我有一个 Cloudformation,可以通过以下方式在 ECS 集群上创建 AWS Fargate:
TaskDefinition:
Type: 'AWS::ECS::TaskDefinition'
Properties:
RequiresCompatibilities:
- FARGATE
Cpu: !Ref ContainerCpu
Memory: !Ref ContainerMemory
ExecutionRoleArn: !Ref ExecutionRole
TaskRoleArn: !Ref ExecutionRole
ContainerDefinitions:
- Name: !Sub ${ContainerName}
Image: 'image-url-here'
Essential: true
HealthCheck:
Command: ["CMD-SHELL", "test -f hc.log"]
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-region: !Sub '${AWS::Region}'
awslogs-group: !Sub '${FeatureName}-${MicroServiceName}'
awslogs-stream-prefix: !Ref MicroServiceName
Family: !Sub 'family-${FeatureName}-${MicroServiceName}'
NetworkMode: awsvpc
DependsOn: CloudWatchLogGroup
ExecutionRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Join ['', [!Ref MicroServiceName, ExecutionRole]]
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service: ecs-tasks.amazonaws.com
Action: 'sts:AssumeRole'
ManagedPolicyArns:
- 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'
我的 ECS 任务 Fargate 需要访问在 EC2 中运行的 API,因此我使用以下地址创建了一个 DNS 私有(private)托管区域:api.localaccount。但是当我尝试从 Fargate 访问此 API 时,出现以下错误:
System.Net.Http.HttpRequestException: Name or service not known
我知道此错误是因为我的 AWS Fargate 无法解析 DNS,但我不知道为什么。如果我从 EC2 访问同一个 DNS (api.localaccount),一切正常,所以我认为我的 DNS Route 53 没问题。
最佳答案
基于评论。
该问题是由于在应用程序中使用了错误链接造成的。因此,这是应用程序级别的问题,而不是 ECS Farage 问题。
关于amazon-web-services - AWS Fargate 无法解析私有(private) DNS 路由 53,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/66944576/