Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

ECS Deployment shows success but app still runs old code – latest changes not reflecting

0

I’m working with Amazon ECS using EC2 launch type. After pushing an updated Docker image to ECR, I created a new task definition revision and updated the service with “Force new deployment”.

The deployment shows as “successful” in the ECS console, and the new revision is in use. However, the application is still serving the old code — the changes are not reflected.

Here’s what I’ve done:

  • Built and pushed a new image to ECR (tagged as latest and with a unique version)
  • Updated the image URI in the task definition (tried both latest and versioned tag)
  • Created a new task definition revision
  • Updated the ECS service with “Force new deployment”
  • Confirmed the new revision is running
  • Verified scaling policies (though unrelated, there are failed scale-down events due to MinCapacity)

Despite all this, the app still appears to run an older version. Could ECS be using a cached image? Or is there any way to force it to always pull the latest image on deployment?

Appreciate any insights.

Topics
Containers
Tags
ECS Service DiscoveryAmazon Elastic Container ServiceAmazon Elastic Container Registry (ECR)
Language
English
asked 10 months ago345 views
2 Answers
1

This issue is related to how Amazon ECS handles container image resolution. When you deploy a container image on a service, ECS resolves the container image tag to a specific image digest (SHA256), which becomes the authoritative metadata for that image. This digest is cached to maintain consistency within a deployment.

Even though you've updated your image in ECR with the same tag (either 'latest' or a version tag), ECS won't automatically use the new image until the digest is updated. This is why your deployment shows as successful but still runs the old code.

Here are some solutions to ensure ECS uses your updated image:

  1. Force a new deployment: You mentioned you did this, but ensure you're using the AWS CLI command update-service --cluster clustername --service servicename --force-new-deployment or the equivalent option in the console.

  2. When you update an image, you must also update the service. By default, ECS resolves container image tags specified in the task definition to container image digests. For a service with multiple tasks, ECS uses the first task started during deployment to establish image digests.

  3. Consider using unique tags for each deployment instead of reusing 'latest'. This makes it clearer which version is running and can help avoid caching issues.

  4. If you're using a CI/CD pipeline like CodePipeline, ensure it's correctly set up to deploy the right image and that no other pipelines are in progress.

  5. Check for any "CannotPullContainerError" in your logs, which might indicate issues with pulling the updated image.

Remember that ECS's behavior of resolving tags to digests is designed to ensure version consistency across your service. By understanding this behavior and implementing appropriate update strategies, you can maintain the flexibility of using tags while ensuring your services use the latest images as intended.
Sources
Use new container image in Amazon ECS | AWS re:Post
Use latest container image digest during Amazon ECS deployments | AWS re:Post
ECS task definition image tag | AWS re:Post

answered 10 months ago
EXPERT
reviewed 10 months ago
0

When forcing New deployment with the Service update, ensure the service is pointing to the correct Task Definition! If that is the case, sounds like the Image hasnt been built correctly. You can download the image from ECR and test locally

EXPERT
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content