FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    FusionAuth on ECS and Fargate

    Scheduled Pinned Locked Moved Unsolved
    Q&A
    2
    2
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      anand.murugan 0
      last edited by

      I am a bit confused about how to get FusionAuth container working in Fargate. My docker compose up command is working fine locally on my computer but when I go to the localhost:9011 , I see a setup wizard where I can set up the Administrator account and accept the license agreement. If I deploy my Fusionauth container on ECS/Fargate for scaling, how would this setup task be taken care of? Would I have to do the setup process (Admin account and license agreement) manually for each instance of the application on Fargate? Am I thinking about this wrong? Should there only be one instance of FusionAuth running? Is scaling (by increasing the number of concurrent FusionAuth instances talking to the same database) not the right approach for this? Thanks!

      M 1 Reply Last reply Reply Quote 0
      • M
        maburns @anand.murugan 0
        last edited by

        @anand-murugan-0 I run FusionAuth in ECS/Fargate. I don't know about the clustering side, but to make standing up a FusionAuth instance automated I needed to do 2 things:

        1. enable Silent Mode https://fusionauth.io/docs/v1/tech/guides/silent-mode which skips the first boot / migration page. This required passing in database credentials as env vars, so that Fusionauth doesn't need to ask you for them.

        2. Use a kickstart.json to configure an API key https://fusionauth.io/docs/v1/tech/installation-guide/kickstart#using-environment-variables

        Adding a kickstart.json file to a docker image in ECS is a bit non-trivial (either with EFS or S3). So I made my own Dockerfile:

        FROM fusionauth/fusionauth-app:1.38.1
        
        ARG FUSIONAUTH_APP_KICKSTART_VALUE
        ENV FUSIONAUTH_APP_KICKSTART_FILE=/tmp/kickstart.json
        
        RUN echo ${FUSIONAUTH_APP_KICKSTART_VALUE} > ${FUSIONAUTH_APP_KICKSTART_FILE}
        

        When running docker build, if you pass in an argument like

        docker build \
            --build-arg FUSIONAUTH_APP_KICKSTART_VALUE="{\"apiKeys\": [{\"key\": \"42\" } ] }" \
            .
        

        will build and write out a /tmp/kickstart.json file and tell Fusionauth to look at that path when it starts up. NOTE: any random value would work, I picked 42 for simplicity, don't use this in Production.

        With those 2 things, ECS will start a Fusionauth instance that doesn't prompt for initial installation (assuming you pass in db credentials as environment variable) and will

        1 Reply Last reply Reply Quote 0
        • First post
          Last post