Я создал шаблон облачной информации с Ecs Cluster, группой автоматического масштабирования, балансировщиком нагрузки приложений и целевой группой. Я скопировал группу автомасштабирования, шаблон запуска, определение роли и определение задачи ниже. Я исключил другие части из шаблона.
ASG1:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
AutoScalingGroupName: ASG1
MinSize: 1
MaxSize: 6
DesiredCapacity: 2
HealthCheckType: ELB
HealthCheckGracePeriod: 300 # Required if HealthCheckType is ELB (Amount of time AutoScaling waits before checking Ec2 instance that has come into service)
LaunchTemplate:
LaunchTemplateId: !Ref myLaunchTemplate
Version: !GetAtt myLaunchTemplate.LatestVersionNumber
TargetGroupARNs:
- !Ref Ec2TargetGroup
VPCZoneIdentifier:
- Fn::ImportValue:
!Sub ${NetworkStack}-SubnetDmzAId
- Fn::ImportValue:
!Sub ${NetworkStack}-SubnetDmzBId
#6. Launch template
# AMI Id - ECS Optimized AMI
myLaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateName: !Sub ${AWS::StackName}-launch-template
LaunchTemplateData:
ImageId: "ami-040d7258a1baecb27" # Change AMI to ecs optimized
InstanceType: t2.micro
Monitoring:
Enabled: true
SecurityGroupIds:
- !GetAtt "WebSecurityGroup1.GroupId"
KeyName: !Ref KeyName
IamInstanceProfile:
Arn: !GetAtt EcsNodeProfile.Arn
UserData:
Fn::Base64:
Fn::Join:
- ""
- - "#!/bin/bash -x\n"
- "echo ECS_CLUSTER="
- "Ref" : "cluster1"
- " >> /etc/ecs/ecs.config"
EcsNode:
Type: 'AWS::IAM::Role'
Properties:
RoleName: EcsNode
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- 'sts:AssumeRole'
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role
EcsNodeProfile:
Type: "AWS::IAM::InstanceProfile"
Properties:
InstanceProfileName: EcsNode
Path: "/"
Roles:
- !Ref EcsNode
EcsServiceRole:
Type: 'AWS::IAM::Role'
Properties:
RoleName: EcsServiceRole
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- 'sts:AssumeRole'
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role
taskdefinition1:
Type: AWS::ECS::TaskDefinition
Properties:
ContainerDefinitions:
- Name: "billing-nodejs"
Image: 933705104010.dkr.ecr.us-east-1.amazonaws.com/microservices/billing:latest
Cpu: '100'
PortMappings:
- ContainerPort: 3000
HostPort: 0
Memory: 128
Essential: true
TaskRoleArn: !Ref EcsTaskRoleForServiceBilling
# create a role for the TASKS related to the billing service
EcsTaskRoleForServiceBilling:
Type: "AWS::IAM::Role"
Properties:
RoleName: EcsTaskRoleForServiceBilling
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- "ecs-tasks.amazonaws.com"
Action:
- "sts:AssumeRole"
Path: "/"
# Create an INLINE policy specific to this role
Policies:
- PolicyName: "EnableBillingOperations"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "ecr:*"
Resource: "*"
Когда я создаю стек в облачной информации, все ресурсы создаются правильно, кроме самой задачи .. Задача завершается с ошибкой
Status reason CannotPullContainerError: Error response from daemon: manifest for 933705104010.dkr.ecr.us-east-1.amazonaws.com/microservices/billing:latest not found: manifest unknown: Requested image not found