https://pulumi.com logo
#aws
Title
# aws
q

quaint-guitar-13446

08/06/2020, 2:45 AM
Hi there. I'm trying to get a Laravel app running on Fargate. The standard approach is to serve requests to nginx which proxy to a php-fpm instance. In development I have this set up using two containers with the source code mounted via volumes at the same path in both containers. I could create a new docker image that has both php-fpm and nginx in one, though I would think that having two containers is still the correct approach.
Is it possible to create a volume using EFS that is loaded up with the source and shared between containers? What are my options?
b

billowy-army-68599

08/06/2020, 3:34 AM
If you want to have 2 containers, I think using EFS is basically your only option, because you need a file system that can have read/write from multiple sources, which EBS can't do. I would personally make a single container and ensure it's forked properly from something like dumb-init. I think introducing EFS as a potential performance bottleneck is unnecessary. Most php-fpm applications use a single container
i guess another option if you never need to write to disk is just to do
COPY
to both containers?
q

quaint-guitar-13446

08/06/2020, 4:01 AM
Thanks @billowy-army-68599 Doing a COPY on both containers would be fairly trivial. If I was to go the EFS route, how do I actually push the files to it? Is that achievable via the AWS API or does it need to be attached to EC2 or Lambda first?
l

limited-rainbow-51650

08/06/2020, 8:35 AM
Yet another alternative (without EFS) is to create a single image with everything in it, but which allows for separate
ENTRYPOINT
or
CMD
. You still run a pod with 2 containers, but both using the same image using the different
ENTRYPOINT
or
CMD
.
👍 2
q

quaint-guitar-13446

08/07/2020, 2:36 AM
What's the best way to get secrets into ECS? The passwords will be visible in plain text.
b

billowy-army-68599

08/07/2020, 2:57 AM
@quaint-guitar-13446 the best way is to store them in AWS SSM or AWS Secret manager: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html
q

quaint-guitar-13446

08/07/2020, 3:04 AM
Thank you
Just getting a chance to revisit this. I've created a
dbPassword
aws.ssm.Parameter
but getting a TypeScript error when trying to pass it to the
secrets
array in ecs because the
arn
is an
Output<string>
not a
string
. Is there a tutorial on the recommended way to do this?
Do I need to
apply
the parameter and create the container inside the callback?
9 Views