIdentifier=ecs-agent
       ExecStartPre=-/bin/mkdir -p /var/log/ecs /var/ecs-data /etc/ecs
       ExecStartPre=-/usr/bin/touch /etc/ecs/ecs.config
       ExecStartPre=-/usr/bin/docker kill ecs-agent
       ExecStartPre=-/usr/bin/docker rm ecs-agent
       ExecStartPre=/usr/bin/docker pull amazon/amazon-ecs-agent:${ECS_VERSION}
       ExecStart=/usr/bin/docker run \
           --name ecs-agent \
           --env-file=/etc/ecs/ecs.config \
           --volume=/var/run/docker.sock:/var/run/docker.sock \
           --volume=/var/log/ecs:/log \
           --volume=/var/ecs-data:/data \
           --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
           --volume=/run/docker/execdriver/native:/var/lib/docker/execdriver/native:ro \
           --publish=127.0.0.1:51678:51678 \
           --env=ECS_LOGFILE=/log/ecs-agent.log \
           --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} \
           --env=ECS_DATADIR=/data \
           --env=ECS_CLUSTER=${ECS_CLUSTER} \
           amazon/amazon-ecs-agent:${ECS_VERSION}

       [Install]
       WantedBy=multi-user.target

The example above pulls the latest official Amazon ECS agent container from the Docker Hub when the machine starts. If you ever need to update the agent, it’s as simple as restarting the amazon-ecs-agent service or the Flatcar Linux machine.

If you want to configure SSH keys in order to log in, mount disks or configure other options, see the Container Linux Configs documentation.

For more information on using ECS, check out the official Amazon documentation.