- Newest
- Most votes
- Most comments
After chatting with AWS support, here is the resolution (in case someone else lands on this post):
First, on launch the EC2 instance add to the user data (under advanced options towards bottom of setup screen) the following command: #!/bin/bash echo ECS_CLUSTER={cluster_name} >> /etc/ecs/ecs.config
AND
I had to launch an ecs optimized ami, that was key. I tried the above alone which was not sufficient, but once the ami was ecs optimized it successfully registered after launch.
I thought the problem was that the owner of the file has not changed to root because I downloaded it once as a general user with the curl command.
Try executing the following command once to delete it and then execute the registration command.
rm /tmp/ecs-anywhere-install.sh -f
Or I think changing the ownership of the file to root with the following command will solve the problem.
chown root:root /tmp/ecs-anywhere-install.sh
@Riku Kobayashi thanks for responding to my post. So that did get me past the permissions error! Thank you!
However after pasting the linux registration command from the 'Register External Instances' window from the cluster, there is a timeout that occurs during installation, and from the last log it looks like there is an issue retrieving a valid 'Identity document':
Next, I thought perhaps there is some underlying configuration issue due my instance being Ubuntu and what's installed doesn't have all the information to complete the registration. So, I tried again with a AWS Linux EC2.. and got a similiar error from the log. Though not all the warnings and installation stuff that was in the Ubuntu ec2. I'm assuming due to the AWS AMI already coming installed with all the needed libraries out of the box.
Also I followed the troubleshooting suggested at https://repost.aws/knowledge-center/ecs-instance-unable-join-cluster and followed the instructions for AWSSupport-TroubleshootECSContainerInstance runbook to get AWS System Managers to run a test for this.
The output said:
*The container instance profile DATK-EC2-Role is missing the following required permission(s): ['ecs:RegisterContainerInstance', 'ecs:CreateCluster', 'ecs:DeregisterContainerInstance', 'ecs:DiscoverPollEndpoint', 'ecs:Poll', 'ecs:StartTelemetrySession', 'ecs:UpdateContainerInstancesState', 'ecs:SubmitAttachmentStateChange', 'ecs:SubmitContainerStateChange', 'ecs:SubmitTaskStateChange'] Make sure that the container instance has all the recommended permissions. *
But the DATK-EC2-Role has the AmazonEC2ContainerServiceforEC2Role assigned which has all of those policies allowed...
Relevant content
- asked 2 years ago
- asked 3 years ago
- asked 7 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 4 months ago
- How do I add parameters when I register an Automation task with Systems Manager maintenance windows?AWS OFFICIALUpdated 2 days ago
@Riku Kobayashi thanks for responding to my post. So that did get me past the permissions error! Thank you! However after pasting the linux registration command from the 'Register External Instances' window from the cluster, there is a timeout that occurs during installation, and from the last log it looks like there is an issue retrieving a valid 'Identity document. The comment has a 600 char limit, so I posted a fuller response as another post below this thread.