When Amazon Elastic Container Service (Amazon ECS) tasks start in my service, an older container image is used. Also, when I delete the older container image, the task doesn't start and I receive a "CannotPullContainer" error.
Short description
When you deploy a container image on a service, the container image tag is resolved to the container image digest. The digest contains the authoritative metadata for the image, so changes to the container image aren't reflected until you deploy the container image again. After you redeploy container image on a service, the digest updates.
For more information, see Container image resolution and Announcing software version consistency for Amazon ECS.
Resolution
Update your ECS service
To update the image digest, use either the Amazon ECS console or AWS Command Line Interface (AWS CLI) to force a new deployment.
Amazon ECS console
To use the Amazon ECS console, see Updating an Amazon ECS service using the console.
AWS CLI
Note: If you receive errors when you run AWS CLI commands, then see Troubleshooting errors for the AWS CLI. Also, make sure that you're using the most recent AWS CLI version.
Run the update-service command:
aws ecs update-service --service SERVICE_NAME --cluster CLUSTER_NAME --force-new-deployment
Note: Replace SERVICE_NAME with your service name, and CLUSTER_NAME with your cluster name.
To always use a specific image, specify the image digest directory in the task definition.
Resolve the "CannotPullContainer" error
If you receive a CannotPullContainer error after you delete an older container image, then redeploy the container image to update the digest.
To use the newest container image that has a specific tag, update the service and resolve the image digest again.
Note: The container image tag isn't resolved in services that use the CODE_DEPLOY or EXTERNAL deployment controller.