- Newest
- Most votes
- Most comments
Hello,
Please make sure that the requirements for using the ENI trunking feature are being considered.
Your account must have the AWSServiceRoleForECS service-linked role for ECS.
Also, only new Amazon EC2 instances launched after enabling awsvpcTrunking receive the increased ENI limits and the trunk network interface. Previously launched instances do not receive these features regardless of the actions taken.
You may check the detailed ENI trunking considerations in the link below :
[+] ENI trunking considerations - https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-instance-eni.html#eni-trunking-considerations
Further, you may go through the following documents for information related to "awsvpcTrunking" :
- https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-instance-eni.html
- https://aws.amazon.com/blogs/compute/optimizing-amazon-ecs-task-density-using-awsvpc-network-mode/
Also, please refer to the document below for Amazon ECS cluster auto scaling : https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-auto-scaling.html
Thank You!
It's quite confusing but this is NOT a global or account level setting despite it being implied. When it says "AWSVPC Trunking Turned On", it's ONLY showing how it's currently set for the user or role you are logged into the AWS console as.
You are likely launching the ecs cluster instance (ec2) with a different IAM role attached. You can tell by going to EC2, clicking your ecs instance, click security and look at the "IAM Role". If that's different to what's displayed on the EC2 > Account Setting then under Account Info (which lists the IAM user or role you are assuming) then that's your problem.
If that is the case, make sure your role policy has ecs:PutAccountSetting allowed. Then you can run aws ecs put-account-setting --name awsvpcTrunking --value enabled --region yourregion on the ec2 instance, or include that command in the user data when you launch the instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html).
Let me know if that helps, or if I can clarify anything further. I had the same problem today.
Relevant content
- asked 10 months ago
- asked 5 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 4 months ago