Running a Docker image from ECR on ECS

Question

I have a docker image in ECR. I want to run it in ECS. I've followed the steps in the AWS docs which take me here. That runs through a series of steps that set up some kind of ECS cluster, but it never asks which docker image in ECR that I want to run.

Running a docker image is very simple, but ECS seems overly complex for what I'm trying to do (run a docker image of a simple web service). This is the best explanation I've found. Maybe I've missed something.

Amazon's docs seem to go off on tangents and never get back to a docker image in ECR. Is there a better explanation of how run an ECR image in ECS?

Edit: adding task definition json:

{
  "ipcMode": null,
  "executionRoleArn": "arn:aws:iam::504084722442:role/ecsTaskExecutionRole",
  "containerDefinitions": [
    {
      "dnsSearchDomains": null,
      "logConfiguration": {
        "logDriver": "awslogs",
        "options": {
          "awslogs-group": "/ecs/first-run-task-definition",
          "awslogs-region": "us-east-2",
          "awslogs-stream-prefix": "ecs"
        }
      },
      "entryPoint": [
        "sh",
        "-c"
      ],
      "portMappings": [
        {
          "hostPort": 80,
          "protocol": "tcp",
          "containerPort": 80
        }
      ],
      "command": [
        "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' >  /usr/local/apache2/htdocs/index.html && httpd-foreground\""
      ],
      "linuxParameters": null,
      "cpu": 256,
      "environment": [],
      "resourceRequirements": null,
      "ulimits": null,
      "dnsServers": null,
      "mountPoints": [],
      "workingDirectory": null,
      "secrets": null,
      "dockerSecurityOptions": null,
      "memory": null,
      "memoryReservation": 512,
      "volumesFrom": [],
      "image": "504084722442.dkr.ecr.us-east-2.amazonaws.com/dean.w.schulze.5040",
      "disableNetworking": null,
      "interactive": null,
      "healthCheck": null,
      "essential": true,
      "links": [],
      "hostname": null,
      "extraHosts": null,
      "pseudoTerminal": null,
      "user": null,
      "readonlyRootFilesystem": null,
      "dockerLabels": null,
      "systemControls": null,
      "privileged": null,
      "name": "sample-app"
    }
  ],
  "placementConstraints": [],
  "memory": "512",
  "taskRoleArn": null,
  "compatibilities": [
    "EC2",
    "FARGATE"
  ],
  "taskDefinitionArn": "arn:aws:ecs:us-east-2:504084722442:task-definition/first-run-task-definition:2",
  "family": "first-run-task-definition",
  "requiresAttributes": [
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.execution-role-ecr-pull"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.task-eni"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.ecr-auth"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.execution-role-awslogs"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
    }
  ],
  "pidMode": null,
  "requiresCompatibilities": [
    "FARGATE"
  ],
  "networkMode": "awsvpc",
  "cpu": "256",
  "revision": 2,
  "status": "ACTIVE",
  "volumes": []
}

Answer 1

I understand there is little confusion when you talk about how to run docker image on ECS. I have listed some key concepts which will make ECS easy for you.

Cluster: To use ECS on AWS the first thing you have to do is create a Cluster. Creating a cluster is simple because you only have to chose among the following two main types of template.

• EC2: This cluster can only run the task definition which are configured to run image on an EC2 instance. It is just like creating an EC2 instance and running a docker image on it.
• Fargate: In a fargate cluster an EC2 instance is not created, instead it only creates the network interface on EC2 services. You can still assign a public IP and view your container image based on the your task definition.

Task Definition: You can think of a task definition as a place to define your container image. This task definition is used to run a task inside the cluster . You can define everything related to a docker image in your task definition i.e. anything that can be done with docker run command, can be configured in a task definition.

Service: The service uses the task definition to run a task. For example, you have one docker image and you want at least two instances always running your image. You can set the number of instance while configuring the service as two and ECS service will make sure that two tasks are always running your image inside the cluster. If a tasks goes down for a reason, it will keep trying to run your task.

Task: The task is the entity in ECS which actually runs your docker image. A task can be spawned using a service or by creating a new task directly. In both the cases you must have a task definition which contains the information about your docker image.

Answer to your comment:

"I guess I have to edit the container definition instead of the task definition".

Well, the container definition is the task definition. If you want to update the image, you can create a new revision of the task definition and use this revision to run your task. If you are running your task through a service, you can update the service and assign the latest task definition. The service will automatically spawn a new task with the latest task definition. To use an ECR image just copy the url from the icon beside the image name and paste it under 'Image' in the task definition.

Note: You should have a public ip enabled and/or internet connectivity to the instance(EC2)/network interface (fargate) to connect to ECR, read here.