Reputation: 1790
Cloudformation service stuck without log
I have a minimal stack for creating a simple service with a listener. The listener gets created first and succeeds. The service gets initiated next but gets stuck on "CREATE_IN_PROGRESS". Now I have seen this issue on SO but that has a clear reason for it failing. In my occasion the Cloudtrail logs simple show the initiation and 10 minutes later (custom timeout) the delete but nothing in between. The Cloudformation dashboard events also just show initiation and delete thereafter.
The service does not get created during this time either. This I visually checked by going over to the services and having other services there but not my own.
I have trimmed down the cloudformation template to the bare (i.e. only listener and service with reference to existing resources) but it still gets stuck.
Apart from the usual cloudtrail and cloudformation logs, what could I do to identify the problem?
[EDIT] Here is the template I use. The parameters are based on my current setup.
AWSTemplateFormatVersion: "2010-09-09"
Description: "The Script to configure the RDS services."
Parameters:
ClusterNameARN:
Default: "arn:aws:ecs:eu-central-1:<NR_HERE>:cluster/AmsCluster"
Type: String
StaLBARN:
Default: "arn:aws:elasticloadbalancing:eu-central-1:<NR_HERE>:loadbalancer/app/StaPostgrestLoadBalancer/<ID_HERE>"
Type: String
StaTargetGroupARN:
Default: "arn:aws:elasticloadbalancing:eu-central-1:<NR_HERE>:targetgroup/LBTargetGroupSta/<ID_HERE>"
Type: String
LoadBalancerSG:
Type: 'AWS::EC2::SecurityGroup::Id'
LoadBalancerSubnet1:
Description: Subnet instance.
Type: 'AWS::EC2::Subnet::Id'
LoadBalancerSubnet2:
Description: Subnet region B instance.
Type: 'AWS::EC2::Subnet::Id'
LoadBalancerSubnet3:
Description: Subnet region for public.
Type: 'AWS::EC2::Subnet::Id'
StaTaskDefinitionARN:
Default: "arn:aws:ecs:eu-central-1:<NR_HERE>:task-definition/RDSPostgrestFamily:2"
Type: String
CertificateARN:
Default: "arn:aws:acm:eu-central-1:<NR_HERE>:certificate/<ID_HERE>"
Type: String
Resources:
LBListenerSta:
Type: 'AWS::ElasticLoadBalancingV2::Listener'
Properties:
Certificates:
- CertificateArn: !Ref CertificateARN
DefaultActions:
- Type: forward
TargetGroupArn: !Ref StaTargetGroupARN
LoadBalancerArn: !Ref StaLBARN
Port: 443
Protocol: HTTPS
StaService:
Type: 'AWS::ECS::Service'
Properties:
Cluster: !Ref ClusterNameARN
DesiredCount: 2
LaunchType: 'FARGATE'
LoadBalancers:
- ContainerName: 'Postgrest'
ContainerPort: 3000
TargetGroupArn: !Ref StaTargetGroupARN
NetworkConfiguration:
AwsvpcConfiguration:
SecurityGroups:
- !Ref LoadBalancerSG
Subnets:
- !Ref LoadBalancerSubnet1
- !Ref LoadBalancerSubnet2
- !Ref LoadBalancerSubnet3
ServiceName: StaPostgrestService
TaskDefinition: !Ref StaTaskDefinitionARN
DependsOn:
- LBListenerSta
Outputs:
StaServices:
Description: "The ARN of the service for the STA tasks."
Value: !Ref StaService
Upvotes: 1
Views: 379
Answers (1)
Reputation: 238299
Based on the comments.
The issue is with the StaService ECS service. To get more information of possible reason why it fails, one can go to:
ECS Console -> Cluster -> Service -> Events
Based on this, the Events showed that the role used for ECS has incorrect permissions.
Upvotes: 1
Related Questions
- Cloudformation template for creating ECS service stuck in CREATE_IN_PROGRESS
- AWS CloudFormation is stuck on DELETED_FAILED status
- AWS CloudFormation stack stuck in the state UPDATE_ROLLBACK_IN_PROGRESS
- How can I find the root cause for AWS CloudFormation stack creation failure?
- Cloudformation stuck in UPDATE_ROLLBACK_FAILED
- How to debug "Resource creation timed out waiting for completion" in AWS Cloudformation?
- CloudFormation template stuck at CREATE_IN_PROGRESS when creating ECS service
- Cloudformation stack stuck in UPDATE_IN_PROGRESS
- CloudFormation Error: WaitCondition timed out. Received 0 conditions when expecting 1
- What could be the reason for this CloudFormation to stall during deployment?