interface DaemonContainerDefinitionProperty

Language	Type name
.NET	`Amazon.CDK.AWS.ECS.CfnDaemonTaskDefinition.DaemonContainerDefinitionProperty`
Go	`github.com/aws/aws-cdk-go/awscdk/v2/awsecs#CfnDaemonTaskDefinition_DaemonContainerDefinitionProperty`
Java	`software.amazon.awscdk.services.ecs.CfnDaemonTaskDefinition.DaemonContainerDefinitionProperty`
Python	`aws_cdk.aws_ecs.CfnDaemonTaskDefinition.DaemonContainerDefinitionProperty`
TypeScript	`aws-cdk-lib` » `aws_ecs` » `CfnDaemonTaskDefinition` » `DaemonContainerDefinitionProperty`

A container definition for a daemon task.

Daemon container definitions describe the containers that run as part of a daemon task on container instances managed by capacity providers.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_ecs as ecs } from 'aws-cdk-lib';
const daemonContainerDefinitionProperty: ecs.CfnDaemonTaskDefinition.DaemonContainerDefinitionProperty = {
  image: 'image',
  name: 'name',

  // the properties below are optional
  command: ['command'],
  cpu: 123,
  dependsOn: [{
    condition: 'condition',
    containerName: 'containerName',
  }],
  entryPoint: ['entryPoint'],
  environment: [{
    name: 'name',
    value: 'value',
  }],
  environmentFiles: [{
    type: 'type',
    value: 'value',
  }],
  essential: false,
  firelensConfiguration: {
    options: {
      optionsKey: 'options',
    },
    type: 'type',
  },
  healthCheck: {
    command: ['command'],
    interval: 123,
    retries: 123,
    startPeriod: 123,
    timeout: 123,
  },
  interactive: false,
  linuxParameters: {
    capabilities: {
      add: ['add'],
      drop: ['drop'],
    },
    devices: [{
      containerPath: 'containerPath',
      hostPath: 'hostPath',
      permissions: ['permissions'],
    }],
    initProcessEnabled: false,
    tmpfs: [{
      size: 123,

      // the properties below are optional
      containerPath: 'containerPath',
      mountOptions: ['mountOptions'],
    }],
  },
  logConfiguration: {
    logDriver: 'logDriver',

    // the properties below are optional
    options: {
      optionsKey: 'options',
    },
    secretOptions: [{
      name: 'name',
      valueFrom: 'valueFrom',
    }],
  },
  memory: 123,
  memoryReservation: 123,
  mountPoints: [{
    containerPath: 'containerPath',
    readOnly: false,
    sourceVolume: 'sourceVolume',
  }],
  privileged: false,
  pseudoTerminal: false,
  readonlyRootFilesystem: false,
  repositoryCredentials: {
    credentialsParameter: 'credentialsParameter',
  },
  restartPolicy: {
    enabled: false,
    ignoredExitCodes: [123],
    restartAttemptPeriod: 123,
  },
  secrets: [{
    name: 'name',
    valueFrom: 'valueFrom',
  }],
  startTimeout: 123,
  stopTimeout: 123,
  systemControls: [{
    namespace: 'namespace',
    value: 'value',
  }],
  ulimits: [{
    hardLimit: 123,
    name: 'name',
    softLimit: 123,
  }],
  user: 'user',
  workingDirectory: 'workingDirectory',
};

Properties

Name	Type	Description
image	`string`	The image used to start the container.
name	`string`	The name of the container.
command?	`string[]`	The command that's passed to the container.
cpu?	`number`	The number of `cpu` units reserved for the container.
dependsOn?	`IResolvable` `\| (IResolvable` `\|` `ContainerDependencyProperty)[]`	The dependencies defined for container startup and shutdown.
entryPoint?	`string[]`	The entry point that's passed to the container.
environment?	`IResolvable` `\| (IResolvable` `\|` `KeyValuePairProperty)[]`	The environment variables to pass to a container.
environmentFiles?	`IResolvable` `\| (IResolvable` `\|` `EnvironmentFileProperty)[]`	A list of files containing the environment variables to pass to a container.
essential?	`boolean \|` `IResolvable`	If the `essential` parameter of a container is marked as `true`, and that container fails or stops for any reason, all other containers that are part of the task are stopped.
firelensConfiguration?	`IResolvable` `\|` `FirelensConfigurationProperty`	The FireLens configuration for the container.
healthCheck?	`IResolvable` `\|` `HealthCheckProperty`	An object representing a container health check.
interactive?	`boolean \|` `IResolvable`	When this parameter is `true`, you can deploy containerized applications that require `stdin` or a `tty` to be allocated.
linuxParameters?	`IResolvable` `\|` `LinuxParametersProperty`	The Linux-specific options that are applied to the container, such as Linux KernelCapabilities.
logConfiguration?	`IResolvable` `\|` `LogConfigurationProperty`	The log configuration for the container.
memory?	`number`	The amount (in MiB) of memory to present to the container.
memoryReservation?	`number`	The soft limit (in MiB) of memory to reserve for the container.
mountPoints?	`IResolvable` `\| (IResolvable` `\|` `MountPointProperty)[]`	The mount points for data volumes in your container.
privileged?	`boolean \|` `IResolvable`	When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user).
pseudoTerminal?	`boolean \|` `IResolvable`	When this parameter is `true`, a TTY is allocated.
readonlyRootFilesystem?	`boolean \|` `IResolvable`	When this parameter is true, the container is given read-only access to its root file system.
repositoryCredentials?	`IResolvable` `\|` `RepositoryCredentialsProperty`	The repository credentials for private registry authentication.
restartPolicy?	`IResolvable` `\|` `RestartPolicyProperty`
secrets?	`IResolvable` `\| (IResolvable` `\|` `SecretProperty)[]`	The secrets to pass to the container.
startTimeout?	`number`	Time duration (in seconds) to wait before giving up on resolving dependencies for a container.
stopTimeout?	`number`	Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.
systemControls?	`IResolvable` `\| (IResolvable` `\|` `SystemControlProperty)[]`	A list of namespaced kernel parameters to set in the container.
ulimits?	`IResolvable` `\| (IResolvable` `\|` `UlimitProperty)[]`	A list of `ulimits` to set in the container.
user?	`string`	The user to use inside the container.
workingDirectory?	`string`	The working directory to run commands inside the container in.

