ECS Fargate NGINX容器在CloudWatch日志中未显示错误

时间:2019-10-20 08:06:07

标签: docker nginx amazon-ecs amazon-cloudwatch aws-fargate

我的nginx Dockerfile:

FROM nginx:1.15.12-alpine
RUN rm /etc/nginx/conf.d/default.conf
COPY ./nginx/nginx.conf /etc/nginx/conf.d

# Forward request logs to Docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
  && ln -sf /dev/stderr /var/log/nginx/error.log
EXPOSE 80
ENTRYPOINT ["nginx", "-g", "daemon off;"]

我的ECS任务定义中的容器:

[
  {
    "name": "nginx",
    "image": "<ECR REPO HERE>",
    "networkMode": "awsvpc",
    "essential": true,
    "portMappings": [
      {
        "containerPort": 80,
        "protocol": "http"
      }
    ],
    "logConfiguration": {
      "logDriver": "awslogs",
      "options": {
        "awslogs-group": "mygroup",
        "awslogs-region": "us-east-1",
        "awslogs-stream-prefix": "nginx"
      }
    },
    "essential": true
  }
]

但是,部署任务时,它失败了,在CloudWatch中,我看到以下内容:

enter image description here

我是ECS / Cloudwatch的新手。如何从容器中看到NGINX错误?

1 个答案:

答案 0 :(得分:1)

  1. 您应检查ECS_Execution_Role_Policy。它应包含logs权限。就像:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ecr:GetAuthorizationToken",
                "ecr:BatchCheckLayerAvailability",
                "ecr:GetDownloadUrlForLayer",
                "ecr:BatchGetImage",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "*"
        }
    ]
}
  1. 您应该为ecs_agent驱动程序配置awslogs的配置。

此配置文件路径在主机中为/etc/ecs/ecs.config。该文件应类似于:

ECS_CLUSTER=test_ecs_cluster
ECS_AVAILABLE_LOGGING_DRIVERS=["awslogs","json-file"]
  

请参阅:

     

这里是a document

相关问题
最新问题