Hello everybody, great to join the community! I’m using Pulumi to install a datadog agent on a Fargate container. The datadog documentation asks me to create a container, which, when using docker-compose, would look like this:

// docker-compose
agent:
    image: ...
    environment:
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro <-- ??? How do I convert these???
      - /proc/:/host/proc/:ro
      - /sys/fs/cgroup/:/host/sys/fs/cgroup:ro

I’m struggling to understand how the volumes syntax would map onto the Pulumi mount points interface. My pulumi code looks like this:

new awsx.ecs.FargateService('ecs-name', {
    name: `resource-name`,
    cluster: cluster,
    taskDefinitionArgs: {
        ...
        containers: {
            containerName: {
                ...
                mountPoints: [{???}]
            }
        }
    },
    ...
})

Each MountPoint expects this type:

export interface MountPoint {
    containerPath?: string;
    readOnly?: boolean;
    sourceVolume?: string;
}

When it comes to translating each of the volumes, how do I convert them to this format? For example, what would the Pulumi MountPoint look like for this volume

/var/run/docker.sock:/var/run/docker.sock:ro

? I’ve had limited success using the documentation. Thank you 🙏

The string before the first colon is the source, and the string after it is the container path. ro mean readOnly is true. However, the string you show describes a bind mount, not a volume, so you should be using the

hostPath

propoerty.

Thank you so much @little-cartoon-10569 - what an incredible response! So I believe that the reason I was seeing a different interface is because I was looking at the

MountPoint

interface at the container level, and not, as I think I’m understanding from you, the

TaskDefinitionVolumeArgs

, at the TaskDefinition level. In making those changes, I also went ahead and updated my packages - in case that has anything to do with it. My updated stack now looks like this:

new awsx.ecs.FargateService('ecs-name', {
    name: `resource-name`,
    cluster: cluster,
    taskDefinitionArgs: {
        // ...
        containers: {
            containerName: {
                // ...
                mountPoints: [
                    {
                        sourceVolume: 'volume1',
                        containerPath: '/var/run/docker',
                        readOnly: true,
                    },
                    {
                        sourceVolume: 'volume2',
                        containerPath: '/host/proc/',
                        readOnly: true
                    },
                    {
                        sourceVolume: 'volume3',
                        containerPath: '/host/sys/fs/cgroup',
                        readOnly: true
                    }
                ]
            }
        }
    },
    volumes: [
        {
            name: 'volume1',
            hostPath: '/var/run/docker.sock:/var/run/docker.sock:ro'
        },
        {
            name: 'volume2',
            hostPath: '/proc/:/host/proc/:ro'
        },
        {
            name: 'volume3',
            hostPath: '/sys/fs/cgroup/:/host/sys/fs/cgroup:ro'
        }
    ]
    // ...
})

Did I follow your logic there? I’m now noticing that Fargate doesn’t let me reference the host. Here is the error:

aws:ecs:TaskDefinition (ecs-datadog):
    error: 1 error occurred:
    	* ClientException: Fargate compatible task definitions do not support sourcePath

Could what you’re saying be true for regular ECS taskDefinitions, but perhaps not for Fargate? I have previously had to create EFS volumes, for instance, in order to get the volumes to work. Am I seeing this wrong? Again, thank you very much! 🙏

I'm honestly not sure if there's a difference.. there shouldn't be, since Fargate is only a target as far as ECS is concerned.. but who knows ¯\_(ツ)_/¯

Thank you! Trying that now

I can't see any examples of Pulumi code doing this. You may be pioneering new ground here...