Provides an interactive prompt to connect to ECS Containers using the ECS ExecuteCommand API.

Overview

ecsgo

Heavily inspired by incredibly useful gossm, this tool makes use of the new ECS ExecuteCommand API to connect to running ECS tasks. It provides an interactive prompt to select your cluster, task and container (if only one container in the task it will default to this), and opens a connection to it.

That's it! Nothing fancy.

⚠️ The ExecuteCommand API is quite new at time of creation and existing Services and Tasks may need to be updated/created with the --enable-execute-command flag via the CLI. Terraform support for this option is now available)

Prereqs

You'll need to follow the prerequisites for ECS Exec as outlined in the blog post. You can also view some additional documentation on using ECS Exec here

Installation

MacOS/Homebrew

brew tap tedsmitt/ecsgo
brew install ecsgo

Linux

wget https://github.com/tedsmitt/ecsgo/releases/download/0.1.3/ecsgo_Linux_x86_64.tar.gz
tar xzf ecsgo_*.tar.gz

Move the ecsgo binary into your $PATH

Usage

The tool uses your AWS Config/Environment Variables to run. If you aren't familiar with working on AWS via the CLI, you can read more about how to configure your environment here

Flag Description Default Value
-p Specify the profile to load the credentials default
-c Specify the command to be run on the container, defaults to /bin/sh
-r Specify the AWS region to run in N/A

In future releases there will be more flags that will allow you to narrow down the results so you can find your desired task/container quicker.

The tool makes use of the wonderful survey package which allows us to filter down our results by typing at the prompt.

See below for some examples:

Connect to a task with multiple containers

multicontainer

Tasks that are not part of a service can be viewed by selecting *

listall

Issuing a specific command to a container

command

Comments
  • Issue Tapping with Homebrew

    Issue Tapping with Homebrew

    When trying to tap this. I get the following error

    $ brew tap tedsmitt/ecsgo
    ==> Tapping tedsmitt/ecsgo
    Cloning into '/opt/homebrew/Library/Taps/tedsmitt/homebrew-ecsgo'...
    remote: Enumerating objects: 21, done.
    remote: Counting objects: 100% (21/21), done.
    remote: Compressing objects: 100% (14/14), done.
    remote: Total 21 (delta 6), reused 3 (delta 0), pack-reused 0
    Receiving objects: 100% (21/21), done.
    Resolving deltas: 100% (6/6), done.
    Error: Invalid formula: /opt/homebrew/Library/Taps/tedsmitt/homebrew-ecsgo/ecsgo.rb
    ecsgo: Calling bottle :unneeded is disabled! There is no replacement.
    Please report this issue to the tedsmitt/ecsgo tap (not Homebrew/brew or Homebrew/core):
      /opt/homebrew/Library/Taps/tedsmitt/homebrew-ecsgo/ecsgo.rb:10
    
    Error: Cannot tap tedsmitt/ecsgo: invalid syntax in tap!
    
    bug 
    opened by codezninja 6
  • Migrate to AWS CLI

    Migrate to AWS CLI

    Great utility!

    ecsgo doesn't appear to support KMS encrypted sessions, so I changed the command to use aws cli instead.

    Before:

    ✗ ecsgo
    ? Select a task:
    Cluster: redacted | Service: api | Task: 12345308b064a4a911c205c63e0bbbf
    Connecting to container redactedi
    Starting session with SessionId: ecs-execute-command-12345
    
    
    SessionId: ecs-execute-command-12345 :
    ----------ERROR-------
    Encountered error while initiating handshake. Fetching data key failed: Unable to retrieve data key, Error when decrypting data key InvalidCiphertextException:
    

    After:

     Select a task:
    Cluster: redacted | Service: api | Task: 12345308b064a4a911c205c63e0bbbf
    Connecting to container redacted
    
    The Session Manager plugin was installed successfully. Use the AWS CLI to start a session.
    
    
    Starting session with SessionId: ecs-execute-command-12345
    This session is encrypted using AWS KMS.
    #
    
    opened by castrapel 2
  • Support KMS encrypted sessions

    Support KMS encrypted sessions

    As per https://github.com/tedsmitt/ecsgo/pull/11:

    ecsgo doesn't appear to support KMS encrypted sessions, so I changed the command to use aws cli instead.

