How do I set dynamic environment variables for Docker multi-stage builds in Elastic Beanstalk?
I want to set dynamic environment variables for Docker multi-stage builds in AWS Elastic Beanstalk.
Short description
In the Elastic Beanstalk Docker platform, Elastic Beanstalk environment variables are set and made accessible for the final container in the Dockerfile. This applies to scenarios involving multiple containers (that is, multi-stage builds). You can set hard-coded/static variables in the Dockerfile only in build stages. For example, you can use the "ENV" key to set static variables. Because Elastic Beanstalk variables aren't accessible by the other containers in the Dockerfile that are getting built in earlier stages, you can follow the steps in the resolution to set dynamic environment variables during the build stage.
To set dynamic environment variables during the build stage, use an SSM parameter or an Elastic Beanstalk variable. It's a best practice to use an SSM parameter, because you're required to set the variable one time only. Also, you can follow the same steps in the Use an SSM parameter section to create and update an Elastic Beanstalk variable.
Note: If you receive errors when running AWS Command Line Interface (AWS CLI) commands, make sure that you’re using the most recent AWS CLI version.
Resolution
Note: The following resolution assumes that a React application is installed on Alpine Linux. However, you can use the package manager of any other distribution to build your container and install the required packages.
Use an SSM parameter
Important: To allow the instance to retrieve the SSM parameter, confirm that your instance profile has the ssm:GetParameters permission.
1. Create an SSM parameter. For example, you can use the AWS CLI to create the SSM parameter:
aws ssm put-parameter --name PRODURL_SSM --value http://myproddomain.com --type String
2. Deploy your application using the following Dockerfile. The Dockerfile retrieves the SSM parameter value inside the temporary/build container, and then exports the variable during the build.
# Build environment FROM node:13.12.0-alpine as build WORKDIR /app ENV PATH /app/node_modules/.bin:$PATH COPY package.json ./ COPY package-lock.json ./ RUN npm install react-scripts@3.4.1 COPY . ./ ## Install the required packages for awscli, curl, and jq. ## RUN apk -v --no-cache add \ py-pip \ curl \ jq \ && \ pip install awscli --upgrade --user ## Export the region dynamically retrieving it from the instance metadata, and then retrieve the SSM parameter value using awscli. Then, place the parameter in a text file, and export the variable using the value from the text file. Finally, run the build. ## RUN export REGION=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region) && /root/.local/bin/aws ssm get-parameters --names PRODURL_SSM --region $REGION | grep Value | cut -d '"' -f4 >> /tmp/SSMParameter.txt && export DYNAMIC_SSM_VAR=$(cat /tmp/SSMParameter.txt) && npm run build # Production environment FROM nginx:stable-alpine COPY --from=build /app/build /usr/share/nginx/html ## Copy the text file that has the SSM parameter value from the build container to the production container to confirm the variable was retrieved successfully. ## COPY --from=build /tmp/SSMParameter.txt /tmp EXPOSE 80 CMD ["nginx", "-g", "daemon off;"]
3. To confirm that the deployment is successful, check the file that you copied from the build container. This file should include the value of the SSM parameter variable. For example:
# docker exec -it <Container-Id> sh # cat /tmp/SSMParameter.txt http://myproddomain.com
Use an Elastic Beanstalk variable
1. Copy the config.yml file used by the Elastic Beanstalk Command Line Interface (EB CLI) to the project root directory. For example:
cp .elasticbeanstalk/config.yml .
2. To set the Elastic Beanstalk variable with the EB CLI, run the following command to update or deploy to an existing environment:
eb setenv PRODURL_EB=http://myproddomain.com
3. To create a new Elastic Beanstalk environment, add the new environment name in the config.yml file in the project root directory, and then run the following command:
eb create --envvars PRODURL_EB=http://myproddomain.com
4. Deploy your application using the following Dockerfile. The Dockerfile retrieves the value of the Elastic Beanstalk variable inside the build container, and then exports the variable during the build.
# Build environment FROM node:13.12.0-alpine as build WORKDIR /app ENV PATH /app/node_modules/.bin:$PATH COPY package.json ./ COPY package-lock.json ./ RUN npm install react-scripts@3.4.1 COPY . ./ ## Create an .elasticbeanstalk directory to place the config.yml file in, so that the eb cli can interact with the Elastic Beanstalk environment. ## RUN mkdir .elasticbeanstalk ## Copy config.yml to /app/.elasticbeanstalk inside the build container as it will be used by eb cli ## COPY config.yml /app/.elasticbeanstalk ## Install required packages for awsebcli ## RUN apk -v --no-cache add \ gcc \ musl-dev \ openssl \ openssl-dev \ make \ py-pip \ libffi-dev \ python \ python-dev \ && \ pip install awsebcli --upgrade --user ## Retrieve the Elastic Beanstalk variable using awsebcli and place it in a text file. Then, export the desired variable using the value from the text file, then run the build. ## RUN /root/.local/bin/eb printenv | grep PRODURL_EB | awk '{print $3}' >> /tmp/EBVar.txt && export DYNAMIC_EB_VAR=$(cat /tmp/EBVar.txt) && npm run build # Production environment FROM nginx:stable-alpine COPY --from=build /app/build /usr/share/nginx/html ## Copy the text file that has the Elastic Beanstalk variable value from the build container to the production container to confirm the variable was retrieved successfully ## COPY --from=build /tmp/EBVar.txt /tmp EXPOSE 80 CMD ["nginx", "-g", "daemon off;"]
5. To confirm that the deployment worked, check the file that you copied from the build container. The file should include the value of the Elastic Beanstalk variable.
# docker exec -it <Container-Id> sh # cat /tmp/EBVar.txt http://myproddomain.com
Related information
Contenido relevante
- OFICIAL DE AWSActualizada hace 5 meses
- OFICIAL DE AWSActualizada hace 4 meses
- OFICIAL DE AWSActualizada hace 5 meses