Reputation: 42500
How to trouble shoot containers on ECS Fargate?
I created a task which uses a docker image from ECR repository and a service in ECS. The running environment is Fargate so there is no ec2 instance running. After I configure all the resources, the status of the service is ACTIVATE, but the status of the task is STOPPED with the reason
Status reason CannotPullContainerError: Error response from daemon: Get https://773592622512.dkr.ecr.ap-southeast-1.amazonaws.com/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
The docker image I put on the task definition is 773592622512.dkr.ecr.ap-southeast-1.amazonaws.com/flask:latest.
I see empty log stream when I click View logs in CloudWatch. I wonder how I can debug this issue? Do I have to deploy the container to ec2 in order to see more detailed error messages?
I have added this policy to the task role: AmazonEC2ContainerRegistryFullAccess. Why can't it pull
Upvotes: 2
Views: 1327
Answers (2)
Reputation: 628
Try having your Auto-assign Public IP enabled when launching a Fargate task. When you run a task on Fargate via the AWS Console, you should see the setting for this under the VPC and security groups header.
Upvotes: 1
Reputation: 42500
After some debug I found the issue is solved by adding a source 0.0.0.0/0 pointing to a internet gateway in subnet associated with the VPC used by the task. Then enable Assign public IP address when define the task. AWS doesn't give me much useful log for debugging.
Upvotes: 1
Related Questions
- AWS fargate running for 15 mins, 3 times a day
- Amazon ECS schedule container
- Depends on Fargate ECS
- How can I run commands in a running container in AWS ECS using Fargate
- Run CLI command on ECS Fargate container
- Root Access to Fargate Containers deployed on EKS for Troubleshooting
- AWS Fargate - Volumes
- AWS - Fargate - Adding EFS to Container - From AWS Console
- AWS Fargate container not accessible
- Fargate: Can I restart specific containers?