Managing servers from the developers’ side causes difficulties. To avoid such situations AWS offers Fargate, the new compute engine which will manage your ECS cluster depending on your application needs and let you focus on your work without self-managing. But sometimes if there are deeper issues you might need to SSH into the instance.
AWS announced the new Fargate feature where you can SSH into an AWS ECS Fargate-managed container. So in this tutorial, I will show you how.
Prerequisites
- AWS account
- AWS CLI
Establish SSH connection into fargate container
Step 1. Before we can connect to the Fargate container, please make sure that you have installed and configured aws cli
properly.
If not you can find it at: AWS CLI
Step 2. To be able to connect to the Fargate container you will have to check your AWS CLI version.
aws --version
You need to make sure that you have at least version 2.0.0
otherwise you will not be able to connect.
Step 3. If you have a version that is less than 2.0.0
you need to update it with the following command:
curl -Lo ~/.local/aws.zip https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip; unzip ~/.local/aws.zip -d ~/.local/; ~/.local/aws/./install -u -i ~/.local/aws-cli -b ~/.local/bin; rm -rf ~/.local/aws/ ~/.local/aws.zip
Step 4. For the ECS task role
we need to attach a policy that allows the container to open the secure channel session via SSM.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ssmmessages:CreateControlChannel",
"ssmmessages:CreateDataChannel",
"ssmmessages:OpenControlChannel",
"ssmmessages:OpenDataChannel"
],
"Resource": "*"
}
}
Step 5. For the ECS task execution role
attach the existing standard AWS managed policy AmazonECSTaskExecutionRolePolicy
.
Step 6. Now you can SSH into the container using the following command:
aws ecs execute-command --region {name-of-the-region} --cluster {name-of-the-cluster} --task {task number} --container {container-name} --command "/bin/bash" --interactive
After executing the command you will be connected inside the container, and you can make the needed changes.
Conclusion
This tutorial shows you how can you connect your AWS ECS or EKS Fargate container through SSH. For more info visit the AWS documentation. Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.