ablog

不器用で落着きのない技術者のメモ

AWS AppMeshのサンプルを試してみた

aws-app-mesh-examples/examples at master · aws/aws-app-mesh-examples · GitHub を試してみた。

sudo yum -y install git docker
sudo service docker start
git clone https://github.com/awslabs/aws-app-mesh-examples.git
export AWS_PROFILE="default"
export AWS_REGION="ap-northeast-1"
export AWS_DEFAULT_REGION="$AWS_REGION"
export ENVIRONMENT_NAME="AppMeshSample"
export MESH_NAME="default"
export KEY_PAIR_NAME=mykeytokyo
# https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html
export ENVOY_IMAGE="840364872350.dkr.ecr.us-west-2.amazonaws.com/aws-appmesh-envoy:v1.12.2.1-prod"
export CLUSTER_SIZE=5
export SERVICES_DOMAIN="default.svc.cluster.local"
cd aws-app-mesh-examples/examples/
./infrastructure/vpc.sh create-stack
./infrastructure/appmesh-mesh.sh
./infrastructure/ecs-cluster.sh

aws ecr create-repository --repository-name "gateway" --region ap-northeast-1
aws ecr create-repository --repository-name "teller" --region ap-northeast-1

export AWS_ACCOUNT_ID= 123456789012
 ./deploy.sh

 cd ../
cd colorteller/
./deploy.sh 

動作確認

  • CloudFormation で作成された Public Subnet に踏み台EC2を作成して ssh で接続する。
$ curl -s http://colorgateway.default.svc.cluster.local:9080/color
{"color":"red", "stats": {"blue":0.14,"red":0.57,"white":0.29}}

補足

$ ./deploy.sh
+ '[' -z 123456789012 ']'
+ '[' -z ap-northeast-1 ']'
+++ dirname ./deploy.sh
++ cd .
++ pwd
+ DIR=/home/ec2-user/aws-app-mesh-examples/examples/apps/colorapp/src/gateway
+ COLOR_GATEWAY_IMAGE= 123456789012.dkr.ecr.ap-northeast-1.amazonaws.com/gateway
+ GO_PROXY=https://proxy.golang.org
+ docker build --build-arg GO_PROXY=https://proxy.golang.org -t 123456789012.dkr.ecr.ap-northeast-1.amazonaws.com/gateway /home/ec2-user/aws-app-mesh-examples/examples/apps/colorapp/src/gateway
ERRO[0000] failed to dial gRPC: cannot connect to the Docker daemon. Is 'docker daemon' running on this host?: dial unix /var/run/docker.sock: connect: permission denied 
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.39/build?buildargs=%7B%22GO_PROXY%22%3A%22https%3A%2F%2Fproxy.golang.org%22%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&session=tpmua0686cz1dd1ts3qgp0ucj&shmsize=0&t=123456789012.dkr.ecr.ap-northeast-1.amazonaws.com%2Fgateway&target=&ulimits=null&version=1: dial unix /var/run/docker.sock: connect: permission denied
$ sudo su -
# chmod 777 /var/run/docker.sock

補足

  • ecs/ecs-colorapp.sh の実行で、"Unknown parameter in input: "proxyConfiguration", must be one of: ..." と怒られる。
$ ./ecs/ecs-colorapp.sh 

(中略)

Parameter validation failed:
Unknown parameter in input: "proxyConfiguration", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory
Unknown parameter in containerDefinitions[0]: "dependsOn", must be one of: name, image, cpu, memory, memoryReservation, links, portMappings, essential, entryPoint, command, environment, mountPoints, volumesFrom, linuxParameters, hostname, user, workingDirectory, disableNetworking, privileged, readonlyRootFilesystem, dnsServers, dnsSearchDomains, extraHosts, dockerSecurityOptions, dockerLabels, ulimits, logConfiguration
Unknown parameter in containerDefinitions[1]: "healthCheck", must be one of: name, image, cpu, memory, memoryReservation, links, portMappings, essential, entryPoint, command, environment, mountPoints, volumesFrom, linuxParameters, hostname, user, workingDirectory, disableNetworking, privileged, readonlyRootFilesystem, dnsServers, dnsSearchDomains, extraHosts, dockerSecurityOptions, dockerLabels, ulimits, logConfiguration
++ task_def=
  • AWS CLI をアップデートすると解消した。
sudo pip install --upgrade pip
sudo /usr/local/bin/pip install -U awscli