Documentation ¶
Overview ¶
Package config handles loading configuration data, warning on missing data, and setting sane defaults.
Configuration Sources ¶
Configuration data is loaded from two sources currently: the environment and a json config file.
Environment Variables:
The environment variables from which configuration values are loaded are documented in the README file which can be found at https://github.com/aws/amazon-ecs-agent#environment-variables.
Config file:
The config file will be loaded from the path stored in the environment key ECS_AGENT_CONFIG_FILE_PATH. It must be a JSON file of the format described by the "Config" struct below.
Index ¶
Constants ¶
const ( // http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=docker DockerReservedPort = 2375 DockerReservedSSLPort = 2376 SSHPort = 22 // AgentIntrospectionPort is used to serve the metadata about the agent and to query the tasks being managed by the agent. AgentIntrospectionPort = 51678 // AgentCredentialsPort is used to serve the credentials for tasks. AgentCredentialsPort = 51679 // DefaultClusterName is the name of the default cluster. DefaultClusterName = "default" // DefaultTaskCleanupWaitDuration specifies the default value for task cleanup duration. It is used to // clean up task's containers. DefaultTaskCleanupWaitDuration = 3 * time.Hour // DefaultDockerStopTimeout specifies the value for container stop timeout duration DefaultDockerStopTimeout = 30 * time.Second // DefaultImageCleanupTimeInterval specifies the default value for image cleanup duration. It is used to // remove the images pulled by agent. DefaultImageCleanupTimeInterval = 30 * time.Minute // DefaultNumImagesToDeletePerCycle specifies the default number of images to delete when agent performs // image cleanup. DefaultNumImagesToDeletePerCycle = 5 //DefaultImageDeletionAge specifies the default value for minimum amount of elapsed time after an image // has been pulled before it can be deleted. DefaultImageDeletionAge = 1 * time.Hour )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { // DEPRECATED // ClusterArn is the Name or full ARN of a Cluster to register into. It has // been deprecated (and will eventually be removed) in favor of Cluster ClusterArn string `deprecated:"Please use Cluster instead"` // Cluster can either be the Name or full ARN of a Cluster. This is the // cluster the agent should register this ContainerInstance into. If this // value is not set, it will default to "default" Cluster string `trim:"true"` // APIEndpoint is the endpoint, such as "ecs.us-east-1.amazonaws.com", to // make calls against. If this value is not set, it will default to the // endpoint for your current AWSRegion APIEndpoint string `trim:"true"` // DockerEndpoint is the address the agent will attempt to connect to the // Docker daemon at. This should have the same value as "DOCKER_HOST" // normally would to interact with the daemon. It defaults to // unix:///var/run/docker.sock DockerEndpoint string // AWSRegion is the region to run in (such as "us-east-1"). This value will // be inferred from the EC2 metadata service, but if it cannot be found this // will be fatal. AWSRegion string `missing:"fatal" trim:"true"` // ReservedPorts is an array of ports which should be registerd as // unavailable. If not set, they default to [22,2375,2376,51678]. ReservedPorts []uint16 // ReservedPortsUDP is an array of UDP ports which should be registered as // unavailable. If not set, it defaults to []. ReservedPortsUDP []uint16 // DataDir is the directory data is saved to in order to preserve state // across agent restarts. It is only used if "Checkpoint" is true as well. DataDir string // Checkpoint configures whether data should be periodically to a checkpoint // file, in DataDir, such that on instance or agent restarts it will resume // as the same ContainerInstance. It defaults to false. Checkpoint bool // EngineAuthType configures what type of data is in EngineAuthData. // Supported types, right now, can be found in the dockerauth package: https://godoc.org/github.com/aws/amazon-ecs-agent/agent/engine/dockerauth EngineAuthType string `trim:"true"` // EngineAuthData contains authentication data. Please see the documentation // for EngineAuthType for more information. EngineAuthData *SensitiveRawMessage // UpdatesEnabled specifies whether updates should be applied to this agent. // Default true UpdatesEnabled bool // UpdateDownloadDir specifies where new agent