AWS ECS Terraform:当前不支持请求的配置。启动EC2实例失败

时间:2020-04-05 22:16:05

标签: amazon-web-services amazon-ec2 terraform amazon-ecs aws-auto-scaling

我一直在尝试使用Terraform启动ECS。大约两天前,它按预期运行,但是今天我尝试运行terraform apply,但不断收到错误消息

“当前不支持请求的配置。启动EC2实例失败”

我对此问题进行了很多研究,尝试将VPC租期硬编码为default,尝试更改区域,实例类型,但似乎没有任何解决办法。

这是我的Terraform配置:

provider "aws" {
  region      = var.region
}

data "aws_availability_zones" "available" {}

# Define a vpc
resource "aws_vpc" "motivy_vpc" {
  cidr_block = var.motivy_network_cidr
  tags = {
    Name = var.motivy_vpc
  }
  enable_dns_support = "true"
  instance_tenancy = "default"
  enable_dns_hostnames = "true"
}

# Internet gateway for the public subnet
resource "aws_internet_gateway" "motivy_ig" {
  vpc_id = aws_vpc.motivy_vpc.id
  tags = {
    Name = "motivy_ig"
  }
}

# Public subnet 1
resource "aws_subnet" "motivy_public_sn_01" {
  vpc_id = aws_vpc.motivy_vpc.id
  cidr_block = var.motivy_public_01_cidr
  availability_zone = data.aws_availability_zones.available.names[0]
  tags = {
    Name = "motivy_public_sn_01"
  }
}

# Public subnet 2
resource "aws_subnet" "motivy_public_sn_02" {
  vpc_id = aws_vpc.motivy_vpc.id
  cidr_block = var.motivy_public_02_cidr
  availability_zone = data.aws_availability_zones.available.names[1]
  tags = {
    Name = "motivy_public_sn_02"
  }
}

# Routing table for public subnet 1
resource "aws_route_table" "motivy_public_sn_rt_01" {
  vpc_id = aws_vpc.motivy_vpc.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.motivy_ig.id
  }
  tags = {
    Name = "motivy_public_sn_rt_01"
  }
}

# Routing table for public subnet 2
resource "aws_route_table" "motivy_public_sn_rt_02" {
  vpc_id = aws_vpc.motivy_vpc.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.motivy_ig.id
  }
  tags = {
    Name = "motivy_public_sn_rt_02"
  }
}

# Associate the routing table to public subnet 1
resource "aws_route_table_association" "motivy_public_sn_rt_01_assn" {
  subnet_id = aws_subnet.motivy_public_sn_01.id
  route_table_id = aws_route_table.motivy_public_sn_rt_01.id
}

# Associate the routing table to public subnet 2
resource "aws_route_table_association" "motivy_public_sn_rt_02_assn" {
  subnet_id = aws_subnet.motivy_public_sn_02.id
  route_table_id = aws_route_table.motivy_public_sn_rt_02.id
}

# ECS Instance Security group
resource "aws_security_group" "motivy_public_sg" {
  name = "motivys_public_sg"
  description = "Test public access security group"
  vpc_id = aws_vpc.motivy_vpc.id

  ingress {
    from_port = 22
    to_port = 22
    protocol = "tcp"
    cidr_blocks = [
      "0.0.0.0/0"]
  }

  ingress {
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = [
      "0.0.0.0/0"]
  }

  ingress {
    from_port = 5000
    to_port = 5000
    protocol = "tcp"
    cidr_blocks = [
      "0.0.0.0/0"]
  }

  ingress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = [
      var.motivy_public_01_cidr,
      var.motivy_public_02_cidr
    ]

  }

  egress {
    # allow all traffic to private SN
    from_port = "0"
    to_port = "0"
    protocol = "-1"
    cidr_blocks = [
      "0.0.0.0/0"]
  }

  tags = {
    Name = "motivy_public_sg"
  }
}

data "aws_ecs_task_definition" "motivy_server" {
  task_definition = aws_ecs_task_definition.motivy_server.family
}

resource "aws_ecs_task_definition" "motivy_server" {
  family                = "motivy_server"
  container_definitions = file("task-definitions/service.json")
}

data "aws_ami" "latest_ecs" {
  most_recent = true # get the latest version

  filter {
    name = "name"
    values = [
      "amzn2-ami-ecs-*"] # ECS optimized image
  }

  owners = [
    "amazon" # Only official images
  ]
}

resource "aws_launch_configuration" "ecs-launch-configuration" {
  name                        = "ecs-launch-configuration"
  image_id                    = data.aws_ami.latest_ecs.id
  instance_type               = "t2.micro"
  iam_instance_profile        = aws_iam_instance_profile.ecs-instance-profile.id

  root_block_device {
    volume_type = "standard"
    volume_size = 100
    delete_on_termination = true
  }

  enable_monitoring           = true

  lifecycle {
    create_before_destroy = true
  }

  security_groups             = [aws_security_group.motivy_public_sg.id]
  associate_public_ip_address = "true"
  key_name                    = var.ecs_key_pair_name
  user_data                   = <<EOF
                                  #!/bin/bash
                                  echo ECS_CLUSTER=${var.ecs_cluster} >> /etc/ecs/ecs.config
                                  EOF
  }

resource "aws_appautoscaling_target" "ecs_motivy_server_target" {
  max_capacity       = 2
  min_capacity       = 1
  resource_id        = "service/${aws_ecs_cluster.motivy_ecs_cluster.name}/${aws_ecs_service.motivy_server_service.name}"
  scalable_dimension = "ecs:service:DesiredCount"
  service_namespace  = "ecs"
  depends_on      = [ aws_ecs_service.motivy_server_service ]
}

