user606521
user606521

Reputation: 15454

It seems that more than three tasks per container instance cannot be placed?

I have 10 service/task definitions each of which requires 512 memory and 10 cpu (from container definition). I have three t2.medium instances each of which has 4GB memory. So it should be no problem to launch up to 24 task instances.

However those three instances run maximum only 7 services (3/2/2). For the services that are not running in "events" tab there are following errors:

service integrityCheck was unable to place a task because no container instance met all of its requirements. The closest matching container-instance 3e2dbe6a-7a07-46f2-846b-ccccb9adaeee encountered error "RESOURCE:ENI".

I tried updating AMI on ec2 instances to latest ecs-optimized but it did not help. It seems that one ec2/container instance can't start more than 3 tasks? Strange thing is that it worked fine like 1 month ago (all 10 services were running) and those errors appeared ~20-26 days ago.

Any idea?

Each service uses awsvpc network mode and awslog log driver.


Here are my network interfaces listed:

enter image description here

Upvotes: 3

Views: 11546

Answers (2)

wonton
wonton

Reputation: 8287

For those still having this issue, a fix was released in June 2019 to enable ENI trunking. E.g. with ENI trunking enabled, a c5.xlarge that used to be limited to 3 tasks now can support 20.

Have a look at https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-instance-eni.html

Upvotes: 9

guest
guest

Reputation: 91

The message "RESOURCE:ENI" indicates that it's a problem with allocating an elastic network interface.

Per the docs, a t2.medium should be able to allocate 3 ENIs. So, assuming that ECS assigns a distinct ENI to each container, that would be the reason that you can't assign more than three containers to an instance.

But you're indicating that you're actually limited to 2 containers per instance. Which makes me wonder if you're somehow exceeding the limit of ENIs per region. That shouldn't happen unless ENIs are being detached and not removed (which could possibly happen if your IAM permissions aren't correct). I recommend looking at the ENI page in the AWS Console to make sure that you don't have a lot of unattached ENIs.

Upvotes: 9

Related Questions