AWS cdk deploy --all 创建 ECS 服务失败
[英]AWS cdk deploy --all fails to create ECS service
问题描述
new to the CDK and relatively new to AWS 
CDK 的新手,AWS 的新手
The Issue问题
I'm following this tutorial which includes creating a fargate based private API, and accessing it on the public internet through an ec2 instance which is publicly exposed.我正在关注本教程,其中包括创建一个基于 Fargate 的私有 API,并通过一个公开的 ec2 实例在公共互联网上访问它。
I'm picking through, minimally correcting various issues which gets everything running.我正在挑选,最低限度地纠正使一切正常运行的各种问题。 It comes time to build with:是时候构建了:
npm run build
cdk bootstrap
cdk synth FargateVpclinkStack
cdk deploy --all
Resulting in this being deployed:导致这个被部署:
I go out to eat and come back, and I'm still looking at the following:我go出去吃回来了,我还在看下面的:
[███████████████████████████████████████████████████████▊··] (52/54)
4:19:40 PM | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | FargateVpclinkStack
4:23:17 PM | CREATE_IN_PROGRESS | AWS::ECS::Service | bookService/Service
After waiting sufficiently long, the cloud formation was rolled back等了足够长的时间后,云的形成被回滚了
10:43:36 PM | CREATE_FAILED | AWS::ECS::Service | bookService/Service
Resource timed out waiting for completion (RequestToken: f8b1d082-1ff3-5a84-938a-95a0ea2f0960)
10:43:45 PM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | FargateVpclinkStack
The following resource(s) failed to create: [bookService05FB6DBB]. Rollback requested by user.
FrgateVpclinkStack failed: Error: The stack named FargateVpclinkStack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE
The stack named FargateVpclinkStack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE
I assume this means the ECS service bookService/Service failed to deploy, and thus the entire FrgateVpclinkStack was rolled back.我假设这意味着 ECS 服务bookService/Service部署失败,因此整个FrgateVpclinkStack被回滚。 I'm curious why that is, and how it can be fixed.我很好奇为什么会这样,以及如何解决。
Code代码
This is the TypeScript used by the cdk to generate the cloud formation template for FrgateVpclinkStack, called fargate-vpclink-stack.ts in the tutorial这是cdk用来为FrgateVpclinkStack生成云化模板的TypeScript,教程中叫fargate-vpclink-stack.ts
import * as cdk from "@aws-cdk/core";
import * as elbv2 from "@aws-cdk/aws-elasticloadbalancingv2";
import * as ec2 from "@aws-cdk/aws-ec2";
import * as ecs from "@aws-cdk/aws-ecs";
import * as ecr from "@aws-cdk/aws-ecr";
import * as iam from "@aws-cdk/aws-iam";
import * as logs from "@aws-cdk/aws-logs";
import * as apig from "@aws-cdk/aws-apigatewayv2";
import * as servicediscovery from "@aws-cdk/aws-servicediscovery";
export class FargateVpclinkStack extends cdk.Stack {
//Export Vpclink and ALB Listener
public readonly httpVpcLink: cdk.CfnResource;
public readonly httpApiListener: elbv2.ApplicationListener;
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// VPC
const vpc = new ec2.Vpc(this, "ProducerVPC");
// ECS Cluster
const cluster = new ecs.Cluster(this, "Fargate Cluster", {
vpc: vpc,
});
// Cloud Map Namespace
const dnsNamespace = new servicediscovery.PrivateDnsNamespace(
this,
"DnsNamespace",
{
name: "http-api.local",
vpc: vpc,
description: "Private DnsNamespace for Microservices",
}
);
// Task Role
const taskrole = new iam.Role(this, "ecsTaskExecutionRole", {
assumedBy: new iam.ServicePrincipal("ecs-tasks.amazonaws.com"),
