Cloudlift is built by Simpl developers to make it easier to launch dockerized services in AWS ECS.
Cloudlift is a command-line tool for dockerized services to be deployed in AWS ECS. It's very simple to use. That's possible because this is heavily opinionated. Under the hood, it is a wrapper to AWS cloudformation templates. On creating/udpating a service or a cluster this creates/updates a cloudformation in AWS.
- pip
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py | python get-pip.pygit clone [email protected]:GetSimpl/cloudlift.git
cd cloudlift
./install-cloudlift.shaws configureEnter the AWS Access Key ID, AWS Secret Access Key. You can find instructions here on how to get Access Key ID and Secret Access Key here at http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
If you are using AWS profiles, set the desired profile name in the environment before invoking Cloudlift.
AWS_DEFAULT_PROFILE=<profile name> cloudlift <command>OR
export AWS_DEFAULT_PROFILE=<profile name>
cloudlift <command>
cloudlift <command>Create a new environment for services to be deployed. Cloudlift creates a new VPC for the given CIDR and sets up the required networking infrastructure for services to run in ECS.
cloudlift create_environment -e <environment-name>This starts a prompt for required details to create an environment, which includes -
- AWS region for the environment
- VPC CIDR
- NAT Elastic IP allocation ID
- 2 Public Subnet CIDRs
- 2 Private Subnet CIDRs
- Minimum instances for cluster
- Maximum instances for cluster
- SSH key name
- SNS ARN for notifications
- AWS ACM ARN for SSL certificate
Once the configuration is saved, this is opened in the default VISUAL editor.
Here configurations can be changed if required.
cloudlift update_environment -e <environment-name>This opens the environment configuration in the VISUAL editor. Update this to
make changes to the environment.
During create_service and deployment cloudlift pulls the config from AWS
Parameter Store to apply it on the task definition. Configurations are stored in
path with the convention /<environment>/<service>/<key>
cloudlift edit_config -e <environment-name>NOTE: This is not required for every deployment. It's required only when config needs to be changed.
In the repository for the application, run -
cloudlift create_service -e <environment-name>This opens the VISUAL editor with default config similar to -
{
"services": {
"Test123": {
"command": null,
"http_interface": {
"container_port": 80,
"internal": false,
"restrict_access_to": [
"0.0.0.0/0"
]
},
"memory_reservation": 100
}
}
}Definitions -
services: Map of all ECS services with configuration for current application
command: Override command in Dockerfile
http_interface: Configuration for HTTP interface if required, do not include
this if the services does not require a HTTP interface
container_port: Port in which the process is exposed inside container
internal: Scheme of loadbalancer. If internal, the loadbalancer is accessible
only within the VPC
restrict_access_to: List of CIDR to which HTTP interface is restricted to.
memory_reservation: Memory size reserved for each task in MBs. This is a soft
limit, i.e. at least this much memory will be available, and upto whatever
memory is free in running container instance. Minimum: 10 MB, Maximum: 8000 MB
cloudlift deploy_service -e <environment-name>You can start a shell on a container instance which is running a task for given
application using the start_session command. One pre-requisite for this is
installing the session manager plugin for awscli. To install session manager
plugin follow the guide
cloudlift start_session -e <environment-name>MFA code can be passed as parameter --mfa or you will be prompted to enter
the MFA code.
First level of tests have been added to assert cloudformation template generated vs expected one.
py.test test/deployment/To run high level integration tests
pytest -s test/test_cloudlift.pyThis tests expects to have an access to AWS console. Since there's no extensive test coverage, it's better to manually test the impacted areas whenever there's a code change.