Loading module
Resolving locale, route permissions, and workspace projection.
Resolving locale, route permissions, and workspace projection.
Current scope: Guest
Category: 80_chain | Version: v1.0.0
Owner: DOCUMENT_CUSTODIAN | Review cycle: 60 days
Approval authority: GOVERNANCE_ADMIN, CHAIN_OFFICER
Documentation portal is read-only. Editing and mutation endpoints are disabled.
Kvary հարթակը սկզբնապես ստեղծված է վրացերենով։ Երբ վրացերեն տարբերակ կա, վրացերենն է գերակա հարթակի UI-ի, փաստաթղթերի և իրավական մեկնաբանության համար։
Այլ լեզուներով թարգմանությունները տրամադրվում են հարմարության համար։ Որոշ գրառումներ կարող են ստեղծվել այլ լեզուներով և ունենալ սեփական source կամ legal locale տվյալ հոսքի համար, բայց երբ վրացերեն տարբերակ հասանելի է, հարթակի մակարդակի ձևակերպումների և մեկնաբանության համար գերակա է վրացերեն տարբերակը։
Metadata incomplete: Change Log
Document ID: GOS-80-CHAIN-AWS-ECS-ENV-BLOCKS Version: 0.1.0 Status: DRAFT Owner Role: CHAIN_OFFICER Last Review Date: 2026-03-04 Next Review Date: 2026-04-04
Provide copy/paste-ready ECS containerDefinitions[].environment blocks for Kafka orchestration workloads on AWS.
secrets (SSM/Secrets Manager), not in environment.<region> and broker DNS values with real MSK endpoints.environment Block[
{ "name": "NODE_ENV", "value": "development" },
{ "name": "KAFKA_BROKERS", "value": "b-1.kvary-dev-msk.<region>.amazonaws.com:9098,b-2.kvary-dev-msk.<region>.amazonaws.com:9098" },
{ "name": "KAFKA_DEMO_CLIENT_ID", "value": "kvary-kafka-demo-dev" },
{ "name": "KAFKA_DEMO_GROUP_ID", "value": "kvary-demo-dev" },
{ "name": "KAFKA_DEMO_TOPIC", "value": "mint.requested" },
{ "name": "KAFKA_DEMO_TIMEOUT_MS", "value": "30000" },
{ "name": "KAFKA_DEMO_WARMUP_MS", "value": "1500" }
]
environment Block[
{ "name": "NODE_ENV", "value": "staging" },
{ "name": "KAFKA_BROKERS", "value": "b-1.kvary-stage-msk.<region>.amazonaws.com:9098,b-2.kvary-stage-msk.<region>.amazonaws.com:9098" },
{ "name": "KAFKA_DEMO_CLIENT_ID", "value": "kvary-kafka-demo-stage" },
{ "name": "KAFKA_DEMO_GROUP_ID", "value": "kvary-demo-stage" },
{ "name": "KAFKA_DEMO_TOPIC", "value": "mint.requested" },
{ "name": "KAFKA_DEMO_TIMEOUT_MS", "value": "30000" },
{ "name": "KAFKA_DEMO_WARMUP_MS", "value": "1500" }
]
environment Block[
{ "name": "NODE_ENV", "value": "production" },
{ "name": "KAFKA_BROKERS", "value": "b-1.kvary-prod-msk.<region>.amazonaws.com:9098,b-2.kvary-prod-msk.<region>.amazonaws.com:9098,b-3.kvary-prod-msk.<region>.amazonaws.com:9098" },
{ "name": "KAFKA_DEMO_CLIENT_ID", "value": "kvary-kafka-demo-prod" },
{ "name": "KAFKA_DEMO_GROUP_ID", "value": "kvary-demo-prod" },
{ "name": "KAFKA_DEMO_TOPIC", "value": "mint.requested" },
{ "name": "KAFKA_DEMO_TIMEOUT_MS", "value": "45000" },
{ "name": "KAFKA_DEMO_WARMUP_MS", "value": "2000" }
]
secrets Block (Template)[
{ "name": "KAFKA_SASL_USERNAME", "valueFrom": "arn:aws:ssm:<region>:<account-id>:parameter/kvary/<env>/kafka/sasl/username" },
{ "name": "KAFKA_SASL_PASSWORD", "valueFrom": "arn:aws:ssm:<region>:<account-id>:parameter/kvary/<env>/kafka/sasl/password" }
]
