文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >ECS fargate部署受阻,未能部署ECS服务

ECS fargate部署受阻,未能部署ECS服务
EN

Stack Overflow用户
提问于 2022-07-16 18:39:41
回答 1查看 101关注 0票数 0

我是ECS的新手,我正在尝试用Cloudformation来部署它。

通过查看文档和我从博客和一些文章中找到的一些例子,我制作了以下cloudformation模板。

然而,由于某些原因,它被困在更新其中一个资源,并最终超时。我不知道为什么它会被卡住而失败。

有人能发现我正在犯的错误吗?

目前,我的目标是在互联网上部署和查看应用程序。我并不是真的在寻找高级配置。在部署aws cli时,我还将ecr url传递给它。

提前谢谢你。

代码语言:javascript
复制
AWSTemplateFormatVersion: 2010-09-09
Transform: AWS::Serverless-2016-10-31
Description: >
  ECS Service

Parameters:
  Environment:
    Type: String
    Default: alpha
    AllowedValues:
      - alpha
      - beta
      - production
  ECRDockerUri:
    Type: String
    Default: <url for ecr repo> 
  ContainerPort: 
    Type: Number
    Default: 8080

Resources:
  LogGroup:
    Type: AWS::Logs::LogGroup
    Properties:
      LogGroupName: !Sub "${Environment}-fake-user-api-logGroup"
      RetentionInDays: 30

  ECSCluster:
    Type: 'AWS::ECS::Cluster'
    Properties:
      ClusterName: !Sub "${Environment}-MyFargateCluster"

  ExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: !Sub "${Environment}-${AWS::AccountId}-ExecutionRole"
      AssumeRolePolicyDocument:
        Statement:
          - Effect: Allow
            Principal:
              Service: ecs-tasks.amazonaws.com
            Action: 'sts:AssumeRole'
      ManagedPolicyArns:
        - 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'

  ECSService:
    Type: AWS::ECS::Service
    Properties:
      ServiceName: !Sub "${Environment}-${AWS::AccountId}-ECSService"
      Cluster: !Ref ECSCluster
      TaskDefinition: !Ref TaskDefinition
      DesiredCount: 1
  
  TaskDefinition:
    Type: AWS::ECS::TaskDefinition
    Properties:
      TaskRoleArn: !Ref ExecutionRole
      ContainerDefinitions:
        - Name: !Sub "${Environment}-${AWS::AccountId}-Container"
          Image: !Ref ECRDockerUri
          Memory: 1024
          Essential: true
          DisableNetworking: false
          Privileged: true
          ReadonlyRootFilesystem: true
          Environment: 
            - Name: SPRING_PROFILES_ACTIVE
              Value: !Ref Environment
          PortMappings:
            - ContainerPort: !Ref ContainerPort
              HostPort: !Ref ContainerPort
          LogConfiguration:
            LogDriver: awslogs
            Options:
              awslogs-group: !Ref LogGroup
              awslogs-region: ca-central-1
docker
amazon-cloudformation
amazon-ecs
aws-fargate
EN

回答 1

Stack Overflow用户

发布于 2022-07-21 20:09:20

我检查了你的CFN堆栈,发现有些东西不见了。我注意到您的集群名是ENV-MyFargateCluster,所以我假设您的目标是创建一个fargate服务。要运行fargate服务,您需要提供网络配置,并通过指定Launch通知要创建Fargate服务。此外,Fargate任务不能被授予特权。

下面是我的代码片段:

代码语言:javascript
复制
AWSTemplateFormatVersion: 2010-09-09
Transform: 'AWS::Serverless-2016-10-31'
Description: |
  ECS Service
Parameters:
  Environment:
    Type: String
    Default: alpha
    AllowedValues:
      - alpha
      - beta
      - production
  ECRDockerUri:
    Type: String
    Default: 'image'
  ContainerPort:
    Type: Number
    Default: 80
Resources:
  LogGroup:
    Type: 'AWS::Logs::LogGroup'
    Properties:
      LogGroupName: !Sub '${Environment}-fake-user-api-logGroup'
      RetentionInDays: 30
  ECSCluster:
    Type: 'AWS::ECS::Cluster'
    Properties:
      ClusterName: !Sub '${Environment}-MyFargateCluster'
  ExecutionRole:
    Type: 'AWS::IAM::Role'
    Properties:
      RoleName: !Sub '${Environment}-${AWS::AccountId}-ExecutionRole'
      AssumeRolePolicyDocument:
        Statement:
          - Effect: Allow
            Principal:
              Service: ecs-tasks.amazonaws.com
            Action: 'sts:AssumeRole'
      ManagedPolicyArns:
        - 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'
  ECSService:
    Type: 'AWS::ECS::Service'
    Properties:
      ServiceName: !Sub '${Environment}-${AWS::AccountId}-ECSService'
      LaunchType: FARGATE
      Cluster: !Ref ECSCluster
      TaskDefinition: !Ref TaskDefinition
      DesiredCount: 1
      NetworkConfiguration:
        AwsvpcConfiguration:
          AssignPublicIp: ENABLED
          SecurityGroups:
            - sg-XXXXXXXXXX
          Subnets:
            - subnet-XXXXXXXXXX
  TaskDefinition:
    Type: 'AWS::ECS::TaskDefinition'
    Properties:
      RequiresCompatibilities:
        - FARGATE
      TaskRoleArn: !Ref ExecutionRole
      ExecutionRoleArn: !Ref ExecutionRole
      ContainerDefinitions:
        - Name: !Sub '${Environment}-${AWS::AccountId}-Container'
          Image: !Ref ECRDockerUri
          Memory: 1024
          Essential: true
          DisableNetworking: false
          Privileged: false
          ReadonlyRootFilesystem: true
          Environment:
            - Name: SPRING_PROFILES_ACTIVE
              Value: !Ref Environment
          PortMappings:
            - ContainerPort: !Ref ContainerPort
          LogConfiguration:
            LogDriver: awslogs
            Options:
              awslogs-group: !Ref LogGroup
              awslogs-region: ca-central-1
              awslogs-stream-prefix: test
      Cpu: '1024'
      Memory: '2048'
      NetworkMode: awsvpc
票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/73006795

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档