amazon-ecs

问题 We have node service(V8.15.1) deployed on AWS EC2 containers using ECS.We have AWS_ACCESS_KEY setup in environment as well as a role is mapped to EC2 instances. I am supposed to use EC2 instance role to access AWS SSM. So, i tried below: AWS.config.credentials = new AWS.EC2MetadataCredentials(); and tried to read parameter from SSM. i get below error: { "msg": "User: arn:aws:sts::AccountID:assumed-role/role-name/i-*****92a is not authorized to perform: ssm:GetParameter on resource: arn:aws

问题 I have an API running on ECS Fargate that accepts GET method requests. I put an API Gateway endpoint in front of it with a VPC_LINK integration with an NLB in a private subnet. When I send a GET request using the invoke url, I get a 404 page not found error. I am confused why I am getting this. I set up every component - the NLB listener, the target group, and my host and container ports in my task definition - on 8000/tcp . So, I am not sure why this error is happening. My Fargate task is

问题 How bad would it be to use something like this in a Dockerfile: ENTRYPOINT node . | tee >(send_logs_to_elastic_search) most of the logging solutions require some pretty nasty configuration. The above would be a way for us to capture the logs programmatically and write our own glue code. The main problem with the above solution is that CMD arguments would not append to the node process? I assume they would get append to the tee process instead? something like this: docker run foo --arg1 --arg2

问题 Is there some AWS command get to get logs from all services/tasks from an ECS cluster? something like: aws ecs logs --cluster dev or aws ecs describe-clusters --cluster dev logs for example, there must be some API to retrieve the logs that are shown in the UI here: 回答1: No there is no such out of the box option that takes logs from all service based on the cluster, as evey container running in their own space (EC2 instance). So there can similar option that you can try, but before that, you

问题 I've inspected one of the docker containers I have running in my ECS cluster and it has a blank for the restart policy ("{{ .HostConfig.RestartPolicy.Name }}"). I'm unsure what ECS does in the case of a failure but I would like to change the policy to one that restarts the container instance if the cmd running in the instance fails. Is it possible to change the restart policy on docker containers in an ECS cluster? 回答1: Is it possible to change the restart policy on docker containers in an

问题 After creating a service without an LB, is there a way to create an LB for the service after the fact? for some reason the UI doesn't seem to allow me to do this :( 回答1: No, attaching an Application Load Balancer and TargetGroup must be done at service creation. It can't be added after. You'll have to delete and re-create the service. 来源： https://stackoverflow.com/questions/57385899/create-a-load-balancer-for-existing-ecs-service

问题 I'm using AWS-CLI to register an ECR task definition. My task definition is like follows: { "family": "", "taskRoleArn": "", "executionRoleArn": "", "networkMode": "none", "containerDefinitions": [ { "name": "", "image": "", "cpu": 0, "memory": 0, "memoryReservation": 0, "links": [ "" ], "portMappings": [ { "hostPort": 80, "protocol": "tcp", "containerPort": 80 } ], "essential": true, "entryPoint": [ "" ], "command": [ "" ], "environment": [ { "name": "", "value": "" } ], "mountPoints": [ {

问题 Trying to create an ECS service using cloudformation via the following manifest that has the appropriate imports UIService: Type: AWS::ECS::Service Properties: Cluster: !ImportValue ECSClusterName DesiredCount: 1 LaunchType: EC2 LoadBalancers: - ContainerName: !ImportValue UIContainerName ContainerPort: '80' TargetGroupArn: !ImportValue UITGArn ServiceName: ui-service ServiceRegistries: - RegistryArn: arn:aws:servicediscovery:eu-west-1:944094092130:service/srv-oIclu40KCKM3esez7 TaskDefinition

问题 Using the ecs agent container on an Ubuntu instance, I am able to register the agent with my cluster. I also have a service created in that cluster and task definitions as well. When I try to add a task to the cluster I get the useless error message: Run tasks failed Reasons : ["ATTRIBUTE"] The ecs agent log has no related error message. Any thoughts on how I can get better debugging or what the issue might be? The cli also returns the same useless error message { "tasks": [], "failures": [ {

问题 I have been trying to setup Docker in Windows Server 2016 in an AWS instance to run an IIS program. From this question, Cannot access an IIS container from browser - Docker, IIS has been setup inside a container and it is accessible from the host without port mapping. However, if I want to allow other users from the Internet/Intranet to access the website, after Google-ing it, I guess we do need port mapping... The error I have encountered in port mapping is given in the above question so...