neilkuan · July 7, 2021 10:54
diff --git a/rhel8-ecs-init-userdata.sh b/rhel8-ecs-init-userdata.sh
 #!/bin/bash

 if [ $# -gt 0 ]; then
  INPUT="$1"
 fi

 ECS_CLUSTER_NAME=${INPUT-default}

 yum remove podman-docker -y
 echo 'net.ipv4.conf.all.route_localnet = 1' >> /etc/sysctl.conf
 touch /etc/ecs/ecs.config
 mkdir -p /var/log/ecs /var/lib/ecs/data /etc/ecs

 yum config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
 yum list docker-ce
 yum install docker-ce --nobest -y 

 iptables -t nat -A PREROUTING -p tcp -d 169.254.170.2 --dport 80 -j DNAT --to-destination 127.0.0.1:51679
 iptables -t nat -A OUTPUT -d 169.254.170.2 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679
 iptables-save > /etc/sysconfig/iptables

 cat << EOF > /etc/ecs/ecs.config
 ECS_DATADIR=/data
 ECS_ENABLE_TASK_IAM_ROLE=true
 ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST=true
 ECS_LOGFILE=/log/ecs-agent.log
 ECS_AVAILABLE_LOGGING_DRIVERS=["json-file","awslogs"]
 ECS_LOGLEVEL=debug
 ECS_CLUSTER=$ECS_CLUSTER_NAME
 ECS_ENABLE_AWSLOGS_EXECUTIONROLE_OVERRIDE=true
 EOF

 systemctl start docker
 systemctl enable docker

 cat << EOF > /etc/systemd/system/[email protected]
 [Unit]
 Description=Docker Container %I
 Requires=docker.service
 After=cloud-final.service

 [Service]
 Restart=always
 ExecStartPre=-/usr/bin/docker rm -f %i 
 ExecStart=/usr/bin/docker run --name %i \
 --privileged \
 --restart=on-failure:10 \
 --volume=/var/run:/var/run \
 --volume=/var/log/ecs/:/log:Z \
 --volume=/var/lib/ecs/data:/data:Z \
 --volume=/etc/ecs:/etc/ecs \
 --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
 --net=host \
 --env-file=/etc/ecs/ecs.config \
 amazon/amazon-ecs-agent:latest
 ExecStop=/usr/bin/docker stop %i

 [Install]
 WantedBy=default.target
 EOF

 systemctl enable docker-container\@ecs-agent.service
 systemctl start docker-container\@ecs-agent.service
	#!/bin/bash

	if [ $# -gt 0 ]; then
	INPUT="$1"
	fi

	ECS_CLUSTER_NAME=${INPUT-default}

	yum remove podman-docker -y
	echo 'net.ipv4.conf.all.route_localnet = 1' >> /etc/sysctl.conf
	touch /etc/ecs/ecs.config
	mkdir -p /var/log/ecs /var/lib/ecs/data /etc/ecs

	yum config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
	yum list docker-ce
	yum install docker-ce --nobest -y

	iptables -t nat -A PREROUTING -p tcp -d 169.254.170.2 --dport 80 -j DNAT --to-destination 127.0.0.1:51679
	iptables -t nat -A OUTPUT -d 169.254.170.2 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679
	iptables-save > /etc/sysconfig/iptables

	cat << EOF > /etc/ecs/ecs.config
	ECS_DATADIR=/data
	ECS_ENABLE_TASK_IAM_ROLE=true
	ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST=true
	ECS_LOGFILE=/log/ecs-agent.log
	ECS_AVAILABLE_LOGGING_DRIVERS=["json-file","awslogs"]
	ECS_LOGLEVEL=debug
	ECS_CLUSTER=$ECS_CLUSTER_NAME
	ECS_ENABLE_AWSLOGS_EXECUTIONROLE_OVERRIDE=true
	EOF

	systemctl start docker
	systemctl enable docker

	cat << EOF > /etc/systemd/system/[email protected]
	[Unit]
	Description=Docker Container %I
	Requires=docker.service
	After=cloud-final.service

	[Service]
	Restart=always
	ExecStartPre=-/usr/bin/docker rm -f %i
	ExecStart=/usr/bin/docker run --name %i \
	--privileged \
	--restart=on-failure:10 \
	--volume=/var/run:/var/run \
	--volume=/var/log/ecs/:/log:Z \
	--volume=/var/lib/ecs/data:/data:Z \
	--volume=/etc/ecs:/etc/ecs \
	--volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
	--net=host \
	--env-file=/etc/ecs/ecs.config \
	amazon/amazon-ecs-agent:latest
	ExecStop=/usr/bin/docker stop %i

	[Install]
	WantedBy=default.target
	EOF

	systemctl enable docker-container\@ecs-agent.service
	systemctl start docker-container\@ecs-agent.service