Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Can't run a basic ECS/Fargate task following AWS docs

0

I follow this ECS guide, but always get an error. https://docs.aws.amazon.com/AmazonECS/latest/developerguide/getting-started-fargate.html

My region is: eu-central-1

  1. I deleted* and then created default VPC using console following these steps: https://docs.aws.amazon.com/vpc/latest/userguide/delete-vpc.html#delete-vpc-console https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#create-default-vpc

    * Before I deleted/created default VPC, I also tried steps 2-4 with already created default VPC with the same result.

  2. I created AWS Fargate (serverless) cluster using console without (optional) steps and namespace**: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/getting-started-fargate.html

    ** I also tried the option with namespace with the same result.

  3. I created a task definition according to Step 2*** in: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/getting-started-fargate.html

    *** I also tried to add ecsTaskExecutionRole to the task, but it didn't help.

  4. I deployed the task by clicking the Deploy button and selecting Run task. I chose cluster I created in 2nd step and clicked Create. Unfortunately, task never runs and always returns these errors:

    There was an error while describing network interfaces. The networkInterface ID 'eni-042a245591c1f3e39' does not exist****

    **** This error probably occurs during de-provisioning and has nothing to do with the second error below. When the task has a Pending status, I checked if networkInterface ID exists and it does.

    Task stopped at: 2023-09-27T10:41:38.641Z CannotPullContainerError: pull image manifest has been retried 5 time(s): failed to resolve ref public.ecr.aws/docker/library/httpd:latest: failed to do request: Head "https://public.ecr.aws/v2/docker/library/httpd/manifests/latest": dial tcp: lookup public.ecr.aws on 172.31.0.2:53: read udp 172.31.40.124:56444->172.31.0.2:53: i/o timeout

I also tried opening ports 80 and 443 in VPC's security group for all inbound traffic with no luck.

How can I make it work? Thank you.

Themen
ServerlosBehälter
Tags
ServerlosAWS FargateAmazon Elastischer Container-Registry (ECR)Amazon Elastischer Container-ServiceBehälter
Sprache
English
Mihi
gefragt vor 8 Monaten732 Aufrufe
2 Antworten
0
Akzeptierte Antwort

I changed the region from eu-central-1 to us-east-1 following the same steps as I described above and it works. Probably there is some bug in AWS, hard to say if eu-central-1 can't access public.ecr.aws or if it's something different.

Mihi
beantwortet vor 8 Monaten
0

Hello.

I'm getting a timeout error when pulling the container image.
If the subnet used by ECS is a private subnet, try adding a route to the NAT Gateway to the route table or setting up a VPC endpoint for ECR.
https://docs.aws.amazon.com/AmazonECR/latest/userguide/vpc-endpoints.html

If you are using a public subnet, please check whether the subnet's public IP allocation is enabled.
https://docs.aws.amazon.com/vpc/latest/userguide/modify-subnets.html#subnet-public-ip

profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor 8 Monaten
  • Mihi
    vor 8 Monaten

    Hello. Unfortunately, creating a VPC endpoint for ECR or public NAT with a private subnet didn't help. All public subnets have Enable auto-assign public IPv4 addressInfo checked. I've already sent feedback to AWS that their guide is inaccurate or incomplete.

    If there's someone who could write me a step-by-step guide on how to make the below AWS guide work, that would be great: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/getting-started-fargate.html

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt