TaskDefinition is the Schema for the TaskDefinitions API
Type
CRD
Group
ecs.aws.crossplane.io
Version
v1alpha1
apiVersion: ecs.aws.crossplane.io/v1alpha1
kind: TaskDefinition
TaskDefinitionSpec defines the desired state of TaskDefinition
TaskDefinitionParameters defines the desired state of TaskDefinition
A list of container definitions in JSON format that describe the different containers that make up your task.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see Custom log routing (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the Amazon Elastic Container Service Developer Guide.
An object representing a container health check. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image (such as those specified in a parent image or from the image's Dockerfile). This configuration maps to the HEALTHCHECK parameter of docker run (https://docs.docker.com/engine/reference/run/).
The Amazon ECS container agent only monitors and reports on the health checks specified in the task definition. Amazon ECS does not monitor Docker health checks that are embedded in a container image and not specified in the container definition. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image.
You can view the health status of both individual containers and a task with the DescribeTasks API operation or when viewing the task details in the console.
The health check is designed to make sure that your containers survive agent restarts, upgrades, or temporary unavailability.
The following describes the possible healthStatus values for a container:
HEALTHY-The container health check has passed successfully.
UNHEALTHY-The container health check has failed.
UNKNOWN-The container health check is being evaluated or there's no container health check defined.
The following describes the possible healthStatus values for a task. The container health check status of non-essential containers don't have an effect on the health status of a task.
HEALTHY-All essential containers within the task have passed their health checks.
UNHEALTHY-One or more essential containers have failed their health check.
UNKNOWN-The essential containers within the task are still having their health checks evaluated, there are only nonessential containers with health checks defined, or there are no container health checks defined.
If a task is run manually, and not as part of a service, the task will continue its lifecycle regardless of its health status. For tasks that are part of a service, if the task reports as unhealthy then the task will be stopped and the service scheduler will replace it.
The following are notes about container health check support:
When the Amazon ECS agent cannot connect to the Amazon ECS service, the service reports the container as UNHEALTHY.
The health check statuses are the "last heard from" response from the Amazon ECS agent. There are no assumptions made about the status of the container health checks.
Container health checks require version 1.17.0 or greater of the Amazon ECS container agent. For more information, see Updating the Amazon ECS container agent (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html).
Container health checks are supported for Fargate tasks if you're using platform version 1.1.0 or greater. For more information, see Fargate platform versions (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).
Container health checks aren't supported for tasks that are part of a service that's configured to use a Classic Load Balancer.
No description provided.
No description provided.
The Linux-specific options that are applied to the container, such as Linux KernelCapabilities (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html).
The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For more information about the default capabilities and the non-default available capabilities, see Runtime privilege and Linux capabilities (https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) in the Docker run reference. For more detailed information about these Linux capabilities, see the capabilities(7) (http://man7.org/linux/man-pages/man7/capabilities.7.html) Linux manual page.
No description provided.
No description provided.
The log configuration for the container. This parameter maps to LogConfig in the Create a container (https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.35/) and the --log-driver option to docker run (https://docs.docker.com/engine/reference/commandline/run/).
By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. For more information about the options for different supported log drivers, see Configure logging drivers (https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.
Understand the following when specifying a log configuration for your containers.
Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent. For tasks on Fargate, the supported log drivers are awslogs, splunk, and awsfirelens. For tasks hosted on Amazon EC2 instances, the supported log drivers are awslogs, fluentd, gelf, json-file, journald, logentries,syslog, splunk, and awsfirelens.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the Amazon Elastic Container Service Developer Guide.
For tasks that are on Fargate, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.
No description provided.
No description provided.
The repository credentials for private registry authentication.
No description provided.
The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on Fargate. For more information, see Fargate task storage (https://docs.aws.amazon.com/AmazonECS/latest/userguide/using_data_volumes.html) in the Amazon ECS User Guide for Fargate.
For tasks using the Fargate launch type, the task requires the following platforms:
Linux platform version 1.4.0 or later.
Windows platform version 1.0.0 or later.
A Reference to a named object.
Policies for referencing.
A Selector selects an object.
Policies for selection.
The Elastic Inference accelerators to use for the containers in the task.
An array of placement constraint objects to use for the task. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.
The configuration details for the App Mesh proxy.
For tasks hosted on Amazon EC2 instances, the container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the ecs-init package to use a proxy configuration. If your container instances are launched from the Amazon ECS-optimized AMI version 20190301 or later, then they contain the required versions of the container agent and ecs-init. For more information, see Amazon ECS-optimized AMI versions (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-ami-versions.html) in the Amazon Elastic Container Service Developer Guide.
The task launch type that Amazon ECS validates the task definition against. A client exception is returned if the task definition doesn't validate against the compatibilities specified. If no value is specified, the parameter is omitted from the response.
The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.
When you specify a task definition in a service, this value must match the runtimePlatform value of the service.
The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.
The following basic restrictions apply to tags:
Maximum number of tags per resource - 50
For each resource, each tag key must be unique, and each tag key can have only one value.
Maximum key length - 128 Unicode characters in UTF-8
Maximum value length - 256 Unicode characters in UTF-8
If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.
Tag keys and values are case-sensitive.
Do not use aws:, AWS:, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for Amazon Web Services use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.
A Reference to a named object.
Policies for referencing.
A Selector selects an object.
Policies for selection.
No description provided.
This parameter is specified when you are using Docker volumes. Docker volumes are only supported when you are using the EC2 launch type. Windows containers only support the use of the local driver. To use bind mounts, specify a host instead.
This parameter is specified when you are using an Amazon Elastic File System file system for task storage. For more information, see Amazon EFS Volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html) in the Amazon Elastic Container Service Developer Guide.
The authorization configuration details for the Amazon EFS file system.
A Reference to a named object.
Policies for referencing.
A Selector selects an object.
Policies for selection.
A Reference to a named object.
Policies for referencing.
A Selector selects an object.
Policies for selection.
This parameter is specified when you are using Amazon FSx for Windows File Server (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what-is.html) file system for task storage.
For more information and the input format, see Amazon FSx for Windows File Server Volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html) in the Amazon Elastic Container Service Developer Guide.
The authorization configuration details for Amazon FSx for Windows File Server file system. See FSxWindowsFileServerVolumeConfiguration (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_FSxWindowsFileServerVolumeConfiguration.html) in the Amazon ECS API Reference.
For more information and the input format, see Amazon FSx for Windows File Server Volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html) in the Amazon Elastic Container Service Developer Guide.
Details on a container instance bind mount host volume.
THIS IS A BETA FIELD. It is on by default but can be opted out through a Crossplane feature flag. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
TaskDefinitionStatus defines the observed state of TaskDefinition.
TaskDefinitionObservation defines the observed state of TaskDefinition
The full description of the registered task definition.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see Custom log routing (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the Amazon Elastic Container Service Developer Guide.
An object representing a container health check. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image (such as those specified in a parent image or from the image's Dockerfile). This configuration maps to the HEALTHCHECK parameter of docker run (https://docs.docker.com/engine/reference/run/).
The Amazon ECS container agent only monitors and reports on the health checks specified in the task definition. Amazon ECS does not monitor Docker health checks that are embedded in a container image and not specified in the container definition. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image.
You can view the health status of both individual containers and a task with the DescribeTasks API operation or when viewing the task details in the console.
The health check is designed to make sure that your containers survive agent restarts, upgrades, or temporary unavailability.
The following describes the possible healthStatus values for a container:
HEALTHY-The container health check has passed successfully.
UNHEALTHY-The container health check has failed.
UNKNOWN-The container health check is being evaluated or there's no container health check defined.
The following describes the possible healthStatus values for a task. The container health check status of non-essential containers don't have an effect on the health status of a task.
HEALTHY-All essential containers within the task have passed their health checks.
UNHEALTHY-One or more essential containers have failed their health check.
UNKNOWN-The essential containers within the task are still having their health checks evaluated, there are only nonessential containers with health checks defined, or there are no container health checks defined.
If a task is run manually, and not as part of a service, the task will continue its lifecycle regardless of its health status. For tasks that are part of a service, if the task reports as unhealthy then the task will be stopped and the service scheduler will replace it.
The following are notes about container health check support:
When the Amazon ECS agent cannot connect to the Amazon ECS service, the service reports the container as UNHEALTHY.
The health check statuses are the "last heard from" response from the Amazon ECS agent. There are no assumptions made about the status of the container health checks.
Container health checks require version 1.17.0 or greater of the Amazon ECS container agent. For more information, see Updating the Amazon ECS container agent (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html).
Container health checks are supported for Fargate tasks if you're using platform version 1.1.0 or greater. For more information, see Fargate platform versions (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).
Container health checks aren't supported for tasks that are part of a service that's configured to use a Classic Load Balancer.
No description provided.
No description provided.
