[英]nginx unable to resolve container name when deployed to ECS, works locally
我有一個正在啟動的 ECS 配置。 但是,nginx frontend
容器引用失敗:
nginx: [emerg] host not found in upstream “backend”
這在本地工作正常,但似乎 ECS 無法解析 docker 容器名稱。
我正在使用ecs-cli
進行部署。 啟動類型是EC2
。 網絡模式是bridge
。
命令:
ecs-cli compose \
--cluster mycluster \
--file docker-compose.yml \
--ecs-params ecs-params.yml service up \
--deployment-min-healthy-percent=50 --force-deployment \
--target-groups targetGroupArn=<load-balancer>,containerName=frontend,containerPort=80 \
--health-check-grace-period 60 \
--role <my-role> \
--timeout 30
ecs-params.yml
task_definition:
task_role_arn: <my-arn>
task_execution_role: <my-exec-role>
services:
backend:
essential: true
mem_reservation: 1024m
frontend:
essential: true
mem_reservation: 1024m
nginx.conf
:
events {
worker_connections 1024;
}
http {
server_tokens off;
upstream backend_server {
server backend:8001;
}
server {
listen 80;
listen [::]:80;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://backend_server/api;
}
}
}
docker-compose
:
version: '3'
services:
backend:
image: <backend-image>
ports:
- 8001:8001
frontend:
image: <frontend-image, built locally with the nginx conf>
ports:
- 80:80
任務定義:
{
"ipcMode": null,
"executionRoleArn": <exec-role>,
"containerDefinitions": [
{
"dnsSearchDomains": [],
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": { <log-options>
}
},
"entryPoint": [],
"portMappings": [
{
"hostPort": 8001,
"protocol": "tcp",
"containerPort": 8001
}
],
"command": [],
"linuxParameters": {
"capabilities": {
"add": null,
"drop": null
},
"sharedMemorySize": null,
"tmpfs": null,
"devices": [],
"maxSwap": null,
"swappiness": null,
"initProcessEnabled": null
},
"cpu": 0,
"environment": [
],
"resourceRequirements": null,
"ulimits": null,
"dnsServers": [],
"mountPoints": [],
"workingDirectory": null,
"secrets": null,
"dockerSecurityOptions": [],
"memory": null,
"memoryReservation": 1024,
"volumesFrom": [],
"stopTimeout": null,
"image": <backend-image>,
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": [],
"hostname": null,
"extraHosts": [],
"pseudoTerminal": false,
"user": null,
"readonlyRootFilesystem": false,
"dockerLabels": null,
"systemControls": null,
"privileged": false,
"name": "backend"
},
{
"dnsSearchDomains": [],
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": { <log-options>
}
},
"entryPoint": [],
"portMappings": [
{
"hostPort": 80,
"protocol": "tcp",
"containerPort": 80
}
],
"command": [],
"linuxParameters": {
"capabilities": {
"add": null,
"drop": null
},
"sharedMemorySize": null,
"tmpfs": null,
"devices": [],
"maxSwap": null,
"swappiness": null,
"initProcessEnabled": null
},
"cpu": 0,
"environment": [],
"resourceRequirements": null,
"ulimits": null,
"dnsServers": [],
"mountPoints": [],
"workingDirectory": null,
"secrets": null,
"dockerSecurityOptions": [],
"memory": null,
"memoryReservation": 1024,
"volumesFrom": [],
"stopTimeout": null,
"image": <frontend-image>,
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": [],
"hostname": null,
"extraHosts": [],
"pseudoTerminal": false,
"user": null,
"readonlyRootFilesystem": false,
"dockerLabels": null,
"systemControls": null,
"privileged": false,
"name": "frontend"
}
],
"placementConstraints": [],
"memory": null,
"taskRoleArn": <task-role-arn>,
"compatibilities": [
"EXTERNAL",
"EC2"
],
"taskDefinitionArn": <definition>,
"family": "<my-family>",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.execution-role-awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.ecr-auth"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.17"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.task-iam-role"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.execution-role-ecr-pull"
}
],
"pidMode": null,
"requiresCompatibilities": [],
"networkMode": null,
"runtimePlatform": null,
"cpu": null,
"revision": 75,
"status": "ACTIVE",
"inferenceAccelerators": null,
"proxyConfiguration": null,
"volumes": []
}
@MarkB 是正確的。 我需要添加鏈接。 這樣做的方法是通過docker-compose.yml
:
version: '3'
services:
backend:
image: <backend-image>
ports:
- 8001:8001
frontend:
image: <frontend-image, built locally with the nginx conf>
links: ["backend"]
ports:
- 80:80
我還在ecs-params.yml
中添加了一個運行狀況檢查,以確保后端在前端之前啟動。
發生這種情況的原因是因為 ECS 網橋是默認網橋。 這不允許通過名稱解析容器(因此是鏈接)。 我以為它是一個用戶定義的橋梁。 更多信息可以在Dockers 文檔中找到。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.