If you don’t have an application ready, we’ll use the included sample Tomcat application image in our task definition file.
In this article…
Sample Tomcat application
ECS Permissions
A...
See more...
If you don’t have an application ready, we’ll use the included sample Tomcat application image in our task definition file.
In this article…
Sample Tomcat application
ECS Permissions
ADOT Role | ADOTTaskRole
Build your own image
Additional resources
Sample Tomacat application
In the following, you will need to edit all the sections marked “XXXXX”
{
"family": "aws-opensource-otel",
"containerDefinitions": [
##### Application image
{
"name": "aws-otel-emitter",
"image": "docker.io/abhimanyubajaj98/tomcat-app-buildx:latest",
"cpu": 0,
"portMappings": [
{
"name": "aws-otel-emitter",
"containerPort": 8080,
"hostPort": 8080,
"protocol": "tcp",
"appProtocol": "http"
}
],
"essential": true,
"environment": [
{
"name": "APPDYNAMICS_AGENT_ACCOUNT_NAME",
"value": "XXXXX"
},
{
"name": "APPDYNAMICS_AGENT_TIER_NAME",
"value": "abhi-tomcat-ecs"
},
{
"name": "APPDYNAMICS_CONTROLLER_PORT",
"value": "443"
},
{
"name": "JAVA_TOOL_OPTIONS",
"value": "-javaagent:/opt/appdynamics/javaagent.jar"
},
{
"name": "APPDYNAMICS_AGENT_APPLICATION_NAME",
"value": "abhi-ecs-fargate"
},
{
"name": "APPDYNAMICS_CONTROLLER_HOST_NAME",
"value": " XXXXX.saas.appdynamics.com"
},
{
"name": "APPDYNAMICS_JAVA_AGENT_REUSE_NODE_NAME_PREFIX",
"value": "abhi-tomcat-ecs"
},
{
"name": "APPDYNAMICS_CONTROLLER_SSL_ENABLED",
"value": "true"
},
{
"name": "APPDYNAMICS_AGENT_ACCOUNT_ACCESS_KEY",
"value": " XXXXX "
},
{
"name": "APPDYNAMICS_JAVA_AGENT_REUSE_NODE_NAME",
"value": "true"
}
],
"mountPoints": [],
"volumesFrom": [
{
"sourceContainer": "appdynamics-java-agent"
}
],
"dependsOn": [
{
"containerName": "appdynamics-java-agent",
"condition": "START"
}
],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-create-group": "True",
"awslogs-group": "/ecs/ecs-aws-otel-java-tomcat-app",
"awslogs-region": "us-west-2",
"awslogs-stream-prefix": "ecs"
}
},
"healthCheck": {
"command": [
"CMD-SHELL",
"curl -f http://localhost:8080/sample || exit1"
],
"interval": 300,
"timeout": 60,
"retries": 10,
"startPeriod": 300
}
},
#####Java Agent configuration
{
"name": "appdynamics-java-agent",
"image": "docker.io/abhimanyubajaj98/java-agent-ecs",
"cpu": 0,
"portMappings": [],
"essential": false,
"environment": [],
"mountPoints": [],
"volumesFrom": [],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-create-group": "true",
"awslogs-group": "/ecs/java-agent-ecs",
"awslogs-region": "us-west-2",
"awslogs-stream-prefix": "ecs"
}
}
}
],
"taskRoleArn": "arn:aws:iam::778192218178:role/ADOTRole",
"executionRoleArn": "arn:aws:iam::778192218178:role/ADOTTaskRole",
"networkMode": "bridge",
"requiresCompatibilities": [
"EC2"
],
"cpu": "256",
"memory": "512"
}
ECS Permissions
Your ECS task should have the appropriate permission. For the example here, I created a taskRole ADOTRole and taskexecutionrole ADOTTaskRole.
ADOTRole Permission Policy
The permission policy for ADOTRole looks as follows:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:PutLogEvents",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:DescribeLogGroups",
"logs:PutRetentionPolicy",
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingRules",
"xray:GetSamplingTargets",
"xray:GetSamplingStatisticSummaries",
"cloudwatch:PutMetricData",
"ec2:DescribeVolumes",
"ec2:DescribeTags",
"ssm:GetParameters"
],
"Resource": "*"
}
]
}
ADOTTaskRole Permission Policy
The permission policy for ADOTTaskRole looks like:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:PutLogEvents",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:DescribeLogGroups",
"logs:PutRetentionPolicy",
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingRules",
"xray:GetSamplingTargets",
"xray:GetSamplingStatisticSummaries",
"cloudwatch:PutMetricData",
"ec2:DescribeVolumes",
"ec2:DescribeTags",
"ssm:GetParameters"
],
"Resource": "*"
}
]
}
Build your own image
Going back to the template, you can build your own image as well. The Dockerfile for the image can be found here, along with the task definition file https://github.com/Abhimanyu9988/ecs-java-agent
Additional resources
To understand more about the AppDynamics Java Agent, see the following in the Documentation portal https://docs.appdynamics.com/appd/22.x/22.12/en/application-monitoring/install-app-server-agents/jav...