Menu
I'm using .NET Core WEBAPI and below Dockerfile
FROM microsoft/dotnet:sdk AS build-env
WORKDIR /app
# Copy csproj and restore as distinct layers
COPY *.csproj ./
RUN dotnet restore
# Copy everything else and build
COPY . ./
RUN dotnet publish -c Release -o out
# Build runtime image
FROM microsoft/dotnet:aspnetcore-runtime
WORKDIR /app
COPY --from=build-env /app/out .
ENTRYPOINT ["dotnet", "DummyService.dll"]
In my cloudformation template, the ECS part looks like this
dummyWebApiEcsTaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
Family: !Ref AWS::StackName
TaskRoleArn: !GetAtt dummyWebApiIamRole.Arn
ContainerDefinitions:
- Name: !Ref AWS::StackName
Image: MY IMAGE URL
DnsSearchDomains:
- !Join [".", [{"Fn::ImportValue": !Sub "${accountStackName}-${AWS::Region}-envName"}, "connected", !If [chinaPartition, "TEST", "CORP"], "cloud"]]
LogConfiguration:
LogDriver: splunk
Options:
splunk-token: {"Fn::ImportValue": !Sub "${splunkHECStackName}-${AWS::Region}-SplunkHECToken"}
splunk-url: "http://splunk-forwarder:8088"
splunk-insecureskipverify: True
tag: !Ref AWS::StackName
splunk-format: json
splunk-source: !Ref AWS::StackName
splunk-sourcetype: AWS:ECS
EntryPoint: []
PortMappings:
- ContainerPort: 5000
Command: []
Cpu: 0
Environment:
- Name: BindAddress
Value: http://0.0.0.0:5000
- Name: MinLogLevel
Value: !If [isProduction, "Information", "Debug"]
Ulimits: []
DnsServers: []
MountPoints: []
DockerSecurityOptions: []
Memory: 512
VolumesFrom: []
Essential: true
ExtraHosts: []
ReadonlyRootFilesystem: false
DockerLabels: {}
Privileged: false
dummyEcsService:
Type: AWS::ECS::Service
DependsOn:
- dummyWebApiIamRole
- dummyInternalAlb
- dummyAlbTargetGroup
Properties:
Cluster:
Fn::ImportValue: !Sub "cld-core-ecs-${AWS::Region}-ECSCluster"
DeploymentConfiguration:
MaximumPercent: 200
MinimumHealthyPercent: 50
DesiredCount: 2
LoadBalancers:
- ContainerName: !Ref AWS::StackName
ContainerPort: 5000
TargetGroupArn: !Ref dummyAlbTargetGroup
PlacementStrategies:
- Type: spread
Field: attribute:ecs.availability-zone
TaskDefinition: !Ref dummyWebApiEcsTaskDefinition
ServiceName: !Ref AWS::StackName
Role: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/aws-service-role/ecs.amazonaws.com/AWSServiceRoleForECS"
The deployment couldn't finish and I can see this error in the ECS Service Events tab
service cld-dummy-test was unable to place a task because no container instance met all of its requirements. Reason: No Container Instances were found in your cluster.
554
Resolution. To resolve the error, choose a resolution based on your use case: If there are no container instances registered in your cluster, then add container instances to your cluster. If the port required by the task is in use, then add container instances to your cluster, or reduce your number of desired tasks.
The issue can be caused by the following: Networking issues prevent communication between the instance and Amazon ECS. The container agent doesn't have the required AWS Identity and Access Management (IAM) permissions to communicate with Amazon ECS endpoints.
Q: What is responsible for starting and stopping tasks on an ECS Container instance. E: The ECS Agent is responsible for starting/stopping tasks. It also monitors tasks and resource utilization.
I eventually got this figured out. The error message below indicates that there's no EC2 in this cluster, and hence no container can be started. We are not using Fargate.
service cld-dummy-test was unable to place a task because no container instance met all of its requirements. Reason: No Container Instances were found in your cluster.
To register an EC2 to a cluster, you need to follow this AWS article. https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_container_instance.html
Please be aware that the EC2 you start need to have below userdata in order for it to be registered.
#!/bin/bash
echo ECS_CLUSTER=your_cluster_name >> /etc/ecs/ecs.config
Once the above is completed, you shouldn't see the error about "no container". However, if you are like me, having the splunk logging section in the template. You will have a different issue which says something like no container can be used for the task because it is missing an attribute. This is quite a vague message and the attribute can be anything that is listed at the bottom of your task definition page.
In my case it was the splunk logging. The splunk driver needs to be added to the EC2 instance. Since I later found out that we don't need splunk anymore so I removed the splunk section. But if you want to do that, you probably need to add the below line to your userdata.
ECS_AVAILABLE_LOGGING_DRIVERS=["splunk","awslogs"]
I hope this helps someone.
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With