Let's encrypt docker nginx on AWS ECS

I am trying to get an HTTPS certificate on a docker-based app running on AWS ECS (elastic container service). However, when finally trying to deploy the docker instances to ECS, I run into an undefined problem.

INFO[0120] (service deploy) has started 1 tasks: (task f..........6).  timestamp=2018-03-21 14:52:17 +0000 UTC
FATA[0301] Deployment has not completed: Running count has not changed for 5.00 minutes

My set-up is based on https://github.com/evertramos/docker-compose-letsencrypt-nginx-proxy-companion who leverages https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion

Unfortunately, neither gives a clear example for AWS ECS. What I added is the environment variable DOCKER_PROVIDER=ecs in the environment variables for the let's encrypt container. After creating my docker containers and uploading them to ECS, I run a ecs specific docker-compose

ecs-cli compose --file docker-compose_ec.yml service up

which looks like

version: '2'

services:
  nginx-web:
    image: 12344.dkr.ecr.eu-central-1.amazonaws.com/abc_nginx
    labels:
        com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: 
"true"
    container_name: ${NGINX_WEB}
    restart: always
    ports:
      - "$0.0.0.0:80:80"
      - "$0.0.0.0:443:443"
    volumes:
      - ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:ro
      - ${NGINX_FILES_PATH}/htpasswd:/etc/nginx/htpasswd:ro
    logging:
      options:
        max-size: 4m
        max-file: 10
  nginx-gen:
    image: 12344.dkr.ecr.eu-central-1.amazonaws.com/abc_gen
    command: -notify-sighup ${NGINX_WEB} -watch -wait 5s:30s 
/etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
   container_name: abc_gen
    restart: always
    volumes:
      - ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:ro
      - ${NGINX_FILES_PATH}/htpasswd:/etc/nginx/htpasswd:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
    logging:
      options:
        max-size: 2m
        max-file: 10

  nginx-letsencrypt:
    image: 12344.dkr.ecr.eu-central-1.amazonaws.com/abc_le
    container_name: abc_le
    restart: always
    volumes:
      - ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      NGINX_DOCKER_GEN_CONTAINER: abc_gen
      NGINX_PROXY_CONTAINER: abc_nginx
      DOCKER_PROVIDER: ecs
    logging:
      options:
        max-size: 2m
        max-file: 10
  api:
    image: 12344.dkr.ecr.eu-central-1.amazonaws.com/abc_api
    cpu_shares: 50
    mem_limit: 262144000
    ports:
      - '5005:5005' 
  web:
    image: 12344.dkr.ecr.eu-central-1.amazonaws.com/abc_web
    cpu_shares: 100
    mem_limit: 262144000
    links:
      - api
    environment:
      - API_URL=http://api:5005
      - VIRTUAL_HOST=example.com
      - VIRTUAL_PORT=5000
      - LETSENCRYPT_HOST=example.com
      - [email protected]

networks:
   default:
      external:
        name: ${NETWORK}

The web app runs on port 5000. I have no problems running the web app and api with the let's encrypt.

Any ideas how to make this work with AWS ECS?

Recommended topics

Hot tags