更新Fargate TaskDefinition之后,由于任务定义无效,触发任务的CloudWatch事件失败

时间:2018-12-10 18:16:58

标签: amazon-web-services amazon-ecs

我在ECS中定义了一系列定期执行的任务。我最近做了一个较小的更改,以更新Terraform中的任务定义,以将容器的默认环境变量(从DEBUG更改为PRODUCTION):

        "environment": [
              {"name": "ENVIRONMENT", "value": "PRODUCTION"}
              ]

我使用Fargate的Scheduled Tasks功能运行了此任务,并将其设置为每4小时进行一次。但是,更新任务定义后,由于我的上一个容器日志是几天前的,所以我开始发现任务不是由CloudWatch触发的。

我使用CloudTrail深入研究了该问题,并注意到RunTask事件的条目的特定部分:

"eventTime": "2018-12-10T17:26:46Z",
"eventSource": "ecs.amazonaws.com",
"eventName": "RunTask",
"awsRegion": "us-east-1",
"sourceIPAddress": "events.amazonaws.com",
"userAgent": "events.amazonaws.com",
"errorCode": "InvalidParameterException",
"errorMessage": "TaskDefinition is inactive",

在日志中,我注意到ECS尝试运行的任务定义是

 "taskDefinition": "arn:aws:ecs:us-east-1:XXXXX:task-
definition/important-task-name:2",

但是,在我的ECS任务定义中,important-task-name的最新版本为3。因此,由于我使用的是任务定义的“非活动”版本,因此似乎未触发事件。

我是否可以通过任何方式在AWS Fargate中计划任务,而不必手动通过控制台并停止/重新启动/更新每个集群的计划更新?有没有办法简单地要求CloudWatch提取最新的活动任务定义?

2 个答案:

答案 0 :(得分:1)

您可以使用CloudWatch Event Rules控制计划的任务,并且每当更新任务定义时,您也可以更新规则。假设您有两个文件:

myRule.json 

{
  "Name": "run-every-minute",
  "ScheduleExpression": "cron(0/1 * * * ? *)",
  "State": "ENABLED",
  "Description": "a task that will run every minute",
  "RoleArn": "arn:aws:iam::${IAM_NUMBER}:role/ecsEventsRole",
  "EventBusName": "default"
}

myTargets.json 

{
  "Rule": "run-every-minute",
  "Targets": [
      {
          "Id": "scheduled-task-example",
          "Arn": "arn:aws:ecs:${REGION}:${IAM_NUMBER}:cluster/mycluster",
          "RoleArn": "arn:aws:iam::${IAM_NUMBER}:role/ecsEventsRole",
          "Input": "{\"containerOverrides\":[{\"name\":\"myTask\",\"environment\":[{\"name\":\"ENVIRONMENT\",\"value\":\"production\"},{\"name\":\"foo\",\"value\":\"bar\"}]}]}",
          "EcsParameters": {
            "TaskDefinitionArn": "arn:aws:ecs:${REGION}:${IAM_NUMBER}:task-definition/myTaskDefinition",
            "TaskCount": 1,
            "LaunchType": "FARGATE",
            "NetworkConfiguration": {
                "awsvpcConfiguration": {
                    "Subnets": [
                        "subnet-xyz1",
                        "subnet-xyz2",
                    ],
                    "SecurityGroups": [
                        "sg-xyz"
                    ],
                    "AssignPublicIp": "ENABLED"
                }
            },
            "PlatformVersion": "LATEST"
          }
      }
  ]
}

现在,只要有myTaskDefinition的新版本,您就可以更新规则,例如:

aws events put-rule --cli-input-json file://myRule.json --region $REGION
aws events put-targets --cli-input-json file://myTargets.json --region $REGION
echo 'done'

但是,当然,用您的凭据替换IAM_NUMBER和REGION,

答案 1 :(得分:0)

Cloud Map似乎是针对这些类型问题的解决方案。

https://aws.amazon.com/about-aws/whats-new/2018/11/aws-fargate-and-amazon-ecs-now-integrate-with-aws-cloud-map/

相关问题
最新问题