image

Type: string

The image used to start the container.

This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.

name

Type: string

The name of the container.

Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.

command?

Type: string[] (optional)

The command that's passed to the container.

cpu?

Type: number (optional)

The number of cpu units reserved for the container.

dependsOn?

Type: IResolvable | (IResolvable | ContainerDependencyProperty)[] (optional)

The dependencies defined for container startup and shutdown.

A container can contain multiple dependencies on other containers in a task definition.

entryPoint?

Type: string[] (optional)

The entry point that's passed to the container.

environment?

Type: IResolvable | (IResolvable | KeyValuePairProperty)[] (optional)

The environment variables to pass to a container.

environmentFiles?

Type: IResolvable | (IResolvable | EnvironmentFileProperty)[] (optional)

A list of files containing the environment variables to pass to a container.

essential?

Type: boolean | IResolvable (optional)

If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped.

firelensConfiguration?

Type: IResolvable | FirelensConfigurationProperty (optional)

The FireLens configuration for the container.

This is used to specify and configure a log router for container logs. For more information, see Custom log routing in the Amazon Elastic Container Service Developer Guide.

healthCheck?

Type: IResolvable | HealthCheckProperty (optional)

An object representing a container health check.

Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image (such as those specified in a parent image or from the image's Dockerfile). This configuration maps to the HEALTHCHECK parameter of docker run. The Amazon ECS container agent only monitors and reports on the health checks specified in the task definition. Amazon ECS does not monitor Docker health checks that are embedded in a container image and not specified in the container definition. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image. You can view the health status of both individual containers and a task with the DescribeTasks API operation or when viewing the task details in the console. The health check is designed to make sure that your containers survive agent restarts, upgrades, or temporary unavailability. Amazon ECS performs health checks on containers with the default that launched the container instance or the task. The following describes the possible healthStatus values for a container:

HEALTHY-The container health check has passed successfully.
UNHEALTHY-The container health check has failed.
UNKNOWN-The container health check is being evaluated, there's no container health check defined, or Amazon ECS doesn't have the health status of the container.

The following describes the possible healthStatus values based on the container health checker status of essential containers in the task with the following priority order (high to low):

UNHEALTHY-One or more essential containers have failed their health check.
UNKNOWN-Any essential container running within the task is in an UNKNOWN state and no other essential containers have an UNHEALTHY state.
HEALTHY-All essential containers within the task have passed their health checks.

Consider the following task health example with 2 containers.

If Container1 is UNHEALTHY and Container2 is UNKNOWN, the task health is UNHEALTHY.
If Container1 is UNHEALTHY and Container2 is HEALTHY, the task health is UNHEALTHY.
If Container1 is HEALTHY and Container2 is UNKNOWN, the task health is UNKNOWN.
If Container1 is HEALTHY and Container2 is HEALTHY, the task health is HEALTHY.

Consider the following task health example with 3 containers.

If Container1 is UNHEALTHY and Container2 is UNKNOWN, and Container3 is UNKNOWN, the task health is UNHEALTHY.
If Container1 is UNHEALTHY and Container2 is UNKNOWN, and Container3 is HEALTHY, the task health is UNHEALTHY.
If Container1 is UNHEALTHY and Container2 is HEALTHY, and Container3 is HEALTHY, the task health is UNHEALTHY.
If Container1 is HEALTHY and Container2 is UNKNOWN, and Container3 is HEALTHY, the task health is UNKNOWN.
If Container1 is HEALTHY and Container2 is UNKNOWN, and Container3 is UNKNOWN, the task health is UNKNOWN.
If Container1 is HEALTHY and Container2 is HEALTHY, and Container3 is HEALTHY, the task health is HEALTHY.

