We have pushed the docker image to ECR (private repo) and need to deploy it on ECS. We have written CloudFormation template, it's creating the cluster, task definition, service and task. But it's not creating loadbalancer and target groups. I tried manually via ui but the task is keep on draining. Can anyone please look into my template and provide me an appropriate solution?
AWSTemplateFormatVersion: 2010-09-09
Description: CloudFormation template for deploying an app using Fargate with EBS storage.
Parameters:
VPC:
Type: AWS::EC2::VPC::Id
Default: vpc-0e7fa5b1456919151
SubnetA:
Type: AWS::EC2::Subnet::Id
Default: subnet-0468bc81339a8e324
SubnetB:
Type: AWS::EC2::Subnet::Id
Default: subnet-00e833287b978988c
SecurityGroup:
Type: AWS::EC2::SecurityGroup::Id
Default: sg-03b50fd0ea26b5343
Image:
Type: String
Default: 360252553571.dkr.ecr.us-east-1.amazonaws.com/cloudops:munlq
ServiceName:
Type: String
Default: MyService
ContainerPort:
Type: Number
Default: 8080
Resources:
Cluster:
Type: AWS::ECS::Cluster
Properties:
ClusterName: !Join ['', [!Ref ServiceName, Cluster]]
TaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
NetworkMode: awsvpc
RequiresCompatibilities:
- FARGATE
Cpu: '4096'
Memory: '16384'
ExecutionRoleArn: !GetAtt ExecutionRole.Arn
TaskRoleArn: !GetAtt TaskRole.Arn
ContainerDefinitions:
- Name: !Ref ServiceName
Image: !Ref Image
PortMappings:
- ContainerPort: !Ref ContainerPort
Essential: true
EphemeralStorage:
SizeInGiB: 150
ExecutionRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Join ['', [!Ref ServiceName, ExecutionRole]]
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service: ecs-tasks.amazonaws.com
Action: 'sts:AssumeRole'
ManagedPolicyArns:
- 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'
TaskRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Join ['', [!Ref ServiceName, TaskRole]]
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service: ecs-tasks.amazonaws.com
Action: 'sts:AssumeRole'
FargateService:
Type: AWS::ECS::Service
Properties:
Cluster: !Ref Cluster
LaunchType: FARGATE
ServiceName: munlq-service
DesiredCount: 1
TaskDefinition: !Ref TaskDefinition
NetworkConfiguration:
AwsvpcConfiguration:
AssignPublicIp: ENABLED
SecurityGroups:
- !Ref SecurityGroup
Subnets:
- !Ref SubnetA
- !Ref SubnetB
DeploymentConfiguration:
MaximumPercent: 200
MinimumHealthyPercent: 100
DeploymentCircuitBreaker:
Enable: true
Rollback: true
LoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Name: !Join ['', [!Ref ServiceName, LoadBalancer]]
Scheme: internet-facing
Subnets:
- !Ref SubnetA
- !Ref SubnetB
SecurityGroups:
- !Ref SecurityGroup
# Type: application
# IpAddressType: ipv4
# LoadBalancerAttributes:
# - Key: idle_timeout.timeout_seconds
# Value: '60'
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: !Join ['', [!Ref ServiceName, TargetGroup]]
Port: !Ref ContainerPort
Protocol: HTTP
VpcId: !Ref VPC
TargetType: ip
Listener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: fixed-response
FixedResponseConfig:
ContentType: text/plain
MessageBody: 'Hello from muNLQ'
StatusCode: '200'
LoadBalancerArn: !Ref LoadBalancer
Port: 80
Protocol: HTTP
ListenerRule:
Type: AWS::ElasticLoadBalancingV2::ListenerRule
Properties:
Actions:
- Type: forward
TargetGroupArn: !Ref TargetGroup
Conditions:
- Field: path-pattern
Values: ['/']
ListenerArn: !Ref Listener
Priority: 1