Me, Myself and Technology
Kalpik Nigam

Running Windows Nano Server as an ECS host

November 6th 2017 in Uncategorized

Windows containers are still in beta state on AWS ECS, but it’s fun to try them out. AWS already has a Full Windows 2016 AMI with containers support. But I wanted to try something more interesting. Windows nanoserver is what I was looking at. It’s designed specifically for tasks such as running as container hosts in a cluster. AWS also has a nanoserver AMI, but I ran into issues very quickly.

The nanoserver AMI doesn’t have the containers feature and docker installed. The go to method for building AMIs on AWS is to use packer. But unfortunately, packer doesn’t talk to nanoserver just yet. So I had to resort to write a (very basic) powershell script to create the nanoserver AMI with containers and docker configured.

Once this was done, I realized that ECS agent wouldn’t run on nanoserver because of stuff that’s missing in nanoserver, and which the ECS agent expects to be there. Fortunately, it wasn’t that much, and it was only in the powershell scripts. I patched the scripts, and repackaged the agent, and put it on S3. Now in my userdata, I have the following:

# Set agent env variables for the Machine context (durable)
Set-Item -Path env:\ECS_CLUSTER -Value “${ECSCluster}”
Set-Item -Path env:\ECS_ENABLE_TASK_IAM_ROLE -Value “true”
Set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Session Manager\Environment’ -Name ECS_CLUSTER –Value “${ECSCluster}”
Set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Session Manager\Environment’ -Name ECS_ENABLE_TASK_IAM_ROLE –Value “true”

$agentVersion = ‘v1.15.0’
$agentZipUri = “$”

### — Nothing user configurable after this point —
$ecsExeDir = “$env:ProgramFiles\Amazon\ECS”
$zipFile = “$env:TEMP\”

### Get the files from S3
Invoke-RestMethod -OutFile $zipFile -Uri $agentZipUri

## Put the executables in the executable directory.
Expand-Archive -Path $zipFile -DestinationPath $ecsExeDir -Force

cd $ecsExeDir

And then I get this host reporting to my ECS cluster!

The only caveat is that a nanoserver host can only run nanoserver containers. It *can* run windowsservercore containers, but only in Hyper-V mode, which is unsupported on EC2.


required - won't be displayed

Your Comment:

It’s been ages since I posted here, but I think this post will be worth it 🙂

What we are going to achieve with this:

Update your Canvas HD to the latest *official* ROM, which includes a fix for the Flipboard issue, and the G Sensor issue.
Replace stock recovery by Clockworkmod Recovery. This will make installing future […]

Previous Entry