1. 首頁
  2. 問答
  3. terraform-ecs。註冊的容器實例顯示爲0

terraform-ecs。註冊的容器實例顯示爲0

2017-10-05 147 views
0

運行時terraform apply它創建一個集羣,服務,ec2實例。但註冊容器實例爲0時,正在運行的任務數爲0terraform-ecs。註冊的容器實例顯示爲0

我試圖改變ecs.amazonaws.comec2.amazonaws.com但它拋出一個錯誤:

aws_ecs_service.nginx: InvalidParameterException: Unable to assume role and validate the listeners configured on your load balancer. Please verify that the ECS service role being passed has the proper permissions.

enter image description here

provider "aws" { 
     region = "us-east-1" 
    } 

    resource "aws_ecs_cluster" "demo" { 
     name = "demo" 
    } 

    resource "aws_iam_role" "ecs_elb" { 
     name = "ecs-elb" 
     assume_role_policy = <<EOF 
    { 
     "Version": "2008-10-17", 
     "Statement": [ 
     { 
      "Sid": "", 
      "Effect": "Allow", 
      "Principal": { 
      "Service": "ecs.amazonaws.com" 
      }, 
      "Action": "sts:AssumeRole" 
     } 
     ] 
    } 
    EOF 
    } 

    resource "aws_iam_policy_attachment" "ecs_elb" { 
     name = "ecs_elb" 
     roles = ["${aws_iam_role.ecs_elb.id}"] 
     policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole" 
    } 

    resource "aws_launch_configuration" "ecs_instance"{ 
     name_prefix = "ecs-instance-" 
     instance_type = "t2.micro" 
     image_id = "ami-4fffc834" 
    } 

    resource "aws_autoscaling_group" "ecs_cluster_instances"{ 
     availability_zones = ["us-east-1a"] 
     name = "ecs-cluster-instances" 
     min_size = 1 
     max_size = 1 
     launch_configuration = "${aws_launch_configuration.ecs_instance.name}" 
    } 

    resource "aws_ecs_task_definition" "nginx" { 
     family = "nginx" 
     container_definitions = <<EOF 
     [{ 
     "name": "nginx", 
     "image": "nginx", 
     "cpu": 1024, 
     "memory": 768, 
     "essential": true, 
     "portMappings": [{"containerPort":80, "hostPort":80}] 
     }] 
     EOF 
    } 

    resource "aws_ecs_service" "nginx" { 
     name = "nginx" 
     cluster = "${aws_ecs_cluster.demo.id}" 
     task_definition = "${aws_ecs_task_definition.nginx.arn}" 
     desired_count = 1 
     iam_role = "${aws_iam_role.ecs_elb.arn}" 
     load_balancer { 
      elb_name = "${aws_elb.nginx.id}" 
      container_name = "nginx" 
      container_port = 80 
     } 
    } 
    resource "aws_elb" "nginx" { 
     availability_zones = ["us-east-1a"] 
     name = "nginx" 
     listener { 
      lb_port = 80 
      lb_protocol = "http" 
      instance_port = 80 
      instance_protocol = "http" 
     } 
    }

來源

2017-10-05 Gourab Paul

回答

0

排除故障ECS問題,你可以按照下面的步驟。

  1. 點擊服務名稱nginx,檢查是否有任何任務處於pending狀態。如果你看到,通常有很多stopped任務。

這意味着容器不健康。

  1. 單擊服務名稱,事件,檢查是否存在任何錯誤事件以幫助您執行故障排除。

  2. 如果列表中有任何實例,請點擊ECS instances。如果不是,則表示EC2實例未成功註冊到ECS集羣。

如果使用AWS ECS AMI,應該沒問題。但是,如果你使用自己的AMI,你需要添加下面的userdata腳本

ECS-userdata.tpl

#!/bin/bash 
echo "ECS_CLUSTER=${ecs_cluster_name}" >> /etc/ecs/ecs.config

更新terraform代碼:

data "template_file" "ecs_user_data" { 

    template = "file("ecs-userdata.tpl") }" 

    vars { 
    ecs_cluster_name = "${var.ecs_cluster_name}" 
    } 
} 


resource "aws_launch_configuration" "demo" { 
    ... 
    user_data = "${data.template_file.ecs_user_data.rendered}" 
    ... 
}
  • 啓用docker容器日誌,最簡單的方法是將日誌發送到aws cloudwatch。

    • 先加入以下資源。

    resource "aws_cloudwatch_log_group" "app_logs" { 
    name    = "demo" 
    retention_in_days = 14 
}

    然後將下面的代碼添加到任務定義中。

    "logConfiguration": { 
    "logDriver": "awslogs", 
    "options": { 
    "awslogs-group": "${aws_cloudwatch_log_group.app_logs.name}", 
    "awslogs-region": "${var.region}" 
    } 
},

    你申請變更後,去cloudwatch,日誌,檢查是否有任何錯誤日誌。

    ["ecs.amazonaws.com", "ec2.amazonaws.com"] "Principal": { "Service": ["ecs.amazonaws.com", "ec2.amazonaws.com"] },
  • 變化IAM角色希望這些步驟是對你有幫助。

    • 未來閱讀:

    Launching an Amazon ECS Container Instance

    來源

    2017-10-05 09:20:36 BMW

    +0

    沒有任務在掛起/停止狀態。雲手表中也沒有生成日誌。 –

    +0

    服務中的事件:服務nginx無法放置任務,因爲沒有容器實例滿足其所有要求。原因:在羣集中找不到容器實例。有關更多信息 –

    +0

    好的,這意味着沒有ec2實例被添加到該ecs集羣。 'ami-4fffc834'屬於AWS ecs鏡像,如果你使用自己的AMI鏡像,你需要自定義'user-data'來啓動它自己添加到ecs集羣 – BMW

    相關問題

     相關問題