AWS ECS environment variable not available [Python]
Question:
I am using AWS ECS with a Python Framework and in my task definition i have the option to add environment variables that will be available to the service(cluster).
Here is where i added the env variables:
When i then try to print all the env variables in my service i do not get access to these variables and i am not sure why. Here i printed all my env using environ:
for a in os.environ:
print('Var: ', a, 'Value: ', os.getenv(a))
print("all done")
Result:
DB_PORT or APP_KEY is not available in my service or python-code.
This is the JSON of my task definition:
{
"taskDefinitionArn": "arn:aws:ecs:eu-north-1:******:task-definition/******:3",
"containerDefinitions": [
{
"name": "***",
"image": "******.dkr.ecr.eu-north-1.amazonaws.com/*****",
"cpu": 0,
"portMappings": [],
"essential": true,
"environment": [
{
"name": "DB_PORT",
"value": "5439"
},
{
"name": "APP_KEY",
"value": "qjPYRIBZ0iijcqHHt******"
},
....
PS: The python is only running a CRON job (crontab) and not used for open webservice.
crontab:
PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/2 * * * * /home/local/cronhelper.sh > /proc/$(cat /var/run/crond.pid)/fd/1 2>&1
# Don't remove the empty line at the end of this file. It is required to run the cron job
cronhelper.sh:
#!/bin/sh -l
cd /usr/src/app && python craft schedule:run > /proc/$(cat /var/run/crond.pid)/fd/1 2>&1
python craft schedule:run runs a python script that just prints the env in first place (just to get this working)
Answers:
I had a similar problem and it seems to me that the full environment is passed only to the PID 1 (init process, which in a container should be CMD/ENTRYPOINT command). Cron is not that process so you cannot assume it sees the same environment.
What I did may not be the best solution, it is rather a hack, but it works.
The environment of a process is available in /proc/<pid>/environ, so in this case /proc/1/environ. I grab it from there and I store it in a file for a future use:
for I in `cat /proc/1/environ | strings`; do echo "export $I"; done > /src/.profile
and then I just source /src/.profile in my scripts (the cron job in your case).
If you need AWS credentials, you may also need access to ECS_CONTAINER_METADATA_URI_V4 environment variable and that one will be also there.
I am using AWS ECS with a Python Framework and in my task definition i have the option to add environment variables that will be available to the service(cluster).
Here is where i added the env variables:
When i then try to print all the env variables in my service i do not get access to these variables and i am not sure why. Here i printed all my env using environ:
for a in os.environ:
print('Var: ', a, 'Value: ', os.getenv(a))
print("all done")
Result:
DB_PORT or APP_KEY is not available in my service or python-code.
This is the JSON of my task definition:
{
"taskDefinitionArn": "arn:aws:ecs:eu-north-1:******:task-definition/******:3",
"containerDefinitions": [
{
"name": "***",
"image": "******.dkr.ecr.eu-north-1.amazonaws.com/*****",
"cpu": 0,
"portMappings": [],
"essential": true,
"environment": [
{
"name": "DB_PORT",
"value": "5439"
},
{
"name": "APP_KEY",
"value": "qjPYRIBZ0iijcqHHt******"
},
....
PS: The python is only running a CRON job (crontab) and not used for open webservice.
crontab:
PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/2 * * * * /home/local/cronhelper.sh > /proc/$(cat /var/run/crond.pid)/fd/1 2>&1
# Don't remove the empty line at the end of this file. It is required to run the cron job
cronhelper.sh:
#!/bin/sh -l
cd /usr/src/app && python craft schedule:run > /proc/$(cat /var/run/crond.pid)/fd/1 2>&1
python craft schedule:run runs a python script that just prints the env in first place (just to get this working)
I had a similar problem and it seems to me that the full environment is passed only to the PID 1 (init process, which in a container should be CMD/ENTRYPOINT command). Cron is not that process so you cannot assume it sees the same environment.
What I did may not be the best solution, it is rather a hack, but it works.
The environment of a process is available in /proc/<pid>/environ, so in this case /proc/1/environ. I grab it from there and I store it in a file for a future use:
for I in `cat /proc/1/environ | strings`; do echo "export $I"; done > /src/.profile
and then I just source /src/.profile in my scripts (the cron job in your case).
If you need AWS credentials, you may also need access to ECS_CONTAINER_METADATA_URI_V4 environment variable and that one will be also there.