AWS re:Post Knowledge Center Feedback Survey

Help us improve the AWS re:Post Knowledge Center by sharing your feedback in a brief survey. Your input can influence how we create and update our content to better support your AWS journey.

How do I connect to a database from an Amazon ECS task on Fargate?

4 minute read

I want to connect to a database from an Amazon Elastic Container Service (Amazon ECS) task on AWS Fargate.

Resolution

Prerequisites:

You must have an Amazon ECS cluster that runs on Fargate.
You must have an Amazon Relational Database Service (Amazon RDS) database. Amazon ECS and Amazon RDS might have communication issues. For more information, see How do I troubleshoot connectivity issues between my Amazon ECS tasks for an Amazon EC2 launch type and an Amazon RDS database?.

Note: The following resolution uses a MySQL database engine. For more information on how to connect to databases that use other engine types, see Getting started with Amazon RDS.

Connect your task to your database

Complete the following steps:

Create a Python script that connects to your MySQL database. The following example rds.py script sends the results of the connection to the database to Amazon CloudWatch:

import pymysql
import os

DATABASE_ENDPOINT = os.environ['example_endpoint']
USERNAME = os.environ['example_username']
PASSWORD = os.environ['example_password']

try:
    print("Connecting to " + DATABASE_ENDPOINT)
    db = pymysql.connect(host=DATABASE_ENDPOINT, user=USERNAME, password=PASSWORD)
    print("Connection successful to " + DATABASE_ENDPOINT)
    db.close()
except Exception as e:
    print("Connection unsuccessful due to " + str(e))

Note: Replace example_endpoint with your database end point. Replace example_username with your username. Replace example_password with your password.

To assemble an image, create a Dockerfile that includes the required commands. The following example file includes the necessary commands:

FROM python
RUN pip install pymysql cryptography
COPY rds.py /
CMD [ "python", "/rds.py" ]

Create an Amazon Elastic Container Registry (Amazon ECR) repository, and then push your Docker image to that repository.

Create a task definition, and then add your Docker image as the container image:

{  "executionRoleArn": "arn:aws:iam::example_account_ID:role/ecsTaskExecutionRole",  
  "containerDefinitions": [
    {
      "name": "example_app",
      "image": "example_repository_URL",
      "essential": true
    }
  ],
  "requiresCompatibilities": [
    "FARGATE"
  ],
  "networkMode": "awsvpc",
  "cpu": "256",
  "memory": "512",
  "family": "example_app"
}

Note: Replace example_account_ID with your AWS account ID. Replace example_app with the name of your application. Replace example_repository_URL with the URL of your Amazon ECR repository. It's a best practice to set the values for the ENDPOINT, USER, and PASS environment variables in your task definition. You can directly pass these values as environment variables or retrieve the values from secrets in AWS Secrets Manager. For more information, see How can I securely pass secrets or sensitive information to containers in an Amazon ECS task?

Open the Amazon ECS console.
In the navigation pane, choose Task Definitions.
Select your task definition, choose Actions, and then choose Run Task.
For Launch type, choose FARGATE.
For Cluster, choose the cluster for your task definition.
For Number of tasks, enter the number of tasks that you want to run.
In the VPC and security groups section, for Cluster VPC, choose your Amazon Virtual Private Cloud (Amazon VPC).
For Subnets, choose your subnets.
For Security groups, select at least one security group.
Choose Run Task.

When your task is connects to your database, the rds.py script stops the task and displays the following message:

"Essential container in task exited."

Confirm that you connected your task to your database

Complete the following steps:

Open the Amazon ECS console.
In the navigation pane, choose Clusters, and then choose your cluster.
Choose the Tasks tab.
For Desired task status, to see a list of stopped tasks, choose Stopped.
Choose your stopped task.
On the Details tab of your stopped task, expand the Containers section.
Choose View logs in CloudWatch.

If you successfully connected your task to your database, then the following message displays in the CloudWatch console:

"Connection successful to [your endpoint]"

Topics: Containers
Tags: Amazon Elastic Container Service
Language: English

AWS OFFICIALUpdated 2 months ago

2 Comments

Hi! How would this change if the database is a MS SQL server located in a EC2 instance in a VPC? Thank you

jbelis

replied 2 years ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

MODERATOR

AWS Official

replied 2 years ago

Relevant content

Cannot connect docker container on ECS Fargate to RDS db instance
jedrek
asked 3 years ago
Connect ECS Fargate Service/Task from public
Accepted Answer
Ognif
asked a year ago
How can I use a static or Elastic IP address for an Amazon ECS task on Fargate ?
Accepted Answer
rePost-User-6597205
asked 3 years ago
APP in AWS ECS Fargate Can't Connect to Remote Database in Liquid Web.
Accepted Answer
Reyver
asked 2 years ago
Can't connect to RDS from task
Accepted Answer
rePost-User-8788279
asked 3 years ago
How do I mount an Amazon EFS file system on an Amazon ECS container or a task that runs on Fargate?
AWS OFFICIALUpdated 6 months ago
How do I take action on an Amazon ECS task retirement notice for a task that runs on Fargate?
AWS OFFICIALUpdated a year ago
How can I run an Amazon ECS task on Fargate in a private subnet?
AWS OFFICIALUpdated 10 months ago
How do I use a Network Load Balancer with Elastic IP addresses for Amazon ECS tasks on Fargate?
AWS OFFICIALUpdated 3 months ago
How to notify by email when the "exitCode" of an ECS Fargate task ends with a value other than 0
EXPERT
Riku_Kobayashi
published a year ago