ECS on EC2
Prerequisites
Review the Installation Requirements.
Installation
To install the Sysdig agent on ECS:
Create an ECS task definition for the Sysdig agent.
Use the values listed in Prerequisites to customize the example task definition given below. Save the file with the name
sysdig-agent-ecs.json.Register the task definition in your AWS account:
aws ecs register-task-definition \ --cli-input-json file://sysdig-agent-ecs.jsonUsing the ECS task definition you have created, create a service in the cluster that you want to monitor with Sysdig.
You can use the example task definition given below.
Run the agent as an ECS Service.
aws ecs create-service \ --cluster $CLUSTER_NAME \ --service-name sysdig-agent-svc \ --launch-type EC2 \ --task-definition sysdig-agent-ecs \ --scheduling-strategy DAEMONUse this service to run the Sysdig agent on each nodes of your ECS cluster.
If you are using ECS Anywhere, change the launch type to
EXTERNALwhen the service is created.With the successful agent installation, Sysdig will begin auto-discovering your containers and other resources of your ECS environment.
Example Task Definition
Save this JSON snippet as sysdig-agent-ecs.json. You can customize and use it as the task definition for installing the agent.
Note that both memory and CPU have been set to 1024, but depending on the size of your cluster, you might want to tune the values.
{
"family": "sysdig-agent-ecs",
"containerDefinitions": [
{
"name": "sysdig-agent",
"image": "quay.io/sysdig/agent-slim",
"cpu": 1024,
"memory": 1024,
"privileged": true,
"environment": [
{
"name": "ACCESS_KEY",
"value": "$ACCESS_KEY"
},
{
"name": "COLLECTOR",
"value": "$COLLECTOR"
},
{
"name": "TAGS",
"value": "$TAG1,TAG2"
}
],
"mountPoints": [
{
"readOnly": true,
"containerPath": "/host/boot",
"sourceVolume": "boot"
},
{
"containerPath": "/host/dev",
"sourceVolume": "dev"
},
{
"readOnly": true,
"containerPath": "/host/lib/modules",
"sourceVolume": "modules"
},
{
"readOnly": true,
"containerPath": "/host/proc",
"sourceVolume": "proc"
},
{
"containerPath": "/host/var/run/docker.sock",
"sourceVolume": "sock"
},
{
"readOnly": true,
"containerPath": "/host/usr",
"sourceVolume": "usr"
}
],
"dependsOn": [
{
"containerName": "sysdig-agent-kmodule",
"condition": "SUCCESS"
}
]
},
{
"name": "sysdig-agent-kmodule",
"image": "quay.io/sysdig/agent-kmodule",
"memory": 512,
"privileged": true,
"essential": false,
"mountPoints": [
{
"readOnly": true,
"containerPath": "/host/boot",
"sourceVolume": "boot"
},
{
"containerPath": "/host/dev",
"sourceVolume": "dev"
},
{
"readOnly": true,
"containerPath": "/host/lib/modules",
"sourceVolume": "modules"
},
{
"readOnly": true,
"containerPath": "/host/proc",
"sourceVolume": "proc"
},
{
"containerPath": "/host/var/run/docker.sock",
"sourceVolume": "sock"
},
{
"readOnly": true,
"containerPath": "/host/usr",
"sourceVolume": "usr"
}
]
}
],
"pidMode": "host",
"networkMode": "host",
"volumes": [
{
"name": "sock",
"host": {
"sourcePath": "/var/run/docker.sock"
}
},
{
"name": "dev",
"host": {
"sourcePath": "/dev/"
}
},
{
"name": "proc",
"host": {
"sourcePath": "/proc/"
}
},
{
"name": "boot",
"host": {
"sourcePath": "/boot/"
}
},
{
"name": "modules",
"host": {
"sourcePath": "/lib/modules/"
}
},
{
"name": "usr",
"host": {
"sourcePath": "/usr/"
}
}
],
"requiresCompatibilities": [
"EC2"
]
}
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.