How to integrate/link fargate cluster service with task defintion using cloudformation template

1
votes

I have following cloudformation template snippet. The entire template creates the ECS fargate cluster along with all resources. but now, I am facing issues with fargate service and task definitions.

The service section of template is as follows :

Service:

    Type: AWS::ECS::Service

    # This dependency is needed so that the load balancer is setup correctly in time

    Properties:

      ServiceName: !Ref ServiceName

      Cluster: !Ref Cluster

      TaskDefinition: !Ref TaskDefinition

      DeploymentConfiguration:

        MinimumHealthyPercent: 100

        MaximumPercent: 200

      DesiredCount: 2

      # This may need to be adjusted if the container takes a while to start up

      HealthCheckGracePeriodSeconds: 30

      LaunchType: FARGATE

      NetworkConfiguration:

        AwsvpcConfiguration:

          # change to DISABLED if you're using private subnets that have access to a NAT gateway

          AssignPublicIp: ENABLED

          Subnets:

            - !Ref abcvmnSubnetA

            - !Ref abcvmnSubnetB

          SecurityGroups:

            - !Ref ContainerSecurityGroup

      LoadBalancers:

        - ContainerName: !Ref ServiceName

          ContainerPort: !Ref ContainerPort

          TargetGroupArn: !Ref TargetGroup

and the task definition is as follows :

TaskDefinition:

    Type: AWS::ECS::TaskDefinition

    # Makes sure the log group is created before it is used.

    DependsOn: LogGroup

    Properties:

      # Name of the task definition. Subsequent versions of the task definition are grouped together under this name.

      Family: abc-taskdef-dev

      # awsvpc is required for Fargate

      NetworkMode: awsvpc

      RequiresCompatibilities:

        - FARGATE


      Cpu: 512


      Memory: 1GB

      # A role needed by ECS.

      # "The ARN of the task execution role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role."

      # "There is an optional task execution IAM role that you can specify with Fargate to allow your Fargate tasks to make API calls to Amazon ECR."

      ExecutionRoleArn: arn:aws:iam::890543041640:role/ecsTaskExecutionRole

      # "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants containers in the task permission to call AWS APIs on your behalf."

      TaskRoleArn: arn:aws:iam::890543041640:role/ecsTaskExecutionRole

      ContainerDefinitions:

        - Name: abc-sampleappcontainer-dev

          Image: 890543041640.dkr.ecr.eu-central-1.amazonaws.com/abc:latest

          PortMappings:

            - ContainerPort: 8080

          # Send logs to CloudWatch Logs

          LogConfiguration:

            LogDriver: awslogs

            Options:

              awslogs-region: eu-central-1

              awslogs-group: /ecs/abc-taskdef-dev

              awslogs-stream-prefix: ecs

I know that , fargate service and task definitions are related to each other in the cluster. but the issue is, how to make that relationship using template.

I am getting following failure event :

The container abc-service-dev does not exist in the task definition. (Service: AmazonECS; Status Code: 400; Error Code: InvalidParameterException; Request ID: 008417e7-126e-11e9-98cb-ef191beeddae)

not sure, where I am doing wrong.

1
amazon-web-servicesamazon-cloudformationaws-fargate
The container name should be the same as the original task definitionUlug Toprak
thanks. but here I am creating service as well as task definitions . so where is the container name comes into picture, I am not getting. the container name I have already given. please helpuser2315104
abc-sampleappcontainer-dev this is what you have in the task definition. its looking for abc-service-devUlug Toprak
OK. so you mean , if I change from "abc-sampleappcontainer-dev" to "abc-service-dev" in task definition, then everything should work ?user2315104
just had a look again, you are registering a service with load balancers yet you are not specifying the container name in the load balancer configuration!Ulug Toprak

1 Answers

1
votes

Your line 154

        - Name: abc-sampleappcontainer-dev

change to

        - Name: !Ref ServiceName

instead. because you have on line 272

        - ContainerName: !Ref ServiceName

The two needs to match. Here's an example that works:

note the name 'jaeger-query'

  QueryTaskDef:
    Type: 'AWS::ECS::TaskDefinition'
    Properties:
      ContainerDefinitions:
        - Command: !Ref 'AWS::NoValue'
          Name: jaeger-query
          Cpu: !Ref CpuReservation
          Essential: 'true'
          Image: !Ref QueryImageName
          Memory: !Ref MemoryReservation
          Environment:
            - Name: SPAN_STORAGE_TYPE
              Value: elasticsearch
            - Name: ES_SERVER_URLS
              Value: !Sub 'http://${EsHost}:9200/'
          PortMappings:
            - ContainerPort: 16686
            - ContainerPort: 16687
          LogConfiguration:
            LogDriver: awslogs
            Options:
              awslogs-group: !Ref LxDockerLog
              awslogs-region: !Ref 'AWS::Region'
              awslogs-stream-prefix: !Ref 'AWS::StackName'
  QueryService:
    Type: 'AWS::ECS::Service'
    DependsOn: AlbListenerRule
    Properties:
      Cluster: !Ref EcsCluster
      Role: !Ref ServiceSchedulingRole
      LoadBalancers:
        - ContainerName: jaeger-query
          ContainerPort: 16686
          TargetGroupArn: !Ref AlbTargetGroup
      DesiredCount: 2
      TaskDefinition: !Ref QueryTaskDef
  AlbListenerRule:
    Type: 'AWS::ElasticLoadBalancingV2::ListenerRule'
    Properties:
      Actions:
        - Type: forward
          TargetGroupArn: !Ref AlbTargetGroup
      Conditions:
        - Field: host-header
          Values: [!Sub '${Subdomain}.${HostedZoneName}']
      ListenerArn: !Ref HttpListener
      Priority: !Ref ListenerPriority
  AlbTargetGroup:
    Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'
    Properties:
      HealthCheckIntervalSeconds: '60'
      HealthCheckPath: '/'
      HealthCheckProtocol: HTTP
      HealthCheckTimeoutSeconds: '30'
      HealthyThresholdCount: 10
      Port: 16686
      Protocol: HTTP
      UnhealthyThresholdCount: 10
      VpcId: !Ref VpcId
      TargetGroupAttributes:
        - Key: deregistration_delay.timeout_seconds
          Value: !Ref DeregistrationDelay

Refer to here for the full template https://github.com/Bit-Clouded/Glenlivet/blob/master/analytics/jaeger.template