    ✗ ecsgo
    ? Select a task:
    Cluster: redacted | Service: api | Task: 12345308b064a4a911c205c63e0bbbf
    Connecting to container redactedi
    Starting session with SessionId: ecs-execute-command-12345
    
    
    SessionId: ecs-execute-command-12345 :
    ----------ERROR-------
    Encountered error while initiating handshake. Fetching data key failed: Unable to retrieve data key, Error when decrypting data key InvalidCiphertextException:```
    bug 
    opened by tedsmitt 1
  • Add version output

    Add version output

    What

    Add version that will be shown when --version or -v is passed

    $ ecsgo --version
    ecsgo version Version: v1.0.0, Commit: xxxxxx, Built date: 2021-03-10 18:10:30, Built by: goreleaser
    

    Why

    To know which release am I using.

    opened by KeisukeYamashita 1
  • Default command for Windows or Linux

    Default command for Windows or Linux

    Fixes #16

    • Add conditional to check the OS family and determine a sensible default command for Windows or Linux
    • Rename "cmd" channel to "input" to avoid confusion with the arg "cmd"
    opened by tedsmitt 0
  • Default behaviour tries to start /bin/sh in Windows Containers

    Default behaviour tries to start /bin/sh in Windows Containers

    With the addition of https://aws.amazon.com/about-aws/whats-new/2022/04/amazon-commands-windows-container-aws-fargate/

    When attempting to start a session on a Windows Container you'll get the following error

    >> ~/.../github/ecsgo (main) [edintheclouds-dev] $ ecsgo
    ? Select a task: 
    Cluster: bluegreen | Service: * | Task: 78619b12e30f4652a20c1ce840f2bf60
    Connecting to container windows_container
    Starting session with SessionId: ecs-execute-command-057be7bbf24366b94
    /bin/sh : The term '/bin/sh' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or 
    if a path was included, verify that the path is correct and try again.
    At line:1 char:1
    + /bin/sh
    + ~~~~~~~
        + CategoryInfo          : ObjectNotFound: (/bin/sh:String) [], CommandNotFoundException
        + FullyQualifiedErrorId : CommandNotFoundException
    

    This can be worked around by specifying the command powershell.exe when using the tool

    e.g. ecsgo -c powershell.exe

    Will look at adding a check to see what the OS family is, and then decide the default command based on that information.

    There also seems to be an empty space that gets printed to stdout so need to look into that as well if possible. (This happens when using the AWS CLI as well)

    bug 
    opened by tedsmitt 0
  • Error when Cluster has no services

    Error when Cluster has no services

    Inside of getService we return an error if the length of services is 0

    	if len(list.ServiceArns) > 0 {
    		var serviceNames []string
    		for _, c := range list.ServiceArns {
    			arnSplit := strings.Split(*c, "/")
    			name := arnSplit[len(arnSplit)-1]
    			serviceNames = append(serviceNames, name)
    		}
    		selection, err := selectService(serviceNames)
    		if err != nil {
    			e.err <- err
    			return
    		}
    		if selection == backOpt {
    			e.cmd <- "getCluster"
    			return
    		}
    		e.service = selection
    		e.cmd <- "getTask"
    		return
    	} else {
    		e.err <- err
    		return
    	}
    

    We should allow for scenarios where the cluster has no services, and has tasks run ad-hoc via external orchestrators (such as Jenkins) or scheduled tasks.

    bug 
    opened by tedsmitt 0
  • 0.3.0

    0.3.0

    • Fix encrypted session issue as raised in https://github.com/tedsmitt/ecsgo/issues/12
    • Update AWS Go SDK to v1.43.28
    • Update README.md
    • Add check for session-manager-plugin
    opened by tedsmitt 0
  • 0.2.0

    0.2.0

    Restructure and move into ExecCommand struct/chan pattern

    - Restructured project to align with go-project-layout
    - Makes use of a chan to listen for command instructions, allows navigation between different layers of abstraction
    - Did some formatting of the command messages
    - Updated tests to work with new code
    - Customised survey.SelectQuestionTemplate to keep all messages on the same line to try and cut down on spam
    
    opened by tedsmitt 0
  • Unit Tests

    Unit Tests

    • Add initial unit tests
    • correct hardcoded cluster value in StartExecuteCommand
    • move CreateEcsClient to rootCmd and pass as arg to StartExecuteCommand
    opened by tedsmitt 0
  • detect hanging sessions

    detect hanging sessions

    When i'm in a session and the container get's removed due to new deplyoment/scaling/..., the session hangs forever and the only way is to kill the ecsgo PID.

    Is there a possibility to keep track of the websocket state somehow and exit with a message after a certain timeout?

    P.S.: Great project anyways, thank you! :heart:

    opened by morph027 3
  • Handle simple items better

    Handle simple items better

    Add defaults to each select option

    Where there is only 1 cluster, task, container then automatically pick that one

    This is a starting PR to get comfortable with the code before doing the other SSM changes.

    opened by andymac4182 4
Releases(0.4.2)
Owner
Ed Smith
Ed Smith
Open Source runtime scanner for Linux containers (LXD), It performs security audit checks based on CIS Linux containers Benchmark specification

lxd-probe Scan your Linux container runtime !! Lxd-Probe is an open source audit scanner who perform audit check on a linux container manager and outp

Chen Keinan 14 May 16, 2022
Highly configurable prompt builder for Bash, ZSH and PowerShell written in Go.

