ofiliz · April 24, 2018 09:55
diff --git a/ecs-agent.service b/ecs-agent.service
 # Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the
 # "License"). You may not use this file except in compliance
 # with the License. A copy of the License is located at
 #
 #     http://aws.amazon.com/apache2.0/
 #
 # or in the "license" file accompanying this file. This file is
 # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 # CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and
 # limitations under the License.
 #
 # A systemd unit file to run `ecs-agent` in a Docker container. This service
 # attempts to duplicate the functionality of the `ecs-init` Golang package. The
 # notable differences currently are:
 # 1. The unit file does an unconditional pull of the latest ECS Agent from
 # Docker Hub at startup.
 # 2. The unit file does not currently handle the Agent's self-upgrade
 # functionality.

 [Unit]
 Description=Amazon ECS Agent
 Documentation=http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_agent.html
 Requires=docker.service
 After=docker.service

 [Install]
 WantedBy=multi-user.target

 [Service]
 Environment=AGENT_TAG=caldev
 Type=simple
 # Load an updated agent, if it exists:
 # ExecStartPre=-/bin/sh -c 'test -f /var/cache/ecs/desired-image && docker load $(cat /var/cache/ecs/desired-image) && rm -f $(cat /var/cache/ecs/desired-image) /var/cache/ecs/desired-image'
 # If we don't have an agent, load from disk, if possible, or Docker Hub:
 # ExecStartPre=/bin/sh -c "docker inspect amazon/amazon-ecs-agent || docker load < /var/cache/ecs/ecs-agent.tar || docker pull amazon/amazon-ecs-agent:${AGENT_TAG}"
 ExecStartPre=/sbin/iptables -t nat -A PREROUTING -d 169.254.170.2/32 \
 -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:51679
 ExecStartPre=/sbin/iptables -t nat -A OUTPUT -d 169.254.170.2/32 \
 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679
 ExecStartPre=/sbin/sysctl -w net.ipv4.conf.all.route_localnet=1
 ExecStartPre=-/usr/bin/docker rm ecs-agent
 ExecStartPre=-/bin/mkdir -p /var/lib/ecs/dhclient
 ExecStart=/usr/bin/docker run --name ecs-agent \
  --init \
  --restart=on-failure:10 \
  --volume=/var/run:/var/run \
  --volume=/var/log/ecs/:/log \
  --volume=/var/lib/ecs/data:/data \
  --volume=/etc/ecs:/etc/ecs \
  --volume=/sbin:/sbin \
  --volume=/lib:/lib \
  --volume=/lib64:/lib64 \
  --volume=/usr/lib:/usr/lib \
  --volume=/proc:/host/proc \
  --volume=/sys/fs/cgroup:/sys/fs/cgroup \
  --volume=/var/lib/ecs/dhclient:/var/lib/dhclient \
  --net=host \
  --env ECS_LOGFILE=/log/ecs-agent.log \
  --env ECS_DATADIR=/data \
  --env ECS_UPDATES_ENABLED=false \
  --env ECS_AVAILABLE_LOGGING_DRIVERS='["json-file","syslog","awslogs"]' \
  --env ECS_ENABLE_TASK_IAM_ROLE=true \
  --env ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST=true \
  --env ECS_UPDATES_ENABLED=true \
  --env ECS_ENABLE_TASK_ENI=true \
  --env-file=/etc/ecs/ecs.config \
  --cap-add=sys_admin \
  --cap-add=net_admin \
  601908061737.dkr.ecr.us-west-2.amazonaws.com/amazon-ecs-agent:${AGENT_TAG}
 ExecStop=/usr/bin/docker stop ecs-agent
 ExecStopPost=-/sbin/iptables -t nat -D PREROUTING -d 169.254.170.2/32 \
 -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:51679
 ExecStopPost=-/sbin/iptables -t nat -D OUTPUT -d 169.254.170.2/32 \
 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679
 ExecStopPost=/bin/sh -c \
 "/sbin/sysctl -w net.ipv4.conf.all.route_localnet=$(/sbin/sysctl -q -n net.ipv4.conf.default.route_localnet)"
 Restart=on-failure
 RestartPreventExitStatus=5
	# Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
	#
	# Licensed under the Apache License, Version 2.0 (the
	# "License"). You may not use this file except in compliance
	# with the License. A copy of the License is located at
	#
	# http://aws.amazon.com/apache2.0/
	#
	# or in the "license" file accompanying this file. This file is
	# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
	# CONDITIONS OF ANY KIND, either express or implied. See the
	# License for the specific language governing permissions and
	# limitations under the License.
	#
	# A systemd unit file to run `ecs-agent` in a Docker container. This service
	# attempts to duplicate the functionality of the `ecs-init` Golang package. The
	# notable differences currently are:
	# 1. The unit file does an unconditional pull of the latest ECS Agent from
	# Docker Hub at startup.
	# 2. The unit file does not currently handle the Agent's self-upgrade
	# functionality.

