Merge pull request #2 from brainstorm/refresh

Refresh the distribution(s) and docker galaxy dependency

.gitignore

@@ -3,3 +3,4 @@
 tests/roles
 ansible.cfg
 *.sw?
+*.log

.travis.yml

@@ -1,18 +1,18 @@
 ---
-dist: trusty
 sudo: required
 language: python
-python: "2.7"
+python: "3.6"
 
 # Install ansible
 addons:
   apt:
     packages:
-    - python-pip
+      - python-pip
+      - python3-pip
 
 install:
   # Install ansible
-  - pip install ansible>=2.2 
+  - pip3 install ansible>=2.2
 
   # Check ansible version
   - ansible --version
@@ -25,8 +25,8 @@ install:
 
 script:
   # Basic role syntax check
-  - ansible-playbook -i hosts --syntax-check docker.yml
-  - ansible-playbook -i hosts --connection=local --sudo -vvvv docker.yml
+  - ansible-playbook -i hosts --syntax-check site.yml
+  - ansible-playbook -i hosts --connection=local -vvvv site.yml
 
 # notifications:
   # webhooks: https://galaxy.ansible.com/api/v1/notifications/

README.md

@@ -7,7 +7,7 @@ This Ansible role allows users thereof to install the [AWS ECS Agent](https://gi
 ## Requirements
 
 * Ansible 2.2+
-* Tested on Ubuntu 14.04 and 16.04
+* Tested on Ubuntu 14.04, 16.04 and 18.04
 
 ## Role Variables
 
@@ -24,7 +24,7 @@ Please consult http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-ag
 
 ## Dependencies
 
-* `angstwad.docker_ubuntu` (https://galaxy.ansible.com/angstwad/docker_ubuntu/)
+* [geerlingguy.docker](https://galaxy.ansible.com/geerlingguy/docker/)
 