intentId) across all environments.npm run kafka:smoke with Docker profile.npm run kafka:demo or service-level health checks.docs/80_chain/templates/ecs-task-kafka-orchestrator.dev.jsondocs/80_chain/templates/ecs-task-kafka-orchestrator.stage.jsondocs/80_chain/templates/ecs-task-kafka-orchestrator.prod.jsonRegister examples:
aws ecs register-task-definition --cli-input-json file://docs/80_chain/templates/ecs-task-kafka-orchestrator.dev.json
aws ecs register-task-definition --cli-input-json file://docs/80_chain/templates/ecs-task-kafka-orchestrator.stage.json
aws ecs register-task-definition --cli-input-json file://docs/80_chain/templates/ecs-task-kafka-orchestrator.prod.json
Set shared placeholders first:
AWS_REGION=<region>
ECS_CLUSTER=<ecs-cluster-name>
SUBNETS=subnet-aaa,subnet-bbb
SECURITY_GROUPS=sg-aaa
Dev:
aws ecs create-service \
--region $AWS_REGION \
--cluster $ECS_CLUSTER \
--service-name kvary-kafka-orchestrator-dev \
--task-definition kvary-kafka-orchestrator-dev \
--desired-count 1 \
--launch-type FARGATE \
--network-configuration "awsvpcConfiguration={subnets=[$SUBNETS],securityGroups=[$SECURITY_GROUPS],assignPublicIp=DISABLED}"
aws ecs update-service \
--region $AWS_REGION \
--cluster $ECS_CLUSTER \
--service kvary-kafka-orchestrator-dev \
--task-definition kvary-kafka-orchestrator-dev \
--force-new-deployment
Stage:
aws ecs create-service \
--region $AWS_REGION \
--cluster $ECS_CLUSTER \
--service-name kvary-kafka-orchestrator-stage \
--task-definition kvary-kafka-orchestrator-stage \
--desired-count 1 \
--launch-type FARGATE \
--network-configuration "awsvpcConfiguration={subnets=[$SUBNETS],securityGroups=[$SECURITY_GROUPS],assignPublicIp=DISABLED}"
aws ecs update-service \
--region $AWS_REGION \
--cluster $ECS_CLUSTER \
--service kvary-kafka-orchestrator-stage \
--task-definition kvary-kafka-orchestrator-stage \
--force-new-deployment
Prod:
aws ecs create-service \
--region $AWS_REGION \
--cluster $ECS_CLUSTER \
--service-name kvary-kafka-orchestrator-prod \
--task-definition kvary-kafka-orchestrator-prod \
--desired-count 2 \
--launch-type FARGATE \
--network-configuration "awsvpcConfiguration={subnets=[$SUBNETS],securityGroups=[$SECURITY_GROUPS],assignPublicIp=DISABLED}"
aws ecs update-service \
--region $AWS_REGION \
--cluster $ECS_CLUSTER \
--service kvary-kafka-orchestrator-prod \
--task-definition kvary-kafka-orchestrator-prod \
--force-new-deployment
Notes:
create-service once per environment; afterward use update-service for new task revisions.--load-balancers and the corresponding health check settings.Terraform templates:
docs/80_chain/templates/terraform/ecs-kafka-orchestrator/main.tfdocs/80_chain/templates/terraform/ecs-kafka-orchestrator/variables.tfdocs/80_chain/templates/terraform/ecs-kafka-orchestrator/dev.tfvarsdocs/80_chain/templates/terraform/ecs-kafka-orchestrator/stage.tfvarsdocs/80_chain/templates/terraform/ecs-kafka-orchestrator/prod.tfvarsQuick start:
cd docs/80_chain/templates/terraform/ecs-kafka-orchestrator
terraform init
terraform plan -var-file=dev.tfvars
terraform apply -var-file=dev.tfvars