Menu
I have a cluster running with services and am also able to launch fargate tasks from the command line. I can get the taskArn as a response to launching the task and I can wait for the task to be in the running state by using "aws ecs wait". I'm stuck figuring out how to get the the public IP of the task. I can find it via the web page easily enough and can access the machine via it's public IP...
How do I get the public IP of a fargate task using the CLI interface?
I'm using the following commands to launch the task, wait for it to run and retrieve the task description:
$ aws ecs run-task --launch-type FARGATE --cluster xxxx --task-definition xxxx --network-configuration xxxx $ aws ecs wait <taskArn> $ aws ecs describe-tasks --cluster xxxx --task <taskArn> | grep -i ipv4 The last command only gives me the private IP...
"privateIpv4Address": "10.0.1.252", "name": "privateIPv4Address" I've also tried using:
$ ecs-cli ps --cluster xxxx But the Ports column is blank.
Name State Ports TaskDefinition xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/xxxx RUNNING xxxx:1 xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/xxxx RUNNING xxxx:1 
869
Based on the existing ECS apis, there is no direct API to get the IP of the instance where the task started. You will need to use describeContainerInstances API of ecs to get the physical id of the instance and then call ec2 APIs to get the IP of the instance where the task was started.
Short description. You can run Fargate tasks in private subnets. However, based on your use case, you might require internet access for certain operations, such as pulling an image from a public repository. Or, you might want to prevent any internet access for your tasks.
Furthermore, ECS users deploying tasks on Fargate did not even have this option because with Fargate there are no EC2 instances you can ssh into.
There isn't any specific AWS command which can fetch the task ARN from the container runtime id. But this can be achieved using list-tasks and describe-tasks command of aws ecs, if you know the cluster and service name in prior.
Once I realized that describe-tasks gave me the ENI id along with the private IP I was able to get the public IP with:
$ aws ec2 describe-network-interfaces --network-interface-ids eni-xxxxxxxx This was specific to my usecase, but perhaps its useful to someone else (intended to be run as javascript in Lambda just after you run ecs.createService() )
Yes, I know this topic is for CLI but this is the first result that popped up when looking for "Fargate public IP" and i was looking for a javascript based solution.
// get container IP getContainerIP(myServiceName).then(ip=>{ console.log("Container IP address is: ", ip); }).catch(err=>{ console.log(err); }); function getContainerIP(servicename){ // note: assumes that only 1 task with 1 container is in the provided service, and that a container only has 1 network interface return new Promise(function(resolve, reject){ // get task arns (needs a delay because we just launched it) setTimeout(getTasks, 6000); // get task arns function getTasks(){ ecs.listTasks({ cluster: process.env.ecs_cluster, launchType: "FARGATE", serviceName: servicename },function(err, res){ if(err){ reject("Unable to get task list"); return; } // loop until we have a result if(!res.taskArns.length){ setTimeout(getTasks, 2000); return; } // get details getTaskDetails(res.taskArns); }); } // get the details of the task (we assume only one task because that's how its configured) function getTaskDetails(taskArns){ ecs.describeTasks({ cluster: process.env.ecs_cluster, tasks: taskArns },function(err,res){ if(err){ reject("Unable to get task details"); return; } // no results if(!res.tasks.length || !res.tasks[0].attachments.length){ reject("No tasks available"); return; } // network needs to be in status ATTACHING to see the eni, else wait if(res.tasks[0].attachments[0].status !== "ATTACHING"){ setTimeout(function(){ getTaskDetails(taskArns); }, 2000); return; } // get network ID from result let eni = ""; for(let i in res.tasks[0].attachments[0].details){ if(!res.tasks[0].attachments[0].details.hasOwnProperty(i)) continue; if(res.tasks[0].attachments[0].details[i].name !== "networkInterfaceId") continue; // get the eni eni = res.tasks[0].attachments[0].details[i].value; break; } // no eni if(eni === ""){ reject("Unable to retrieve container ENI"); return; } // get network details getNetworkDetails(eni); }); } // get network details function getNetworkDetails(eni){ // get the ENI details ec2.describeNetworkInterfaces({ NetworkInterfaceIds: [eni] }, function(err, res) { if(err){ reject("Unable to retrieve ENI details"); return; } // confirm available data if(!res.NetworkInterfaces.length || typeof res.NetworkInterfaces[0].Association === "undefined" || typeof res.NetworkInterfaces[0].Association.PublicIp === "undefined"){ reject("Unable to retrieve IP from ENI details"); return; } // resolve the public IP address resolve(res.NetworkInterfaces[0].Association.PublicIp); }); } }); } If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