 ## Example Playbook
 
@@ -36,7 +36,13 @@ Please consult http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-ag
   vars:
     - ubuntu_ecs_agent_cluster_name: TestCluster
   roles:
-    - ubuntu-ecs-agent
+    - ecs-agent
+```
+
+Run it with python3 interpreter in newer distributions like this:
+
+```bash
+ansible-playbook site.yml -i ec2-13-236-6-185.ap-southeast-2.compute.amazonaws.com, -e 'ansible_python_interpreter=/usr/bin/python3'
 ```
 
 ## License

Vagrantfile

@@ -7,11 +7,11 @@ ENV['ANSIBLE_ROLES_PATH'] = "../"
 
 boxes = [
   {
-    :name => "ubuntu-1404",
-    :box => "ubuntu/trusty64",
+    :name => "ubuntu-1804",
+    :box => "ubuntu/bionic64",
     :ip => '10.0.77.12',
-    :cpu => "33",
-    :ram => "256"
+    :cpu => "2",
+    :ram => "4"
   },
 ]
 
@@ -32,7 +32,9 @@ Vagrant.configure("2") do |config|
       vms.vm.provision :ansible do |ansible|
         ansible.playbook = "tests/vagrant.yml"
         ansible.galaxy_role_file = "requirements.yml"
+        ansible.extra_vars = { ansible_python_interpreter: '/usr/bin/python3' }
         ansible.verbose = "vv"
+        ansible.compatibility_mode = "2.0"
       end
     end
   end

defaults/main.yml

@@ -2,11 +2,12 @@
 # defaults file for ubuntu-ecs-agent
 # Based on a subset of options available at http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html
 
+ubuntu_ecs_agent_data_path: /data
 ubuntu_ecs_agent_loglevel: info
 ubuntu_ecs_agent_cluster_name: default
 ubuntu_ecs_agent_enable_iam_role: true
 ubuntu_ecs_agent_enable_task_iam_role_network_host: true
-ubuntu_ecs_agent_reserved_ports: "[22, 2375, 2376, 51678]"
+ubuntu_ecs_agent_reserved_ports: [22, 2375, 2376, 51678]
 ubuntu_ecs_agent_container_stop_timeout: 30s
 ubuntu_ecs_agent_auth_type: ""
 ubuntu_ecs_agent_auth_data: ""

meta/main.yml

@@ -12,6 +12,7 @@ galaxy_info:
     - vivid
     - wily
     - xenial
+    - bionic
 
   galaxy_tags:
     - amazon
@@ -23,4 +24,4 @@ galaxy_info:
     - ubuntu
 
 dependencies:
-  - { role: 'angstwad.docker_ubuntu'}
+  - { role: 'geerlingguy.docker'}

requirements.yml

@@ -1,2 +1,2 @@
-- src: angstwad.docker_ubuntu
-  version: v3.4.0
+- src: geerlingguy.docker
+  version: 2.5.0

docker.yml → site.yml

@@ -1,5 +1,6 @@
 ---
-- hosts: localhost
+- hosts: all 
   remote_user: root
+  become: true
   roles:
     - ansible-ubuntu-ecs-agent

tasks/main.yml

@@ -1,6 +1,21 @@
 ---
 # Based on the instructions at http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-install.html
 
+- name: Make sure python3 pip3 are installed
+  package:
+    name: "{{ item }}"
+    state: latest
+  with_items:
+    - python3-pip
+    - python-pip
+
+- name: Make sure vital python packages are installed beforehand
+  pip:
+    name: "{{ item }}"
+    state: latest
+  with_items:
+      - docker
+
 - name: Set route_localnet
   sysctl:
     name: net.ipv4.conf.all.route_localnet
@@ -37,6 +52,28 @@
     group=root
     mode=0644
 
+# Uncomment this if you want to operate the docker container via systemd as advised by:
+# https://docs.aws.amazon.com/AmazonECS/latest/developerguide/example_user_data_scripts.html
+#
+# - name: create systemd docker service for ecs-agent
+#   template:
+#     [email protected]
+#     dest=/etc/systemd/system/[email protected]
+#     owner=root
+#     group=root
+#     mode=0644
+#
+# - name: enable ecs-agent systemd service
+#   systemd:
+#     name: docker-container@ecs-agent
+#     enabled: yes
+
+# https://docs.aws.amazon.com/batch/latest/userguide/create-batch-ami.html
+- name: Remove the persistent data checkpoint file from ecs-agent
+  file:
+    state: absent
+    path: "/var/lib/ecs/data/ecs_agent_data.json"
+
 - name: Configure and run the ecs-agent container
   docker_container:
     name: ecs-agent
@@ -50,12 +87,4 @@
       - /var/log/ecs/:/log
       - /var/lib/ecs/data:/data
     env_file: /etc/default/ecs
-    env:
-      ECS_LOGFILE: /log/ecs-agent.log
-      ECS_LOGLEVEL: "{{ ubuntu_ecs_agent_loglevel }}"
-      ECS_DATADIR: /data
-      ECS_CLUSTER: "{{ ubuntu_ecs_agent_cluster_name }}"
-      ECS_ENABLE_TASK_IAM_ROLE: "{{ ubuntu_ecs_agent_enable_iam_role }}"
-      ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST: "{{ ubuntu_ecs_agent_enable_task_iam_role_network_host }}"
-      ECS_RESERVED_PORTS: "{{ ubuntu_ecs_agent_reserved_ports }}"
-      ECS_CONTAINER_STOP_TIMEOUT: "{{ ubuntu_ecs_agent_container_stop_timeout }}"
+    privileged: yes # otherwise we get: [WARN] Disabling TaskCPUMemLimit because agent /sys/fs/cgroup/systemd/ecs: read-only file system

templates/docker-container@ecs-agent.service.j2

@@ -0,0 +1,21 @@
+[Unit]
+Description=Docker Container %I
+Requires=docker.service
+After=docker.service
+
+[Service]
+Restart=always
+ExecStartPre=-/usr/bin/docker rm -f %i 
+ExecStart=/usr/bin/docker run --name %i \
+--restart=on-failure:10 \
+--volume=/var/run:/var/run \
+--volume=/var/log/ecs/:/log \
+--volume=/var/lib/ecs/data:/data \
+--volume=/etc/ecs:/etc/ecs \
+--net=host \
+--env-file=/etc/ecs/ecs.config \
+amazon/amazon-ecs-agent:latest
+ExecStop=/usr/bin/docker stop %i
+
+[Install]
+WantedBy=default.target

templates/ecs.j2

@@ -1,2 +1,11 @@
+ECS_LOGFILE=/log/ecs-agent.log
+ECS_AVAILABLE_LOGGING_DRIVERS=["json-file","awslogs"]
+ECS_DATADIR="{{ ubuntu_ecs_agent_data_path }}"
+ECS_LOGLEVEL="{{ ubuntu_ecs_agent_loglevel }}"
+ECS_CLUSTER="{{ ubuntu_ecs_agent_cluster_name }}"
+ECS_ENABLE_TASK_IAM_ROLE="{{ ubuntu_ecs_agent_enable_iam_role }}"
+ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST="{{ ubuntu_ecs_agent_enable_task_iam_role_network_host }}"
+ECS_RESERVED_PORTS={{ ubuntu_ecs_agent_reserved_ports }}
+ECS_CONTAINER_STOP_TIMEOUT="{{ ubuntu_ecs_agent_container_stop_timeout }}"
 ECS_ENGINE_AUTH_TYPE={{ ubuntu_ecs_agent_auth_type }}
 ECS_ENGINE_AUTH_DATA={{ ubuntu_ecs_agent_auth_data }}