versions should be placed // within the container in order for the external updating process to // correctly handle them. UpdateDownloadDir string // DisableMetrics configures whether task utilization metrics should be // sent to the ECS telemetry endpoint DisableMetrics bool // ReservedMemory specifies the amount of memory (in MB) to reserve for things // other than containers managed by ECS ReservedMemory uint16 // DockerStopTimeout specifies the amount time before a SIGKILL is issued to // containers managed by ECS DockerStopTimeout time.Duration // AvailableLoggingDrivers specifies the logging drivers available for use // with Docker. If not set, it defaults to ["json-file"]. AvailableLoggingDrivers []dockerclient.LoggingDriver // PrivilegedDisabled specified whether the Agent is capable of launching // tasks with privileged containers PrivilegedDisabled bool // SELinxuCapable specifies whether the Agent is capable of using SELinux // security options SELinuxCapable bool // AppArmorCapable specifies whether the Agent is capable of using AppArmor // security options AppArmorCapable bool // TaskCleanupWaitDuration specifies the time to wait after a task is stopped // until cleanup of task resources is started. TaskCleanupWaitDuration time.Duration // TaskIAMRoleEnabled specifies if the Agent is capable of launching // tasks with IAM Roles. TaskIAMRoleEnabled bool // CredentialsAuditLogFile specifies the path/filename of the audit log. CredentialsAuditLogFile string // CredentialsAuditLogEnabled specifies whether audit logging is disabled. CredentialsAuditLogDisabled bool // TaskIAMRoleEnabledForNetworkHost specifies if the Agent is capable of launching // tasks with IAM Roles when networkMode is set to 'host' TaskIAMRoleEnabledForNetworkHost bool // ImageCleanupDisabled specifies whether the Agent will periodically perform // automated image cleanup ImageCleanupDisabled bool // MinimumImageDeletionAge specifies the minimum time since it was pulled // before it can be deleted MinimumImageDeletionAge time.Duration // ImageCleanupInterval specifies the time to wait before performing the image // cleanup since last time it was executed ImageCleanupInterval time.Duration // NumImagesToDeletePerCycle specifies the num of image to delete every time // when Agent performs cleanup NumImagesToDeletePerCycle int // InstanceAttributes contains key/value pairs representing // attributes to be associated with this instance within the // ECS service and used to influence behavior such as launch // placement. InstanceAttributes map[string]string // Set if clients validate ssl certificates. Used mainly for testing AcceptInsecureCert bool `json:"-"` }
func DefaultConfig ¶
func DefaultConfig() Config
DefaultConfig returns the default configuration for Linux
func NewConfig ¶
func NewConfig(ec2client ec2.EC2MetadataClient) (config *Config, err error)
NewConfig returns a config struct created by merging environment variables, a config file, and EC2 Metadata info. The 'config' struct it returns can be used, even if an error is returned. An error is returned, however, if the config is incomplete in some way that is considered fatal.
type ConfigReader ¶
type ConfigReader interface {
ReadConfig() *Config
}
type SensitiveRawMessage ¶ added in v1.5.0
type SensitiveRawMessage struct {
// contains filtered or unexported fields
}
SensitiveRawMessage is a struct to store some data that should not be logged or printed. This struct is a Stringer which will not print its contents with 'String'. It is a json.Marshaler and json.Unmarshaler and will present its actual contents in plaintext when read/written from/to json.
func NewSensitiveRawMessage ¶ added in v1.5.0
func NewSensitiveRawMessage(data json.RawMessage) *SensitiveRawMessage
NewSensitiveRawMessage returns a new encapsulated json.RawMessage that cannot be accidentally logged via .String/.GoString/%v/%#v
func (SensitiveRawMessage) Contents ¶ added in v1.5.0
func (data SensitiveRawMessage) Contents() json.RawMessage
func (SensitiveRawMessage) GoString ¶ added in v1.5.0
func (data SensitiveRawMessage) GoString() string
func (SensitiveRawMessage) MarshalJSON ¶ added in v1.5.0
func (data SensitiveRawMessage) MarshalJSON() ([]byte, error)
func (SensitiveRawMessage) String ¶ added in v1.5.0
func (data SensitiveRawMessage) String() string
func (*SensitiveRawMessage) UnmarshalJSON ¶ added in v1.5.0
func (data *SensitiveRawMessage) UnmarshalJSON(jsonData []byte) error