Accessing Amazon ECS Environment Variables For Debugging


Amazon’s Elastic Beanstalk service supports both single and multi-container Docker environments through Amazon ECS. Despite being in its infancy, Amazon ECS does provide an adequate environment for scaling Docker containers, though debugging those containers can present a challenge.

Typically, environment variables used to configure Docker containers are set inside the Elastic Beanstalk console. Those environment variables are then provided to Docker at container run-time. This becomes problematic when attempting to debug containers by logging into an instance and running a container manually, since accessing the environment variables provided by Elastic Beanstalk isn’t well documented.

In the latest version(s) of the ECS AMIs, you can discover Elastic Beanstalk configuration data by running /opt/elasticbeanstalk/bin/get-config environment. This will dump out the environment variables set in Elastic Beanstalk in JSON or YAML format. We’re going to use this to launch our own temporary container for debugging purposes.

After SSHing into our cluster instance, we’ll run get-config and pipe the output to sed for converting our YAML output into Bash variable declarations, then finally into an environment file:

sudo /opt/elasticbeanstalk/bin/get-config environment --output yaml | sed -n '1!p' | sed -e 's/^\(.*\): /\1=/g' > env

Here’s a summary of each part:

get-config environment --output yaml – Generates our Elastic Beanstalk environment variables in YAML format

| sed -n '1!p' – Pipes the previous command’s output to a sed command that removes the first line (since the first line is just ---)

| sed 's/^\(.*\): /\1=/g' > env – Our environment variables are now in the NAME: VALUE form, but we want NAME=VALUE. This sed command pipes the previous command’s output to sed and substitutes all instances of NAME: (when the instance is the start of a new line) with NAME= and removes the extra space. The resulting output is sent to a file named env.

With all of our variables now in a shell-friendly format, we can give that file to Docker as we’re launching a container:

sudo docker run --rm -it --env-file env [IMAGE] /bin/bash

This command uses the provided image to launch an interactive container that will be deleted when we exit, allocates a pseudo-TTY, uses the env file to set environment variables, and overrides the default command to be /bin/bash. Once the container has launched and we’re given a command prompt, typing env will verify the environment variables have propagated to the container. Now, we can run and debug commands inside our container with the same environment that Elastic Beanstalk automatically creates for each ECS task.