Skip to main content

CLOUD SOLUTIONS

Security containers deployment on AWS ECS

To deploy a Security Container instances on AWS ECS follow the steps in this article:

Note

Before starting, you need to have an ECS cluster configured with EC2 Linux.

  1. Log in to Amazon ECS and go to the Task Definitions page.

  2. Select Create New Task Definition.

    gz_cl_op_pt_installation_bscawsecs_task_def.png
  3. In the Select launch type compatibility step, select EC2 and click Next Step.

    gz_cl_op_pt_installation_launch_type_compatibility.png
  4. In Configure tasks and container definitions step, take the following actions:

    1. Add a descriptive name under Task definition name (for example, bitdefender-security-tools/bitdefender-security-container).

    2. Under Task role, select ecsTaskExecutionRole.

    3. Under Network mode, select Host.

      gz_cl_op_pt_installation_conf_tasks_and_def.png
    4. Configure the Task Execution Role section:

      • Under Task execution role, select ecsTaskExecutionRole.

    5. Configure the Task size section:

      1. Under Task memory (MIB), select 2048 (if lower, the antimalware module might crash).

      2. Under Task CPU, select 1024.

        gz_cl_op_pt_installation_task_execution_and_size.png
  5. Under container definitions, select Add container.

    container_definitions_252685_en.png
  6. Add a BSC container:

    1. Under Container name, add a descriptive name for the container.

    2. Under image, add the latest version from https://hub.docker.com/r/bdfbusiness/bitdefender-security-container/tags.

    3. Under Memory Limits, select Hard Limit and 2048.

      gz_cl_op_pt_installation_bscawsecs_add_container.png
    4. Add the BSC environment variables needed to start BSC.

      gz_cl_op_pt_installation_bscawsecs_env_var.png

      Note

      The value given to BSC_GID needs to different than the IDs given to any other already existing groups.

    5. Select Add.

      The container has now been added and configured:

      container_definitions_added_container_252685_en.png
  7. Scroll down to the Volumes Section, click Add volume, and add these volumes:

    gz_cl_op_pt_installation_bscawsecs_volumes.png
  8. Scroll back up to the Container definition section and double click the previously selected container.

  9. Add these Mount points in the Storage and Logging section and click Update.

    edit_container_252685_en.png
  10. Select Create.

    create_button_edit_container_252685_en.png
  11. Run the previously created task on the ECS cluster:

    1. Go to the Clusters page.

    2. Select the cluster and click Run new Task.

      gz_cl_op_pt_installation_bscawsecs_run_task.png
    3. Select EC2 launch type and select the task definition that you want to use and start the task.

      gz_cl_op_pt_installation_bscawsecs_run_task2.png

The BSC container will be deployed on the cluster.