Config Reference
Required Options
The are only 2 required config options. The rest are optional. The required options:
config.app # App name. IE: demo Note: if UFO_APP is set then this is optional
config.docker.repo # Docker Repo to push Docker image to
The vpc settings are notable. It’s how you configure which VPC you want the ECS Service to use.
Notable Env Vars
The UFO_APP, UFO_ENV, UFO_ROLE are worth noting. When set, they will take highest precedence. They are all optional. The default values are:
UFO_APP=nil # config.app is usually used
UFO_ENV=dev
UFO_ROLE=web
Reference
The table below covers each setting. Each option is configured in .ufo/config.rb with config.OPTION. The config. portion is not shown for conciseness. IE: logger.level vs config.logger.level.
| Name | Default | Description |
|---|---|---|
| app | nil | The app name. Example: demo. This is normally required. Unless UFO_APP is set. |
| autoscaling.enabled | true | Turns ECS Service AutoScaling on or off. |
| autoscaling.manual_changes.retain | true | Retain manual changes from ufo scale or with the AWS console. Note: Enabling means that autoscaling.max_capacity and autoscaling.min_capacity are only used for initial deployment.s |
| autoscaling.manual_changes.warning | true | UFO will show a warning about manual autoscaling changes. Set this to false to turn off this warning entirely. Note: This warning will only appear autoscaling.manual_changes.retain = false has been set. |
| autoscaling.max_capacity | 5 | AutoScaling maximum capacity. |
| autoscaling.min_capacity | 1 | AutoScaling minimum capacity. |
| autoscaling.predefined_metric_type | ECSServiceAverageMemoryUtilization | The AutoScaling metric to use. For ECS, theses are ECSServiceAverageCPUUtilization and ECSServiceAverageMemoryUtilization. AWS Docs: PredefinedScalingMetricSpecification |
| autoscaling.scale_in_cooldown | 300 | AutoScaling cooldown time when scaling in. The time in seconds to pause between scaling events. |
| autoscaling.scale_out_cooldown | 300 | AutoScaling cooldown time when scaling out. The time on seconds to pause between scaling events. |
| autoscaling.target_value | 75.0 | AutoScaling Target Value. |
| cfn.disable_rollback | false | Whether or not to disable rollback |
| cfn.notification_arns | nil | CloudFormation stack notification. |
| cfn.tags | nil | Hash of tags. IE: {Name: “value”} |
| docker.clean_keep | false | Docker images generated from ufo are cleaned up automatically for you at the end of ufo ship. This controls how many docker images to keep around. By default, this is false and all Docker images are kept. |
| docker.ecr_keep | false | If you are using AWS ECR, then the ECR images can also be automatically cleaned up at the end of ufo ship. By default, this is false and all AWS ECR are kept. |
| docker.repo | nil | The Docker repo to push the Docker image to. Example: org/repo. UFO automatically generates the tag and appends it to the Docker image name: org/repo => org/repo:generated-tag. |
| ecs.cluster | :ENV | Notice that the default is a pattern. By default, the :ENV pattern is expanded as the value of env var UFO_ENV=dev. So, by convention, the ECS cluster that ufo deploys to matches the UFO_ENV. If UFO=prod, then ufo ship deploys to the prod ECS cluster. This is option overrides this convention. |
| ecs.deployment_configuration | nil | Full control over the DeploymentConfiguration.This option is passed straight through to the CloudFormation template, so you should use CamelCase for the keys. Also when used, overrides ecs.maximum_percent and ecs.minimum_healthy_percent. |
| ecs.desired_count. | nil | Only respected when autoscaling.enabled = false. |
| ecs.maximum_percent | 200 | Upper limit on the number of tasks in a service that are allowed in the RUNNING or PENDING state during a deployment. This is part of DeploymentConfiguration. |
| ecs.minimum_healthy_percent | 100 | Lower limit on the number of tasks in a service that must remain in the RUNNING state during a deployment. This is part of DeploymentConfiguration. |
| ecs.scheduling_strategy | REPLICA | ECS Scheduling Strategy. IE: REPLICA or DAEMON |
| elb.default_actions | nil | Override the Listener default actions. This provides you a lot of control. |
| elb.enabled | auto | Enables creating the ELB. Can be “auto”, true or false. Auto means will create an ELB when role is web. |
| elb.existing.dns_name | nil | For managed route53 record when using config.dns.domain option. Since UFO does not manage the ELB, this allows UFO to map the route53 dns record when needed. UFO infers the ELB dns name from the target group. However, in the case when the target group is associated with multiple ELBs, UFO cannot infer it and this setting is required. See: Existing Load Balancer Docs. |
| elb.existing.target_group | nil | Existing ELB target group. When using elb.existing.target_group the other elb settings are ignored since they only apply the ELB ufo manages. In the case of using an existing target group, the ELB is managed outside of UFO. You’re bring your own ELB. |
| elb.health_check_interval_seconds | 10 | Time, in seconds, between health checks. |
| elb.health_check_path | / | Health check url path. |
| elb.healthy_threshold_count | 3 | Number of health checks successes before considered healthy. |
| elb.listener.enabled | Whether or not to create the standard listener with default port 80 | true |