	[Unit]
	Description=Amazon ECS Agent
	Documentation=http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_agent.html
	Requires=docker.service
	After=docker.service

	[Install]
	WantedBy=multi-user.target

	[Service]
	Environment=AGENT_TAG=caldev
	Type=simple
	# Load an updated agent, if it exists:
	# ExecStartPre=-/bin/sh -c 'test -f /var/cache/ecs/desired-image && docker load $(cat /var/cache/ecs/desired-image) && rm -f $(cat /var/cache/ecs/desired-image) /var/cache/ecs/desired-image'
	# If we don't have an agent, load from disk, if possible, or Docker Hub:
	# ExecStartPre=/bin/sh -c "docker inspect amazon/amazon-ecs-agent \|\| docker load < /var/cache/ecs/ecs-agent.tar \|\| docker pull amazon/amazon-ecs-agent:${AGENT_TAG}"
	ExecStartPre=/sbin/iptables -t nat -A PREROUTING -d 169.254.170.2/32 \
	-p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:51679
	ExecStartPre=/sbin/iptables -t nat -A OUTPUT -d 169.254.170.2/32 \
	-p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679
	ExecStartPre=/sbin/sysctl -w net.ipv4.conf.all.route_localnet=1
	ExecStartPre=-/usr/bin/docker rm ecs-agent
	ExecStartPre=-/bin/mkdir -p /var/lib/ecs/dhclient
	ExecStart=/usr/bin/docker run --name ecs-agent \
	--init \
	--restart=on-failure:10 \
	--volume=/var/run:/var/run \
	--volume=/var/log/ecs/:/log \
	--volume=/var/lib/ecs/data:/data \
	--volume=/etc/ecs:/etc/ecs \
	--volume=/sbin:/sbin \
	--volume=/lib:/lib \
	--volume=/lib64:/lib64 \
	--volume=/usr/lib:/usr/lib \
	--volume=/proc:/host/proc \
	--volume=/sys/fs/cgroup:/sys/fs/cgroup \
	--volume=/var/lib/ecs/dhclient:/var/lib/dhclient \
	--net=host \
	--env ECS_LOGFILE=/log/ecs-agent.log \
	--env ECS_DATADIR=/data \
	--env ECS_UPDATES_ENABLED=false \
	--env ECS_AVAILABLE_LOGGING_DRIVERS='["json-file","syslog","awslogs"]' \
	--env ECS_ENABLE_TASK_IAM_ROLE=true \
	--env ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST=true \
	--env ECS_UPDATES_ENABLED=true \
	--env ECS_ENABLE_TASK_ENI=true \
	--env-file=/etc/ecs/ecs.config \
	--cap-add=sys_admin \
	--cap-add=net_admin \
	601908061737.dkr.ecr.us-west-2.amazonaws.com/amazon-ecs-agent:${AGENT_TAG}
	ExecStop=/usr/bin/docker stop ecs-agent
	ExecStopPost=-/sbin/iptables -t nat -D PREROUTING -d 169.254.170.2/32 \
	-p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:51679
	ExecStopPost=-/sbin/iptables -t nat -D OUTPUT -d 169.254.170.2/32 \
	-p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679
	ExecStopPost=/bin/sh -c \
	"/sbin/sysctl -w net.ipv4.conf.all.route_localnet=$(/sbin/sysctl -q -n net.ipv4.conf.default.route_localnet)"
	Restart=on-failure
	RestartPreventExitStatus=5
No results found