Questions tagged with Amazon Elastic Container Service

I'm trying to delete a stack and keep getting the following error when CF tries to delete an ECS Task ``` Resource timed out waiting for completion (RequestToken: 89c25917-0f4a-bc05-4600-5995911a84bb) ``` The thing is that I can't even follow the resource Physical ID because the resource has been already deleted(even the ECS Cluster itself). I can confirm in CloudTrail that the API call to remove the service returned a 200 response. Any ideas on how I can debug this further?lg...

We are writing a CI/CD setup where we remotely trigger a CodePipeline pipeline which fetches its task definition and appspec.yaml from S3 and includes a CodeDeploy ECS Blue/Green step for updating an ECS service. Images are pushed to ECR also remotely. This setup works and if the to-be-deployed application is not faulty and well configured the deployment succeeds in under 5 minutes. However, if the application does not pass health checks, or the task definition is broken, CodeDeploy will continuously re-deploy this revision during its "Install" step without end, creating tens of stopped tasks in the ECS Service. According to some this should time out after an hour, however we have not tested this. What we would like to achieve is automatic stops and rollbacks of these failing deployments. Ideally CodeDeploy should try only once to deploy the application and if that fails, immediately cancel the deployment and thus the pipeline run. According to the AWS documentation no options for this exist in CodeDeploy or the appspec.yaml that we upload to S3, so we are unsure of how to configure this if it is at all possible. We had two wanted scenarios in mind: 1. After one health check failure, the deployment stops and rolls back; 2. The deployment times out after a period shorter than one hour; ideally < 10 minutes. We currently have no alarms attached to the CodeDeploy deployment group, but it was my understanding that these alarms only trigger before the installation step to verify that the deployment can proceed instead of running alongside the deployment. In short; how would we configure either of those scenarios or at least prevent CodeDeploy from endlessly deploying replacement task sets?lg...

ECS Task ├Apache Container └Gogs Container We are considering autoscaling with the above Fargate configuration. In terms of autoscaling ・CPU utilization ・Memory usage ・Client concurrent connections We think that these should be monitored, but is there anything else we should consider? Also, is there a good way to monitor the number of concurrent client connections?lg...

Hi guys, I've pipeline for creating ecs services. As you know, when you use 'aws ecs run-task' the command does not wait until running process it gives output immedeately. You could use sleep 300 command etc to wait updating ecs status to running state. I found this command on cli aws ecs wait tasks-running --cluster ${clusterName} --tasks ${TASK_ID} But it gives ``` Waiter TasksRunning failed: Waiter encountered a terminal failure state ``` OR ``` Waiter TasksRunning failed: Waiter encountered a terminal failure state: For expression "tasks[].lastStatus" we matched expected path: "STOPPED" at least once ``` Any idea?lg...

Hi guys, I've pipeline for creating ecs services. As you know, when you use 'aws ecs run-task' the command does not wait for running process it gives output immedeately. You could use sleep 300 command etc to wait updating ecs status to running state. I found this command on cli aws ecs wait tasks-running --cluster ${clusterName} --tasks ${TASK_ID} But it gives ``` Waiter TasksRunning failed: Waiter encountered a terminal failure state ``` OR ``` Waiter TasksRunning failed: Waiter encountered a terminal failure state: For expression "tasks[].lastStatus" we matched expected path: "STOPPED" at least once ``` Any idea?lg...

Cloud watch Metric shows CPU utilization for one of my ECS clusters as 600% I don't know how to interpret this info. Is the utilization really go above 100% if so there should be some scaling but there is no such scaling up activity.lg...

Hi everyone ! During one deploying in our Dev environment, we were unable to launch a task in my ECS service . Tests that I already made : * Check my Service Quotas * Check my Bills in Billing Console * Tried to Re-Deploy all my Cluster in another Region Can anyone help us ? Regards,lg...

In our docker file we specify a user using the USER directive as we'd like to run the task as a non-root user. As we understand this is common good practise. However, the enironmental variables set by Fargate are not visible to this user. How to resolve this?lg...

I'm having trouble deploying to ElasticBeanstalk, it says: `Deployment completed, but with errors: Failed to deploy application. Failed to check health. Verify the permissions on the environment's service role and try again later. Permissions changes take up to two hours to propagate.` It's not at all clear what to do here. I can see that the service role is Service role: `arn:aws:iam::*:role/aws-elasticbeanstalk-service-role` I can see that the service role exists and appears to be correct. It's not clear what the actual issue is or how to diagnose it further.lg...

We have an ECS cluster in us-west-2 that runs a few ECS services. We run some ECS tasks that are invoked periodically via EventBridge. All tasks use the EC2 launch type and run on container instances that we manage with an Auto Scaling Group. AMI used currently is amzn2-ami-ecs-hvm-2.0.20220630-x86_64-ebs. Container instances are launched in private subnets and VPC endpoints are set up for a few AWS services, including SSM. A few months ago we started seeing missed checkins from the periodically launched tasks and saw that at least some of them failed to launch due to a timeout from the SSM API endpoint. In ecs-agent's log, it shows up like: > level=error time=2022-09-19T22:30:56Z msg="Failed to create task resource" error="fetching secret data from SSM Parameter Store in us-west-2: RequestError: send request failed\ncaused by: Post \"https://ssm.us-west-2.amazonaws.com/\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)" task="..." resource="ssmsecret" > level=info time=2022-09-19T22:30:56Z msg="Setting terminal reason for task" reason="fetching secret data from SSM Parameter Store in us-west-2: Request Error: send request failed\ncaused by: Post \"https://ssm.us-west-2.amazonaws.com/\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)" task="..." We tried increasing the throughput of SSM Parameter Store through its settings, but it didn't seem to have an effect. https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-throughput.html Other guides and Q&As I could find were about network misconfigurations that would lead to a complete inability to talk to SSM, whereas the symptom I'm seeing is only intermittent; the ECS tasks get launched without an issue most of the time. https://aws.amazon.com/premiumsupport/knowledge-center/ssm-tcp-timeout-error/ What could be the cause? What else can I look into?lg...

I tried to create Kali Linux container on LighiSail. I've specified 'Image' as 'kalilinux/kali-rolling' and instance type as Micro x1. Then I started deploying, but I got an error. The Log message of container is as follows. ``` [18/9/2022:07:33:12] [deployment:1] Creating your deployment [18/9/2022:07:34:41] [deployment:1] Started 1 new node [18/9/2022:07:36:14] [deployment:1] Started 1 new node [18/9/2022:07:37:39] [deployment:1] Started 1 new node ``` Is there a way to resolve this?lg...

I have an ECS service with daemon as type and today randomly the task count went from 2 (default) to 1, and haven't been able to fix it. And the events tab is getting spammed with: service xyz updated computedDesiredCount for taskSet ecs-svc/0123 to 1. (daemon service xyz) updated desired count to 2. It goes from 1 to 2 to 1 to 2 again every 10 seconds. Does anyone have an idea how to fix this? I have tried forcing new deployments, but nothing. In the deployments tab the ACTIVE status is running one task. And the PRIMARY has desired 1, but pending and running are 0 tasks.lg...