How to debug an image/container?

So I’ve modified the php-aws scripts to push my image and get things up and running in Fargate. Works great. Kinda.

When I hit the generated URL for my web app, I get a Laravel (Boo! Hiss!) error about an app key needing to be generated. Fine, I rebuild my image generating an app key. I check the local image, the key is there, so I push and rebuild the stack. I get the same error.

  1. Any tips on how to debug this?

  2. Is there a way to look into the image/container on AWS without setting up SSH in the image?

  3. Is there a way to deploy the new image without tearing down and rebuilding the entire stack (which takes about 30 minutes)?

  1. Is it working locally using docker-compose up?
  2. You only get the logs from stdout/stderr
  3. Once you create a new image, re rerun the aws cloudformation packageand aws cloudformation deploy commands. It takes quiet some time for the first time (database cluster is created) but it is faster for all subsequent invocations.
  1. Yes, it does.

  2. So there’s no “looking into” the container/image on AWS?

  3. Cool. Cool cool cool.

I think the problem is the following: I build an image locally and that’s the one I push. However, when I bring it up locally using docker-compose, that’s when I generate the key, and a new image is created and run. The local container has the key but the pushed image does not. So the solution seems to be to generate the key when spinning up the container.

But first, lunch.

2: Unfortunately, not out of the box. People workaround this with sshd (as you mentioned) or by running the aws SSM agent inside each container. This is a feature that a lot of AWS users are missing…

I’m not familiar with Laravel’s app keys but it seems to be possible to inject it via the environment variable APP_KEY.

Our ruby-rails example is similar (uses a SECRET_KEY_BASE).

What could work is this: you inject an environment variable APP_KEY into your Laravel container. The value is generated by AW Secrets Manager. For inspiration, open the ruby-rails example and search for SECRET_KEY_BASE.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.