If a task is run manually, and not as part of a service, the task will continue its lifecycle regardless of its health status. For tasks that are part of a service, if the task reports as unhealthy then the task will be stopped and the service scheduler will replace it. When a container health check fails for a task that is part of a service, the following process occurs:

The task is marked as UNHEALTHY.
The unhealthy task will be stopped, and during the stopping process, it will go through the following states:

DEACTIVATING - In this state, Amazon ECS performs additional steps before stopping the task. For example, for tasks that are part of services configured to use Elastic Load Balancing target groups, target groups will be deregistered in this state.
STOPPING - The task is in the process of being stopped.
DEPROVISIONING - Resources associated with the task are being cleaned up.
STOPPED - The task has been completely stopped.

After the old task stops, a new task will be launched to ensure service operation, and the new task will go through the following lifecycle:

PROVISIONING - Resources required for the task are being provisioned.
PENDING - The task is waiting to be placed on a container instance.
ACTIVATING - In this state, Amazon ECS pulls container images, creates containers, configures task networking, registers load balancer target groups, and configures service discovery status.
RUNNING - The task is running and performing its work.

For more detailed information about task lifecycle states, see Task lifecycle in the Amazon Elastic Container Service Developer Guide. The following are notes about container health check support:

If the Amazon ECS container agent becomes disconnected from the Amazon ECS service, this won't cause a container to transition to an UNHEALTHY status. This is by design, to ensure that containers remain running during agent restarts or temporary unavailability. The health check status is the "last heard from" response from the Amazon ECS agent, so if the container was considered HEALTHY prior to the disconnect, that status will remain until the agent reconnects and another health check occurs. There are no assumptions made about the status of the container health checks.
Container health checks require version 1.17.0 or greater of the Amazon ECS container agent. For more information, see Updating the Amazon ECS container agent.
Container health checks are supported for Fargate tasks if you're using platform version 1.1.0 or greater. For more information, see platform versions.
Container health checks aren't supported for tasks that are part of a service that's configured to use a Classic Load Balancer.

For an example of how to specify a task definition with multiple containers where container dependency is specified, see Container dependency in the Amazon Elastic Container Service Developer Guide.

interactive?

Type: boolean | IResolvable (optional)

When this parameter is true, you can deploy containerized applications that require stdin or a tty to be allocated.

linuxParameters?

Type: IResolvable | LinuxParametersProperty (optional)

The Linux-specific options that are applied to the container, such as Linux KernelCapabilities.

logConfiguration?

Type: IResolvable | LogConfigurationProperty (optional)

The log configuration for the container.

This parameter maps to LogConfig in the docker container create command and the --log-driver option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. Understand the following when specifying a log configuration for your containers.

Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent. For tasks on FARGATElong, the supported log drivers are awslogs, splunk, and awsfirelens. For tasks hosted on Amazon EC2 instances, the supported log drivers are awslogs, fluentd, gelf, json-file, journald,syslog, splunk, and awsfirelens.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration in the Amazon Elastic Container Service Developer Guide.
For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.

memory?

Type: number (optional)

The amount (in MiB) of memory to present to the container.

If the container attempts to exceed the memory specified here, the container is killed.

memoryReservation?

Type: number (optional)

The soft limit (in MiB) of memory to reserve for the container.

mountPoints?

Type: IResolvable | (IResolvable | MountPointProperty)[] (optional)

The mount points for data volumes in your container.

privileged?

Type: boolean | IResolvable (optional)

When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).

pseudoTerminal?

Type: boolean | IResolvable (optional)

When this parameter is true, a TTY is allocated.

readonlyRootFilesystem?

Type: boolean | IResolvable (optional)

When this parameter is true, the container is given read-only access to its root file system.

repositoryCredentials?

Type: IResolvable | RepositoryCredentialsProperty (optional)

The repository credentials for private registry authentication.

restartPolicy?

Type: IResolvable | RestartPolicyProperty (optional)

secrets?

Type: IResolvable | (IResolvable | SecretProperty)[] (optional)

The secrets to pass to the container.

startTimeout?

Type: number (optional)

Time duration (in seconds) to wait before giving up on resolving dependencies for a container.

stopTimeout?

Type: number (optional)

Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.

systemControls?

Type: IResolvable | (IResolvable | SystemControlProperty)[] (optional)

A list of namespaced kernel parameters to set in the container.

ulimits?

Type: IResolvable | (IResolvable | UlimitProperty)[] (optional)

A list of ulimits to set in the container.

user?

Type: string (optional)

The user to use inside the container.

workingDirectory?

Type: string (optional)

The working directory to run commands inside the container in.

AWS CDK

2.254.0

interface DaemonContainerDefinitionProperty

Example

Properties

image

name

command?

cpu?

dependsOn?

entryPoint?

environment?

environmentFiles?

essential?

firelensConfiguration?

healthCheck?

interactive?

linuxParameters?

logConfiguration?

memory?

memoryReservation?

mountPoints?

privileged?

pseudoTerminal?

readonlyRootFilesystem?

repositoryCredentials?

restartPolicy?

secrets?

startTimeout?

stopTimeout?

systemControls?

ulimits?

user?

workingDirectory?