amazon-web-services - 如何使用 cloudformation 模板将 Fargate 集群服务与任务定义集成/链接

Question

我有以下 cloudformation 模板片段。整个模板创建 ECS fargate 集群以及所有资源。但现在，我面临 Fargate 服务和任务定义的问题。

模板的服务部分如下:

服务:

    Type: AWS::ECS::Service

    # This dependency is needed so that the load balancer is setup correctly in time

    Properties:

      ServiceName: !Ref ServiceName

      Cluster: !Ref Cluster

      TaskDefinition: !Ref TaskDefinition

      DeploymentConfiguration:

        MinimumHealthyPercent: 100

        MaximumPercent: 200

      DesiredCount: 2

      # This may need to be adjusted if the container takes a while to start up

      HealthCheckGracePeriodSeconds: 30

      LaunchType: FARGATE

      NetworkConfiguration:

        AwsvpcConfiguration:

          # change to DISABLED if you're using private subnets that have access to a NAT gateway

          AssignPublicIp: ENABLED

          Subnets:

            - !Ref abcvmnSubnetA

            - !Ref abcvmnSubnetB

          SecurityGroups:

            - !Ref ContainerSecurityGroup

      LoadBalancers:

        - ContainerName: !Ref ServiceName

          ContainerPort: !Ref ContainerPort

          TargetGroupArn: !Ref TargetGroup

任务定义如下:

任务定义:

    Type: AWS::ECS::TaskDefinition

    # Makes sure the log group is created before it is used.

    DependsOn: LogGroup

    Properties:

      # Name of the task definition. Subsequent versions of the task definition are grouped together under this name.

      Family: abc-taskdef-dev

      # awsvpc is required for Fargate

      NetworkMode: awsvpc

      RequiresCompatibilities:

        - FARGATE


      Cpu: 512


      Memory: 1GB

      # A role needed by ECS.

      # "The ARN of the task execution role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role."

      # "There is an optional task execution IAM role that you can specify with Fargate to allow your Fargate tasks to make API calls to Amazon ECR."

      ExecutionRoleArn: arn:aws:iam::890543041640:role/ecsTaskExecutionRole

      # "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants containers in the task permission to call AWS APIs on your behalf."

      TaskRoleArn: arn:aws:iam::890543041640:role/ecsTaskExecutionRole

      ContainerDefinitions:

        - Name: abc-sampleappcontainer-dev

          Image: 890543041640.dkr.ecr.eu-central-1.amazonaws.com/abc:latest

          PortMappings:

            - ContainerPort: 8080

          # Send logs to CloudWatch Logs

          LogConfiguration:

            LogDriver: awslogs

            Options:

              awslogs-region: eu-central-1

              awslogs-group: /ecs/abc-taskdef-dev

              awslogs-stream-prefix: ecs

我知道，fargate服务和任务定义在集群中是相互关联的。但问题是，如何使用模板建立这种关系。

我收到以下失败事件:

The container abc-service-dev does not exist in the task definition. (Service: AmazonECS; Status Code: 400; Error Code: InvalidParameterException; Request ID: 008417e7-126e-11e9-98cb-ef191beeddae)

不确定我哪里做错了。

Answer 1

您的线路 154

        - Name: abc-sampleappcontainer-dev

更改为

        - Name: !Ref ServiceName

相反。因为你有第 272 行

        - ContainerName: !Ref ServiceName

两者需要匹配。 这是一个有效的示例:

记下名称“jaeger-query”

  QueryTaskDef:
    Type: 'AWS::ECS::TaskDefinition'
    Properties:
      ContainerDefinitions:
        - Command: !Ref 'AWS::NoValue'
          Name: jaeger-query
          Cpu: !Ref CpuReservation
          Essential: 'true'
          Image: !Ref QueryImageName
          Memory: !Ref MemoryReservation
          Environment:
            - Name: SPAN_STORAGE_TYPE
              Value: elasticsearch
            - Name: ES_SERVER_URLS
              Value: !Sub 'http://${EsHost}:9200/'
          PortMappings:
            - ContainerPort: 16686
            - ContainerPort: 16687
          LogConfiguration:
            LogDriver: awslogs
            Options:
              awslogs-group: !Ref LxDockerLog
              awslogs-region: !Ref 'AWS::Region'
              awslogs-stream-prefix: !Ref 'AWS::StackName'
  QueryService:
    Type: 'AWS::ECS::Service'
    DependsOn: AlbListenerRule
    Properties:
      Cluster: !Ref EcsCluster
      Role: !Ref ServiceSchedulingRole
      LoadBalancers:
        - ContainerName: jaeger-query
          ContainerPort: 16686
          TargetGroupArn: !Ref AlbTargetGroup
      DesiredCount: 2
      TaskDefinition: !Ref QueryTaskDef
  AlbListenerRule:
    Type: 'AWS::ElasticLoadBalancingV2::ListenerRule'
    Properties:
      Actions:
        - Type: forward
          TargetGroupArn: !Ref AlbTargetGroup
      Conditions:
        - Field: host-header
          Values: [!Sub '${Subdomain}.${HostedZoneName}']
      ListenerArn: !Ref HttpListener
      Priority: !Ref ListenerPriority
  AlbTargetGroup:
    Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'
    Properties:
      HealthCheckIntervalSeconds: '60'
      HealthCheckPath: '/'
      HealthCheckProtocol: HTTP
      HealthCheckTimeoutSeconds: '30'
      HealthyThresholdCount: 10
      Port: 16686
      Protocol: HTTP
      UnhealthyThresholdCount: 10
      VpcId: !Ref VpcId
      TargetGroupAttributes:
        - Key: deregistration_delay.timeout_seconds
          Value: !Ref DeregistrationDelay

请参阅此处获取完整模板 https://github.com/Bit-Clouded/Glenlivet/blob/master/analytics/jaeger.template