| elb.matcher | Target group matcher | nil |
| elb.port | 80 | ELB Listener port |
| elb.protocol_version | Protocol version | nil |
| elb.redirect.code | 302 | Redirection status code |
| elb.redirect.enabled | false | When set to true, the Listener redirect to HTTPS by default. You should also set up SSL. |
| elb.redirect.port | 443 | Redirection status port |
| elb.redirect.protocol | HTTPS | Redirection protocol |
| elb.ssl.certificates | / | The ACM certificates to use. Example: [“arn:aws:acm:us-west-2:11111111:certificate/EXAMPLE”]. If only using one cert, can also just provide a String instead of an Array. Remember to also set ssl.enabled = true |
| elb.ssl.enabled | false | Whether or not to enable the creationg of an SSL Listener. If enabled, ssl.certificate should be set. |
| elb.ssl.port | 443 | ELB SSL Listener port |
| elb.unhealthy_threshold_count | 3 | Number of health check failures before considered unhealthy. |
| exec.command | /bin/bash | The default command to run for ufo exec which calls aws ecs execute-command |
| exec.enabled | true | Enable the execute command feature for the ECS service. |
| layering.show | false | Shows used layers for both config and vars. Useful for debugging layers. There are nuances with this option. It should be set in .ufo/config.rb and not be set dynamically. So only true or false values should be used. This is because config layers are processed so early that UFO parses the config file for this value internally. |
| layering.show_for_commands | %w[build ship] | Which ufo commands to show layering for. Useful for debugging layers. There are nuances with this option. It should be set in .ufo/config.rb and not be set dynamically. So only array values should be used. This is because config layers are processed so early that UFO parses the config file for this value internally. |
| log.root | The root folder where logs are written to. | log |
| logger | Logger instance to use. | Logger.new($stderr) |
| logger.formatter | Logger Formatter to use. See Formatter for interface. | UFO::Logger::Formatter |
| logger.level | Can also be set with UFO_LOG_LEVEL env var |
info |
| logs.filter_pattern | nil | Default filter pattern to use. The CLI option overrides this setting. Example: config.logs.filter_pattern = '- "HealthChecker"'. Note the - minus sign rejects patterns. See: AWS Docs: CloudWatch Logs Filter and Syntax Pattern. |
| names.stack | :APP-:ROLE-:ENV | The CloudFormation stack name. The default is a conventional pattern. Example: :APP-:ROLE-:ENV => demo-web-dev. Note: The default also includes :EXTRA, IE: :APP-:ROLE-:ENV-:EXTRA, the extra is not shown for simplicity. Also supports being assigned Ruby Callable Objects. A Ufo::Names object is passed as the argument to .call(arg). |
| names.task_definition | :APP-:ROLE-:ENV | The task definition name. The default is a conventional pattern. Example: :APP-:ROLE-:ENV => demo-web-dev. Note: The default also includes :EXTRA, IE: :APP-:ROLE-:ENV-:EXTRA, the extra is not shown for simplicity. Also supports being assigned Ruby Callable Objects. A Ufo::Names object is passed as the argument to .call(arg). |
| ps.format | auto | Default format of ps tasks output. Examples: auto csv table tab json. The auto format means table format is used if terminal is wide enough. If terminal is not wide enough, json format is used. |
| ps.hide_age | 5 | Age in minutes before hiding stopped tasks from ufo ps. Uses stopped_at and status of STOPPED. |
| ps.summary | true | Turns on or off the summary at the top of ufo ps. |
| secrets.manager_pattern | :APP/:ENV/:SECRET_NAME | Pattern used for secretsmanager secrets. It’s expanded like so :APP/:ENV/:SECRET_NAME => demo/dev/DB_PASS. Supports being assigned Ruby Callable Objects. A Helper/Vars object is passed as the argument to .call(arg). |
| secrets.ssm_pattern | :APP/:ENV/:SECRET_NAME | Pattern use for ssm parameter store. It’s expanded like so :APP/:ENV/:SECRET_NAME => demo/dev/DB_PASS |
| secrets.provider | ssm | Default provider for conventional expansion. Examples: ssm or secretsmanager |
| state.bucket | Can be set to use an existing bucket. When not set ufo creates a managed s3 bucket. Using this setting means the managed option is ignored. |
nil |
| state.managed | Setting to false disables creation of managed bucket entirely. |
true |
| state.reminder | When set to false, it disables reminder message about committing the state file. When using storage provider file, a reminder a message to the user is shown to commit the changes to the local state file. |
true |
| state.storage | State storage provider. IE: s3 or file | s3 |
| ship.docker.quiet | false | Quiet docker output by writing output to .ufo/log/docker.log. It only affects ufo ship docker output. The ufo docker build command will still show output to the terminal. |
| vpc.id | nil | Used to create ecs and elb security groups in the CloudFormation template. |
| vpc.subnets.ecs | nil | The subnets the ECS Container Instances are on. So this is where you want your containers to run. |
| vpc.subnets.elb | nil | Subnets used by the ELB load balancer. Defaults to same subnets as ECS subnets when not set. |
| vpc.security_groups.ecs | nil | Additional security groups to associate with the ECS tasks. |
| vpc.security_groups.elb | nil | Additional security groups to associate with the ELB. |