ECS service deployment stuck in deadlock due to deleted target group

Hi, we recently came across a problem with ECS service deployments, which is in our view a lack of robustness. Our setup roughly looks like this: We have an ECS service, which is reachable via different domains, which may change (even if not often). Due to technical reasons, the requests for the different domains are routed to the service task containers via separate target groups. Changes to the service are done with a deployment configuration allowing a minium of 100% and a maximum of 200%. In the automation, when switching the domains, a target group associated with the service might be deleted before the deployment has deregistered the existing container targets. As a result, the deployment is stuck in a state, where it can't remove the old task anymore. This can be observed in CloudTrail:

{
    ...
    "eventSource": "elasticloadbalancing.amazonaws.com",
    "eventName": "DescribeTargetGroups",
    "awsRegion": "eu-central-1",
    "sourceIPAddress": "ecs.amazonaws.com",
    "userAgent": "ecs.amazonaws.com",
    "errorCode": "TargetGroupNotFoundException",
    "errorMessage": "One or more target groups not found",
    ...
}

We are aware that our solution should handle this situation better, i.e. the target groups should not be deleted too early and we are already looking into this. However we were a bit surprised, that the deployment was completely stuck in this case, blocking all subsequent deployments due to the min/max configuration. Could this be handled in a more robust way on AWS side? And any suggestions how to handle this in our automation? We would not like to have a "polling configuration" waiting for the service to be in steady state with each change as we would like to keep this async.

Thanks in advance

Voesch
a year ago
Update: It seems like ECS handles this error correctly, if only one target group is wired to the ECS service. It will print the error event in the events view, but does not get stuck. But if there are e.g. two target groups attached and one of these is deleted prematurely, the situation described above occurs.

Topics

Containers Networking & Content Delivery

Relevant content

ECS task placement strategy to deploy across group of ec2 instances
rePost-User-2738569
asked 2 months ago
service "service-name" port 80 is unhealthy in target-group "target-group" due to (reason Health checks failed with these codes: [502]).
rePost-User-0265300
asked 10 months ago
Stuck at "Target registration is in progress" in Target group of Load balancer as part of ECS deployment
Dheeraj Rakesh Bingi
asked 3 months ago
Issue with ECS Service Rolling Deployment
eichemberger
asked 6 months ago
How do I troubleshoot issues related to blue/green deployments in Amazon ECS?
AWS OFFICIALUpdated 2 years ago
How can I perform blue/green deployments for services hosted on Amazon ECS?
AWS OFFICIALUpdated a year ago
Why did the running task count change in my Amazon ECS service?
AWS OFFICIALUpdated 2 years ago
What is a blue/green deployment for a Amazon OpenSearch Service cluster?
AWS OFFICIALUpdated 10 months ago
Deploy a Smart Contract on Polygon Mainnet with AMB Access and Hardhat Ignition
EXPERT
Simon Goldberg
published 3 months ago
Custom service definitions in VMware Cloud on AWS
EXPERT
Patrick Kremer
published a year ago