Go Bullet Train (GBT) Highly configurable prompt builder for Bash, ZSH and PowerShell written in Go. It's inspired by the Oh My ZSH Bullet Train theme

Jiri Tyr 517 Sep 16, 2022
Aceptadora provides the boilerplate to orchestrate the containers for an acceptance test.

aceptadora Aceptadora provides the boilerplate to orchestrate the containers for an acceptance test. Aceptadora is a replacement for docker-compose in

Cabify 58 Aug 12, 2022
A tool to build, deploy, and release any environment using System Containers.

Bravetools Bravetools is an end-to-end System Container management utility. Bravetools makes it easy to configure, build, and deploy reproducible envi

null 95 Sep 24, 2022
This repository is where I'm learning to write a CLI using Go, while learning Go, and experimenting with Docker containers and APIs.

CLI Project This repository contains a CLI project that I've been working on for a while. It's a simple project that I've been utilizing to learn Go,

Tamir Arnesty 0 Dec 12, 2021
Ydb-go-yc-metadata - Helpers to connect to YDB inside yandex-cloud using metadata service

ydb-go-yc-metadata helpers to connect to YDB inside yandex-cloud using metadata

YDB Platform 2 Apr 19, 2022
ecsk is a CLI tool to interactively use frequently used functions of docker command in Amazon ECS. (docker run, exec, cp, logs, stop)

English / 日本語 ecsk ECS + Task = ecsk ?? ecsk is a CLI tool to interactively use frequently used functions of docker command in Amazon ECS. (docker run

null 107 Aug 31, 2022
A tool to automate some of my tasks in ECS/ECR.

severinoctl A tool to automate some tasks in ECS/ECR. Work in progress... Prerequisites awscli working aws credentials environment AWS_REGION exported

Edson C. 7 Feb 19, 2022
Prometheus exporter for Amazon Elastic Container Service (ECS)

ecs_exporter ?? ?? ?? This repo is still work in progress and is subject to change. This repo contains a Prometheus exporter for Amazon Elastic Contai

Prometheus Monitoring Community 43 Sep 18, 2022
Build a retractable ECS load balance network through aliyun openapi.

ECSEquilizer 通过阿里云OpenAPI建立一个可伸缩的负载均衡网络调度器。 简介 为确保代理集群网络和计算能力可以通过ECS云服务动态伸缩,所以制定实现以下策略。 节点分为static和dynamic两种,static节点是通过配置文件(config.yaml)实现预设的,固定不变。 d

B23r0 17 Jul 2, 2022
🥝 Mini ECS CLI Command 🥝

miniecs ?? miniecs is a CLI tool for AWS ECS. ?? Requirement go 1.17.x or later �Installation go install github.com/jedipunkz/[email protected] Usage $ m

Tomokazu HIRAI 2 Aug 9, 2022
Amazon ECS Container Agent: a component of Amazon Elastic Container Service

Amazon ECS Container Agent The Amazon ECS Container Agent is a component of Amazon Elastic Container Service (Amazon ECS) and is responsible for manag

null 0 Dec 28, 2021
Learning about containers and how they work by creating them the hard way

Containers the hard way: Gocker: A mini Docker written in Go It is a set of Linux's operating system primitives that provide the illusion of a contain

Shuveb Hussain 1.5k Sep 24, 2022
Vulnerability Static Analysis for Containers

Clair Note: The main branch may be in an unstable or even broken state during development. Please use releases instead of the main branch in order to

QUAY 9k Sep 30, 2022
Binary program to restart unhealthy Docker containers

DeUnhealth Restart your unhealthy containers safely Features Restart unhealthy containers marked with deunhealth.restart.on.unhealthy=true label Recei

Quentin McGaw 54 Sep 25, 2022
Simple docker tui to list, start and stop your containers

docker-tui Simple docker tui that lets you list, start and stop your containers. Current status Rough, initial prototype. Build with This tool relies

Olek 6 Sep 3, 2022
A super simple demo to document my journey to reasonably sized docker containers.

hello-docker A super simple demo to document my journey to reasonably sized docker containers. Task at Hand Build a docker container as small as possi

Torsten Wunderlich 0 Nov 30, 2021
Viewnode displays Kubernetes cluster nodes with their pods and containers.

viewnode The viewnode shows Kubernetes cluster nodes with their pods and containers. It is very useful when you need to monitor multiple resources suc

NTTDATA-DACH 8 Sep 14, 2022
Truly Minimal Linux Distribution for Containers

Statesman Statesman is a minimal Linux distribution, running from memory, that has just enough functionality to run OCI-compatible containers. Rationa

James Cunningham 3 Nov 12, 2021