Detailed Instructions

3.1 Create secrets for the new version of the cats task

In this step, you will use EC2 Systems Manager Parameter Store to create a secure string for use with the new version of the cats container.

  1. In the AWS Console, ensure you have the correct region selected. The instructor will tell you which region to use.

  2. In the Management & Governance section click Systems Manager.

  3. At the bottom left of the page, click Parameter Store.

  4. If you see the introductory page, click Create Parameter.

  5. In Name enter UnicornLocation.

  6. In Description enter Location of Unicorns for catsndogs ECS lab.

  7. For Tier choose Standard.

  8. For KMS key source choose My current account.

  9. In Type select Secure String.

  10. In KMS Key ID, select alias/keyForUnicorns.

  11. In Value, enter catsndogs-assets.s3.amazonaws.com.

  12. Under Tags - Optional, click Add tag.

  13. For Tag Key enter Classification.

  14. For Tag Value enter Mythical.

Click Create parameter.

The tag information will be used to restrict access to the UnicornLocation parameter, more information can be found here:

http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-access.html

3.2 Deploy a new version of the cats task

In this step you will deploy the new version of the cats container, and pass in parameters so it can read the Parameter Store secure string you created.

  1. In the AWS Console, ensure you have the correct region selected. The instructor will tell you which region to use.

  2. In the Compute section click ECS.

  3. Click Task Definitions.

  4. Select the cats task and click Create new revision.

  5. In Task Role, select the task role starting with catsndogssetup-catsContainerTaskRole.

  6. Under Container Definitions, click the cats container name. This opens the container configuration window.

  7. In Image, edit the container registry tag. Remove “:v1” and replace it with “:v2”.

  8. Under ENVIRONMENT add two new Env Variables. The updated code in the new cats container will read these variables when starting.

    key data
    SECRET_PATH ValueFrom: UnicornLocation for example arn:aws:ssm:us-west-2:12345567891011:parameter/UnicornLocation
    REGION Value: your region identifier, for example us-east-2
    Key: Tag Value: v2
  9. Click Update.

  10. Click Create.

  11. Note the revision number of the cats service that you just created. This will likely be cats:2 but may vary if you have done this lab before.

  12. Click Clusters and then click catsndogsECScluster.

  13. Select the cats service and click Update.

  14. In Task Definition select the revision of the cats task that you noted in the earlier step.

    1. In Minimum healthy percent enter 50.

    2. In Maximum healthy percent enter 100.

    Note: The update to the cats Service will replace the containers that make up the service. ECS offers you control over how the replacement process works. Because the cats containers are serving production traffic, you should not stop all the containers before starting new ones. By specifying a Minimum health percent of 50 and a Maximum healthy percent of 100, ECS will terminate up to 50 percent of the active cats containers, then start new containers. Once the new containers are healthy, ECS will terminate the remaining 50 percent of and replace those.

    This way, the cats service does not exceed its current footprint.

    The default values, a Minimum healthy percent of 100 and Maximum healthy percent of 200, would briefly double the number of cats containers during deployment. That may be acceptable in many situations, however our deployment strategy is not to exceed the current container count.

  15. Click Next step until you reach the end of the wizard, then click Update service.

  16. Click View service. The Deployments tab should show the PRIMARY deployment as well as the ACTIVE deployment.

  17. Click the Events tab. Depending on the number of cats tasks that were running at the time you updated the service, ECS will show events terminating groups of cats tasks, and starting groups of the new revision.

  18. Click the Tasks tab. You should see tasks with the Last status of RUNNING and the Task Definition of the revision number you noted in the earlier step.

  19. In the AWS Console, under Compute click EC2.

  20. Click Load Balancers.

  21. Copy the DNS Name of the load balancer with catsndogssetup in the name.

  22. Paste this into a new browser tab. You should see the catsndogs.lol homepage

  23. Click the “I love cats” link.

  24. You should see the cats page change to the “new and improved v2 release” page with a blue background. There is a one in ten chance that the page will load a unicorn image. Shout out loud when you see one!

Extension activity: The new cats pages show the containerID at the bottom of the page. Examine the cats_v2 source code and work out how this information is obtained, and how the v2 cats container obtains the location of the unicorns from Parameter Store.

What’s Next

Running ECS tasks based on time and events