amazon-web-services - awsvpc : Network Configuration is not valid for the given networkMode of this task definition

Question

我的任务定义:

resource "aws_ecs_task_definition" "datadog" {
  family        = "${var.environment}-datadog-agent-task"
  task_role_arn = "arn:aws:iam::xxxxxxxx:role/datadog-role"

  container_definitions = <<EOF
[
  {
    "name": "${var.environment}-${var.datadog-identifier}",
    "network_mode" : "awsvpc",
    "image": "datadog/agent:latest",
    "portMappings": [
      {
...

我的服务定义:

resource "aws_ecs_service" "datadog" {
  name            = "${var.environment}-${var.datadog-identifier}-datadog-ecs-service"
  cluster         = "${var.cluster}"
  task_definition = "${aws_ecs_task_definition.datadog.arn}"

  network_configuration {
    subnets = flatten(["${var.private_subnet_ids}"])
  }

  # This allows running one for every instance
  scheduling_strategy = "DAEMON"
}

我收到以下错误 -

InvalidParameterException: Network Configuration is not valid for the given networkMode of this task definition

有什么我在这里想念的吗？查看 Terraform 文档和 GitHub 问题，这应该有效。它与将 Datadog 作为守护程序运行有关吗？

Answer 1

您需要设置 aws_ecs_task_definition 's network_mode 至 awsvpc如果您正在定义 network_configuration使用该任务定义的服务。

这在 documentation for the network_configuration parameter of the aws_ecs_service resource 中提到:

network_configuration - (Optional) The network configuration for the service. This parameter is required for task definitions that use the awsvpc network mode to receive their own Elastic Network Interface, and it is not supported for other network modes.

在您的情况下，您添加了 network_mode容器定义的参数，而不是任务定义(一个任务是 n 个容器的集合，组合在一起以共享一些资源)。 container definition schema不允许 network_mode范围。