resource "aws_iam_role" "ecs-instance-role" {
  name                = "ecs-instance-role"
  path                = "/"
  assume_role_policy  = data.aws_iam_policy_document.ecs-instance-policy.json
}

data "aws_iam_policy_document" "ecs-instance-policy" {
  statement {
    actions = ["sts:AssumeRole"]

    principals {
      type        = "Service"
      identifiers = ["ec2.amazonaws.com"]
    }
  }
}

resource "aws_iam_role_policy_attachment" "ecs-instance-role-attachment" {
  role       = aws_iam_role.ecs-instance-role.name
  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
}

resource "aws_iam_instance_profile" "ecs-instance-profile" {
  name = "ecs-instance-profile"
  path = "/"
  role = aws_iam_role.ecs-instance-role.id
  provisioner "local-exec" {
    command = "sleep 10"
  }
}

resource "aws_autoscaling_group" "motivy-server-autoscaling-group" {
  name = "motivy-server-autoscaling-group"
  termination_policies = [
     "OldestInstance" # When a “scale down” event occurs, which instances to kill first?
  ]
  default_cooldown          = 30
  health_check_grace_period = 30
  max_size                  = var.max_instance_size
  min_size                  = var.min_instance_size
  desired_capacity          = var.desired_capacity

  # Use this launch configuration to define “how” the EC2 instances are to be launched
  launch_configuration      = aws_launch_configuration.ecs-launch-configuration.name

  lifecycle {
    create_before_destroy = true
  }

  # Refer to vpc.tf for more information
  # You could use the private subnets here instead,
  # if you want the EC2 instances to be hidden from the internet
  vpc_zone_identifier = [aws_subnet.motivy_public_sn_01.id, aws_subnet.motivy_public_sn_02.id]

  tags = [{
      key                 = "Name",
      value               = var.ecs_cluster,

      # Make sure EC2 instances are tagged with this tag as well
      propagate_at_launch = true
    }]
}

resource "aws_alb" "motivy_server_alb_load_balancer" {
  name                = "motivy-alb-load-balancer"
  security_groups     = [aws_security_group.motivy_public_sg.id]
  subnets             = [aws_subnet.motivy_public_sn_01.id, aws_subnet.motivy_public_sn_02.id]

  tags = {
    Name = "motivy_server_alb_load_balancer"
  }
}

resource "aws_alb_target_group" "motivy_server_target_group" {
  name                = "motivy-server-target-group"
  port                =  5000
  protocol            = "HTTP"
  vpc_id              = aws_vpc.motivy_vpc.id
  deregistration_delay = "10"

  health_check {
    healthy_threshold   = "2"
    unhealthy_threshold = "6"
    interval            = "30"
    matcher             = "200,301,302"
    path                = "/"
    protocol            = "HTTP"
    timeout             = "5"
  }

  stickiness {
    type  = "lb_cookie"
  }

  tags = {
    Name = "motivy-server-target-group"
  }
}

resource "aws_alb_listener" "alb-listener" {
  load_balancer_arn = aws_alb.motivy_server_alb_load_balancer.arn
  port              = "80"
  protocol          = "HTTP"

  default_action {
    target_group_arn = aws_alb_target_group.motivy_server_target_group.arn
    type             = "forward"
  }
}

resource "aws_autoscaling_attachment" "asg_attachment_motivy_server" {
  autoscaling_group_name = aws_autoscaling_group.motivy-server-autoscaling-group.id
  alb_target_group_arn   = aws_alb_target_group.motivy_server_target_group.arn
}

这是我得到的确切错误

Error: "motivy-server-autoscaling-group": Waiting up to 10m0s: Need at least 2 healthy instances in ASG, have 0. Most recent activity: {
  ActivityId: "a775c531-9496-fdf9-5157-ab2448626293",
  AutoScalingGroupName: "motivy-server-autoscaling-group",
  Cause: "At 2020-04-05T22:10:28Z an instance was started in response to a difference between desired and actual capacity, increasing the capacity from 0 to 2.",
  Description: "Launching a new EC2 instance.  Status Reason: The requested configuration is currently not supported. Please check the documentation for supported configurations. Launching EC2 instance failed.",
  Details: "{\"Subnet ID\":\"subnet-05de5fc0e994d05fe\",\"Availability Zone\":\"us-east-1a\"}",
  EndTime: 2020-04-05 22:10:29 +0000 UTC,
  Progress: 100,
  StartTime: 2020-04-05 22:10:29.439 +0000 UTC,
  StatusCode: "Failed",
  StatusMessage: "The requested configuration is currently not supported. Please check the documentation for supported configurations. Launching EC2 instance failed."
}

2 个答案:

答案 0 :(得分:0)

我不确定为什么两天前它能起作用。

但是最近Amazon ECS优化的AMI的volume_type是gp2。 您应该选择gp2作为root_block_device.volume_type。

resource "aws_launch_configuration" "ecs-launch-configuration" {
  # ...
  root_block_device {
    volume_type = "gp2"
    volume_size = 100
    delete_on_termination = true
  }
  # ...
}
data "aws_ami" "latest_ecs" {
  most_recent = true # get the latest version

  filter {
    name = "name"
    values = ["amzn2-ami-ecs-hvm-*-x86_64-ebs"] # ECS optimized image
  }

  owners = [
    "amazon" # Only official images
  ]
}

答案 1 :(得分:-1)

对我来说,我使用的是t3 gen而不是t2