The Linux-specific options that are applied to the container, such as Linux KernelCapabilities (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html).
The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For more information about the default capabilities and the non-default available capabilities, see Runtime privilege and Linux capabilities (https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) in the Docker run reference. For more detailed information about these Linux capabilities, see the capabilities(7) (http://man7.org/linux/man-pages/man7/capabilities.7.html) Linux manual page.
No description provided.
No description provided.
The log configuration for the container. This parameter maps to LogConfig in the Create a container (https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.35/) and the --log-driver option to docker run (https://docs.docker.com/engine/reference/commandline/run/).
By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. For more information about the options for different supported log drivers, see Configure logging drivers (https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.
Understand the following when specifying a log configuration for your containers.
Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent. For tasks on Fargate, the supported log drivers are awslogs, splunk, and awsfirelens. For tasks hosted on Amazon EC2 instances, the supported log drivers are awslogs, fluentd, gelf, json-file, journald, logentries,syslog, splunk, and awsfirelens.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the Amazon Elastic Container Service Developer Guide.
For tasks that are on Fargate, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.
No description provided.
No description provided.
The repository credentials for private registry authentication.
No description provided.
The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on Fargate. For more information, see Fargate task storage (https://docs.aws.amazon.com/AmazonECS/latest/userguide/using_data_volumes.html) in the Amazon ECS User Guide for Fargate.
For tasks using the Fargate launch type, the task requires the following platforms:
Linux platform version 1.4.0 or later.
Windows platform version 1.0.0 or later.
No description provided.
No description provided.
The configuration details for the App Mesh proxy.
For tasks that use the EC2 launch type, the container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the ecs-init package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version 20190301 or later, then they contain the required versions of the container agent and ecs-init. For more information, see Amazon ECS-optimized Linux AMI (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html)
No description provided.
No description provided.
Information about the platform for the Amazon ECS service or task.
For more information about RuntimePlatform, see RuntimePlatform (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform) in the Amazon Elastic Container Service Developer Guide.
No description provided.
This parameter is specified when you're using Docker volumes. Docker volumes are only supported when you're using the EC2 launch type. Windows containers only support the use of the local driver. To use bind mounts, specify a host instead.
This parameter is specified when you're using an Amazon Elastic File System file system for task storage. For more information, see Amazon EFS volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html) in the Amazon Elastic Container Service Developer Guide.
The authorization configuration details for the Amazon EFS file system.
This parameter is specified when you're using Amazon FSx for Windows File Server (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what-is.html) file system for task storage.
For more information and the input format, see Amazon FSx for Windows File Server volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html) in the Amazon Elastic Container Service Developer Guide.
The authorization configuration details for Amazon FSx for Windows File Server file system. See FSxWindowsFileServerVolumeConfiguration (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_FSxWindowsFileServerVolumeConfiguration.html) in the Amazon ECS API Reference.
For more information and the input format, see Amazon FSx for Windows File Server Volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html) in the Amazon Elastic Container Service Developer Guide.
Details on a container instance bind mount host volume.
Conditions of the resource.
example-with-volume
apiVersion: ecs.aws.crossplane.io/v1alpha1
kind: TaskDefinition
metadata:
name: example-with-volume
spec:
forProvider:
containerDefinitions:
- cpu: 0
image: bitnami/wordpress
mountPoints:
- containerPath: /bitnami/wordpress
sourceVolume: wordpress
name: wordpress
portMappings:
- containerPort: 8080
hostPort: 8080
protocol: tcp
cpu: "256"
family: example-taskdefinition-with-volume
memory: "512"
networkMode: awsvpc
region: us-east-1
requiresCompatibilities:
- FARGATE
tags:
- key: Type
value: example
volumes:
- efsVolumeConfiguration:
authorizationConfig:
accessPointIDRef:
name: example
iam: DISABLED
fileSystemIDRef:
name: example
rootDirectory: /
transitEncryption: ENABLED
name: wordpress
providerConfigRef:
name: example
example
apiVersion: ecs.aws.crossplane.io/v1alpha1
kind: TaskDefinition
metadata:
name: example
spec:
forProvider:
containerDefinitions:
- cpu: 0
image: bitnami/wordpress
name: wordpress
portMappings:
- containerPort: 8080
hostPort: 8080
protocol: tcp
cpu: "256"
family: example-taskdefinition
memory: "512"
networkMode: awsvpc
region: us-east-1
requiresCompatibilities:
- FARGATE
tags:
- key: Type
value: example
providerConfigRef:
name: example
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.