});
taskrole.addManagedPolicy(
iam.ManagedPolicy.fromAwsManagedPolicyName(
"service-role/AmazonECSTaskExecutionRolePolicy"
)
);
// Task Definitions
const bookServiceTaskDefinition = new ecs.FargateTaskDefinition(
this,
"bookServiceTaskDef",
{
memoryLimitMiB: 512,
cpu: 256,
taskRole: taskrole,
}
);
const authorServiceTaskDefinition = new ecs.FargateTaskDefinition(
this,
"authorServiceTaskDef",
{
memoryLimitMiB: 512,
cpu: 256,
taskRole: taskrole,
}
);
// Log Groups
const bookServiceLogGroup = new logs.LogGroup(this, "bookServiceLogGroup", {
logGroupName: "/ecs/BookService",
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
const authorServiceLogGroup = new logs.LogGroup(
this,
"authorServiceLogGroup",
{
logGroupName: "/ecs/AuthorService",
removalPolicy: cdk.RemovalPolicy.DESTROY,
}
);
const bookServiceLogDriver = new ecs.AwsLogDriver({
logGroup: bookServiceLogGroup,
streamPrefix: "BookService",
});
const authorServiceLogDriver = new ecs.AwsLogDriver({
logGroup: authorServiceLogGroup,
streamPrefix: "AuthorService",
});
// Amazon ECR Repositories
const bookservicerepo = ecr.Repository.fromRepositoryName(
this,
"bookservice",
"book-service"
);
const authorservicerepo = ecr.Repository.fromRepositoryName(
this,
"authorservice",
"author-service"
);
// Task Containers
const bookServiceContainer = bookServiceTaskDefinition.addContainer(
"bookServiceContainer",
{
image: ecs.ContainerImage.fromEcrRepository(bookservicerepo),
logging: bookServiceLogDriver,
}
);
const authorServiceContainer = authorServiceTaskDefinition.addContainer(
"authorServiceContainer",
{
image: ecs.ContainerImage.fromEcrRepository(authorservicerepo),
logging: authorServiceLogDriver,
}
);
bookServiceContainer.addPortMappings({
containerPort: 80,
});
authorServiceContainer.addPortMappings({
containerPort: 80,
});
//Security Groups
const bookServiceSecGrp = new ec2.SecurityGroup(
this,
"bookServiceSecurityGroup",
{
allowAllOutbound: true,
securityGroupName: "bookServiceSecurityGroup",
vpc: vpc,
}
);
bookServiceSecGrp.connections.allowFromAnyIpv4(ec2.Port.tcp(80));
const authorServiceSecGrp = new ec2.SecurityGroup(
this,
"authorServiceSecurityGroup",
{
allowAllOutbound: true,
securityGroupName: "authorServiceSecurityGroup",
vpc: vpc,
}
);
authorServiceSecGrp.connections.allowFromAnyIpv4(ec2.Port.tcp(80));
// Fargate Services
const bookService = new ecs.FargateService(this, "bookService", {
cluster: cluster,
taskDefinition: bookServiceTaskDefinition,
assignPublicIp: false,
desiredCount: 2,
securityGroup: bookServiceSecGrp,
cloudMapOptions: {
name: "bookService",
cloudMapNamespace: dnsNamespace,
},
});
const authorService = new ecs.FargateService(this, "authorService", {
cluster: cluster,
taskDefinition: authorServiceTaskDefinition,
assignPublicIp: false,
desiredCount: 2,
securityGroup: authorServiceSecGrp,
cloudMapOptions: {
name: "authorService",
cloudMapNamespace: dnsNamespace,
},
});
// ALB
const httpApiInternalALB = new elbv2.ApplicationLoadBalancer(
this,
"httpapiInternalALB",
{
vpc: vpc,
internetFacing: false,
}
);
// ALB Listener
this.httpApiListener = httpApiInternalALB.addListener("httpapiListener", {
port: 80,
// Default Target Group
defaultAction: elbv2.ListenerAction.fixedResponse(200),
});
// Target Groups
