Deploy to ECS

(Hélder Goncalves) #1


I have configured my ECR as an external package feed on Octopus.
I haven’t found many integrations with ECR online so I’ve decided to go with Fabfuel’s approach and use this library:

The plan is to have ECS Deploy run as a script on the Octopus Server itself and update all services/task definitions.

The script looks like this: ecs deploy $Cluster $Service --tag $OctopusParameters[‘Octopus.Action.Package.PackageVersion’]

Now what I’d like to do is associate my Project with the repository, either by the package id or some other way, so I new tags are identified when creating new releases in Octopus.

Is there any way I can do this?

Also when configuring the package feed in my step I’m getting this error:

The step failed: Activity failed with error ‘The Docker Registry v2 ‘AWS EC2 Container Service’ at does not support downloading packages on the Octopus Server.’

Any help?


(Jason Brown) #2

Hi Hélder,

Thanks for getting in touch.

Regarding ECS/ECR support, my suspicion is that you’re running into login issues, which are popping up as the “does not support downloading packages” error. We’ve got some documentation on ECS at the following URL

This notes that ECR logins expire in 12 hours and as yet we have no first-class support for renewing these logins automatically - which makes working with ECS/ECR a little problematic.

I’m running up a lab at the moment to confirm my suspicions, but obviously that’s going to take a little while.


(Hélder Goncalves) #3

Hi Jason,

Thanks for your reply.

You’re right the error is documented and it refers to downloading packages into the Octopus Server (and not a tentacle).

Since in my case I just want Octopus to create new task definitions and update the services on a specific cluster on ECS - I assume that an alternative would be installing a tentacle in the Octopus server itself (seems a bit of a hack tho).

Is there any way that I can create a custom script template that associates my Project with a package/ECRrepository (without downloading it) and then running my powershell script?


(Jason Brown) #4

Hi Hélder,

In theory, Octopus can run any PowerShell you care to write, so a custom step could work for you. You’d just need the AWS Powershell Tools installed on the server or tentacle/target, and an IAM key pair stored as sensitive variables. Then you can use Get-ECRAuthorizationToken to initiate the auth process and go from there.

Most of the docunentation seems to be aimed at the cli tools rather than powershell, but it looks like all the major operations are supported.


(system) closed #6