ecs_service – create, terminate, start or stop a service in ecs

Synopsis

  • Creates or terminates ecs services.

Requirements

The below requirements are needed on the host that executes this module.

  • boto

  • boto3

  • botocore

  • json

  • python >= 2.6

Parameters

Parameter Choices/Defaults Comments
aws_access_key
string
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

aliases: ec2_access_key, access_key
aws_secret_key
string
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

aliases: ec2_secret_key, secret_key
client_token
-
Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
cluster
-
The name of the cluster in which the service exists
debug_botocore_endpoint_logs
boolean
added in 2.8
    Choices:
  • no ←
  • yes
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
delay
-
Default:
10
The time to wait before checking that the service is available
deployment_configuration
-
Optional parameters that control the deployment_configuration; format is '{"maximum_percent":<integer>, "minimum_healthy_percent":<integer>}
desired_count
-
The count of how many instances of the service. This parameter is required when state=present
ec2_url
string
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
force_new_deployment
boolean
added in 2.8
    Choices:
  • no
  • yes
Force deployment of service even if there are no changes
health_check_grace_period_seconds
-
added in 2.8
Seconds to wait before health checking the freshly added/updated services. This option requires botocore >= 1.8.20.
launch_type
-
added in 2.7
    Choices:
  • EC2
  • FARGATE
The launch type on which to run your service
load_balancers
-
The list of ELBs defined for this service
name
- / required
The name of the service
network_configuration
-
network configuration of the service. Only applicable for task definitions created with awsvpc network_mode.
assign_public_ip requires botocore >= 1.8.4
assign_public_ip
boolean
added in 2.7
    Choices:
  • no
  • yes
Whether the task's elastic network interface receives a public IP address. This option requires botocore >= 1.8.4.
security_groups
-
added in 2.6
A list of security group names or group IDs to associate with the task
subnets
-
added in 2.6
A list of subnet IDs to associate with the task
placement_constraints
-
added in 2.4
The placement constraints for the tasks in the service
placement_strategy
-
added in 2.4
The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service
profile
string
Uses a boto profile. Only works with boto >= 2.24.0.
region
string
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See
aliases: aws_region, ec2_region
repeat
-
Default:
10
The number of times to check that the service is available
role
-
The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf. This parameter is only required if you are using a load balancer with your service, in a network mode other than `awsvpc`.
scheduling_strategy
-
added in 2.8
    Choices:
  • DAEMON
  • REPLICA
The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
security_token
string
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

aliases: access_token
service_registries
-
added in 2.8
describes service discovery registries this service will register with.
arn
-
Service discovery registry ARN
container_name
-
container name for service discovery registration
container_port
-
container port for service discovery registration
state
- / required
    Choices:
  • present
  • absent
  • deleting
The desired state of the service
task_definition
-
The task definition the service will run. This parameter is required when state=present
validate_certs
boolean
    Choices:
  • no
  • yes ←
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.

Notes

Note

  • the service role specified must be assumable (i.e. have a trust relationship for the ecs service, ecs.amazonaws.com)

  • for details of the parameters and returns see https://boto3.readthedocs.io/en/latest/reference/services/ecs.html

  • An IAM role must have been previously created

  • If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence AWS_URL or EC2_URL, AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY or EC2_ACCESS_KEY, AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY or EC2_SECRET_KEY, AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN, AWS_REGION or EC2_REGION

  • Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html

  • AWS_REGION or EC2_REGION can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file

Examples

# Note: These examples do not set authentication details, see the AWS Guide for details.

# Basic provisioning example
- ecs_service:
    state: present
    name: console-test-service
    cluster: new_cluster
    task_definition: 'new_cluster-task:1'
    desired_count: 0

- name: create ECS service on VPC network
  ecs_service:
    state: present
    name: console-test-service
    cluster: new_cluster
    task_definition: 'new_cluster-task:1'
    desired_count: 0
    network_configuration:
      subnets:
      - subnet-abcd1234
      security_groups:
      - sg-aaaa1111
      - my_security_group

# Simple example to delete
- ecs_service:
    name: default
    state: absent
    cluster: new_cluster

# With custom deployment configuration (added in version 2.3), placement constraints and strategy (added in version 2.4)
- ecs_service:
    state: present
    name: test-service
    cluster: test-cluster
    task_definition: test-task-definition
    desired_count: 3
    deployment_configuration:
      minimum_healthy_percent: 75
      maximum_percent: 150
    placement_constraints:
      - type: memberOf
        expression: 'attribute:flavor==test'
    placement_strategy:
      - type: binpack
        field: memory

Returned Facts

Facts returned by this module are added/updated in the hostvars host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them.

Fact Returned Description
service
complex
when service existed and was deleted
Details of deleted service in the same structure described above for service creation.



Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
service
complex
when creating a service
Details of created service.

 
clusterArn
string
always
The Amazon Resource Name (ARN) of the of the cluster that hosts the service.

 
deploymentConfiguration
complex
always
dictionary of deploymentConfiguration

   
maximumPercent
integer
always
maximumPercent param

   
minimumHealthyPercent
integer
always
minimumHealthyPercent param

 
deployments
list of complex
always
list of service deployments

 
desiredCount
integer
always
The desired number of instantiations of the task definition to keep running on the service.

 
events
list of complex
always
list of service events

 
loadBalancers
complex
always
A list of load balancer objects

   
containerName
string
always
The name of the container to associate with the load balancer.

   
containerPort
integer
always
The port on the container to associate with the load balancer.

   
loadBalancerName
string
always
the name

 
pendingCount
integer
always
The number of tasks in the cluster that are in the PENDING state.

 
placementConstraints
list of complex
always
List of placement constraints objects

   
expression
string
always
A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance.

   
type
string
always
The type of constraint. Valid values are distinctInstance and memberOf.

 
placementStrategy
list of complex
always
List of placement strategy objects

   
field
string
always
The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY.

   
type
string
always
The type of placement strategy. Valid values are random, spread and binpack.

 
runningCount
integer
always
The number of tasks in the cluster that are in the RUNNING state.

 
serviceArn
string
always
The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .

 
serviceName
string
always
A user-generated string used to identify the service

 
status
string
always
The valid values are ACTIVE, DRAINING, or INACTIVE.

 
taskDefinition
string
always
The ARN of a task definition to use for tasks in the service.



Status

Authors

  • Mark Chance (@Java1Guy)

  • Darek Kaczynski (@kaczynskid)

  • Stephane Maarek (@simplesteph)

  • Zac Blazic (@zacblazic)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.