问题
I use to connect to EC2 container instances following this steps, https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance-connect.html wondering how I can connect to FARGATE-managed container instances instead.
回答1:
Looking on that issue on github https://github.com/aws/amazon-ecs-cli/issues/143 I think it's not possible to make docker exec from remote host into container on ECS Fargate. You can try to run ssh daemon and your main process in one container using e.g. systemd (https://docs.docker.com/config/containers/multi-service_container/) and connect to your container using SSH but generally it's not good idea in containers world.
回答2:
It is possible, but not easy.straight forward. Shortly: install SSH, don't expose ssh port out from VPC, add bastion host, SSH through bastion.
A little bit more details:
- spin up SSHD with password-less authentication. Docker instructions
- Fargate Task: Expose port 22
- Configure your VPC, instructions
- create EC2 bastion host
- From there SSH into your Task's IP address
来源:https://stackoverflow.com/questions/52310447/is-it-possible-to-ssh-into-fargate-managed-container-instances