const bookServiceTargetGroup = this.httpApiListener.addTargets(
"bookServiceTargetGroup",
{
port: 80,
priority: 1,
healthCheck: {
path: "/api/books/health",
interval: cdk.Duration.seconds(30),
timeout: cdk.Duration.seconds(3),
},
targets: [bookService],
pathPattern: "/api/books*",
}
);
const authorServiceTargetGroup = this.httpApiListener.addTargets(
"authorServiceTargetGroup",
{
port: 80,
priority: 2,
healthCheck: {
path: "/api/authors/health",
interval: cdk.Duration.seconds(30),
timeout: cdk.Duration.seconds(3),
},
targets: [authorService],
pathPattern: "/api/authors*",
}
);
//VPC Link
this.httpVpcLink = new cdk.CfnResource(this, "HttpVpcLink", {
type: "AWS::ApiGatewayV2::VpcLink",
properties: {
Name: "http-api-vpclink",
SubnetIds: vpc.privateSubnets.map((m) => m.subnetId),
},
});
}
}
This is all being done in cloud 9, with cdk version 1.105.0 (build 4813992) .这一切都在 cloud 9 中完成, cdk版本1.105.0 (build 4813992) 。 My package.json has the following:我的package.json具有以下内容:
{
"name": "cdk",
"version": "0.1.0",
"bin": {
"cdk": "bin/cdk.js"
},
"scripts": {
"build": "tsc",
"watch": "tsc -w",
"test": "jest",
"cdk": "cdk"
},
"devDependencies": {
"@aws-cdk/assert": "1.101.0",
"@aws-cdk/aws-apigatewayv2": "1.101.0",
"@aws-cdk/core": "1.101.0",
"@aws-cdk/aws-ec2": "1.101.0",
"@aws-cdk/aws-ecr": "1.101.0",
"@aws-cdk/aws-ecs": "1.101.0",
"@aws-cdk/aws-elasticloadbalancingv2": "1.101.0",
"@aws-cdk/aws-iam": "1.101.0",
"@aws-cdk/aws-logs": "1.101.0",
"@aws-cdk/aws-servicediscovery": "1.101.0",
"@types/jest": "^26.0.10",
"@types/node": "10.17.27",
"jest": "^26.4.2",
"ts-jest": "^26.2.0",
"aws-cdk": "1.101.0",
"ts-node": "^9.0.0",
"typescript": "~3.9.7"
},
"dependencies": {
"@aws-cdk/core": "1.101.0",
"source-map-support": "^0.5.16"
}
}
all the code from the entire tutorial can be found at this github link整个教程中的所有代码都可以在这个 github 链接中找到
1 个解决方案
解决方案1
0 已采纳 2021-05-25 15:56:21
The timeout was due to a misnamed ECR which the bookService was attempting to access.超时是由于bookService试图访问的错误命名的 ECR。 To generalize this answer a bit, if there's a timeout it may be good to record which resources timed out and sanity check all the constituent elements.为了概括这个答案,如果有超时,最好记录哪些资源超时并检查所有组成元素。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
如何将CDK映像资产部署到ECS集群 - How to deploy cdk image asset to ecs cluster
AWS CDK 部署在 CodePipeline/CodeBuild - AWS CDK deploy in CodePipeline/CodeBuild
无法将 Nodejs 和 Typescript 部署到 AWS cdk + lambda - Cannot deploy Nodejs and Typescript to AWS cdk + lambda
AWS CDK EcsDeployAction 更新现有 Fargate 服务 - AWS CDK EcsDeployAction update existing Fargate Service
无法在 CDK 应用程序中为 AWS S3 Glacier 创建 CDK 堆栈? - Cannot create CDK stack for AWS S3 Glacier in CDK app?
使用 aws cdk 创建 elasticbeanstalk 实例 - Using aws cdk to create elasticbeanstalk instance
`cdk deploy`:无法在节点 v16.14.0 中发布资产 - `cdk deploy`: fails to publish asset in node v16.14.0
AWS CDK 使用不同的管道部署相同的资源和相同的堆栈 | Typescript - AWS CDK deploy same resources and same stacks with different pipeline | Typescript
由于“无效的 Lambda 函数”,AWS CDK 部署失败 - AWS CDK failing to deploy due to "Invalid Lambda Function"
如何使用 CDK 将 AWS ECS (ApplicationLoadBalancedFargateService) 私有 IP 连接到 RDS 安全组 - How to Connect AWS ECS (ApplicationLoadBalancedFargateService) Private IP to RDS Security Group Using CDK
相关标签