问题:
AWS cdk部署--所有创建ECS服务失败
裘安阳
对CDK来说是新的,对AWS来说是相对新的
我正在遵循本教程,其中包括创建一个基于fargate的私有API,并通过公开的ec2实例在公共互联网上访问它。
我正在挑选,最小限度地纠正各种问题,让一切都运转起来。现在是时候用:
npm run build
cdk bootstrap
cdk synth FargateVpclinkStack
cdk deploy --all
[███████████████████████████████████████████████████████▊··] (52/54)
4:19:40 PM | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | FargateVpclinkStack
4:23:17 PM | CREATE_IN_PROGRESS | AWS::ECS::Service | bookService/Service
10:43:36 PM | CREATE_FAILED | AWS::ECS::Service | bookService/Service
Resource timed out waiting for completion (RequestToken: f8b1d082-1ff3-5a84-938a-95a0ea2f0960)
10:43:45 PM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | FargateVpclinkStack
The following resource(s) failed to create: [bookService05FB6DBB]. Rollback requested by user.
FrgateVpclinkStack failed: Error: The stack named FargateVpclinkStack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE
The stack named FargateVpclinkStack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE
import * as cdk from "@aws-cdk/core";
import * as elbv2 from "@aws-cdk/aws-elasticloadbalancingv2";
import * as ec2 from "@aws-cdk/aws-ec2";
import * as ecs from "@aws-cdk/aws-ecs";
import * as ecr from "@aws-cdk/aws-ecr";
import * as iam from "@aws-cdk/aws-iam";
import * as logs from "@aws-cdk/aws-logs";
import * as apig from "@aws-cdk/aws-apigatewayv2";
import * as servicediscovery from "@aws-cdk/aws-servicediscovery";
export class FargateVpclinkStack extends cdk.Stack {
//Export Vpclink and ALB Listener
public readonly httpVpcLink: cdk.CfnResource;
public readonly httpApiListener: elbv2.ApplicationListener;
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// VPC
const vpc = new ec2.Vpc(this, "ProducerVPC");
// ECS Cluster
const cluster = new ecs.Cluster(this, "Fargate Cluster", {
vpc: vpc,
});
// Cloud Map Namespace
const dnsNamespace = new servicediscovery.PrivateDnsNamespace(
this,
"DnsNamespace",
{
name: "http-api.local",
vpc: vpc,
description: "Private DnsNamespace for Microservices",
}
);
// Task Role
const taskrole = new iam.Role(this, "ecsTaskExecutionRole", {
assumedBy: new iam.ServicePrincipal("ecs-tasks.amazonaws.com"),
});
taskrole.addManagedPolicy(
iam.ManagedPolicy.fromAwsManagedPolicyName(
"service-role/AmazonECSTaskExecutionRolePolicy"
)
);
// Task Definitions
const bookServiceTaskDefinition = new ecs.FargateTaskDefinition(
this,
"bookServiceTaskDef",
{
memoryLimitMiB: 512,
cpu: 256,
taskRole: taskrole,
}
);
const authorServiceTaskDefinition = new ecs.FargateTaskDefinition(
this,
"authorServiceTaskDef",
{
memoryLimitMiB: 512,
cpu: 256,
taskRole: taskrole,
}
);
// Log Groups
const bookServiceLogGroup = new logs.LogGroup(this, "bookServiceLogGroup", {
logGroupName: "/ecs/BookService",
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
const authorServiceLogGroup = new logs.LogGroup(
this,
"authorServiceLogGroup",
{
logGroupName: "/ecs/AuthorService",
removalPolicy: cdk.RemovalPolicy.DESTROY,
}
);
const bookServiceLogDriver = new ecs.AwsLogDriver({
logGroup: bookServiceLogGroup,
streamPrefix: "BookService",
});
const authorServiceLogDriver = new ecs.AwsLogDriver({
logGroup: authorServiceLogGroup,
streamPrefix: "AuthorService",
});
// Amazon ECR Repositories
const bookservicerepo = ecr.Repository.fromRepositoryName(
this,
"bookservice",
"book-service"
);
const authorservicerepo = ecr.Repository.fromRepositoryName(
this,
"authorservice",
"author-service"
);
// Task Containers
const bookServiceContainer = bookServiceTaskDefinition.addContainer(
"bookServiceContainer",
{
image: ecs.ContainerImage.fromEcrRepository(bookservicerepo),
logging: bookServiceLogDriver,
}
);
const authorServiceContainer = authorServiceTaskDefinition.addContainer(
"authorServiceContainer",
{
image: ecs.ContainerImage.fromEcrRepository(authorservicerepo),
logging: authorServiceLogDriver,
}
);
bookServiceContainer.addPortMappings({
containerPort: 80,
});
authorServiceContainer.addPortMappings({
containerPort: 80,
});
//Security Groups
const bookServiceSecGrp = new ec2.SecurityGroup(
this,
"bookServiceSecurityGroup",
{
allowAllOutbound: true,
securityGroupName: "bookServiceSecurityGroup",
vpc: vpc,
}
);
bookServiceSecGrp.connections.allowFromAnyIpv4(ec2.Port.tcp(80));
const authorServiceSecGrp = new ec2.SecurityGroup(
this,
"authorServiceSecurityGroup",
{
allowAllOutbound: true,
securityGroupName: "authorServiceSecurityGroup",
vpc: vpc,
}
);
authorServiceSecGrp.connections.allowFromAnyIpv4(ec2.Port.tcp(80));
// Fargate Services
const bookService = new ecs.FargateService(this, "bookService", {
cluster: cluster,
taskDefinition: bookServiceTaskDefinition,
assignPublicIp: false,
desiredCount: 2,
securityGroup: bookServiceSecGrp,
cloudMapOptions: {
name: "bookService",
cloudMapNamespace: dnsNamespace,
},
});
const authorService = new ecs.FargateService(this, "authorService", {
cluster: cluster,
taskDefinition: authorServiceTaskDefinition,
assignPublicIp: false,
desiredCount: 2,
securityGroup: authorServiceSecGrp,
cloudMapOptions: {
name: "authorService",
cloudMapNamespace: dnsNamespace,
},
});
// ALB
const httpApiInternalALB = new elbv2.ApplicationLoadBalancer(
this,
"httpapiInternalALB",
{
vpc: vpc,
internetFacing: false,
}
);
// ALB Listener
this.httpApiListener = httpApiInternalALB.addListener("httpapiListener", {
port: 80,
// Default Target Group
defaultAction: elbv2.ListenerAction.fixedResponse(200),
});
// Target Groups
const bookServiceTargetGroup = this.httpApiListener.addTargets(
"bookServiceTargetGroup",
{
port: 80,
priority: 1,
healthCheck: {
path: "/api/books/health",
interval: cdk.Duration.seconds(30),
timeout: cdk.Duration.seconds(3),
},
targets: [bookService],
pathPattern: "/api/books*",
}
);
const authorServiceTargetGroup = this.httpApiListener.addTargets(
"authorServiceTargetGroup",
{
port: 80,
priority: 2,
healthCheck: {
path: "/api/authors/health",
interval: cdk.Duration.seconds(30),
timeout: cdk.Duration.seconds(3),
},
targets: [authorService],
pathPattern: "/api/authors*",
}
);
//VPC Link
this.httpVpcLink = new cdk.CfnResource(this, "HttpVpcLink", {
type: "AWS::ApiGatewayV2::VpcLink",
properties: {
Name: "http-api-vpclink",
SubnetIds: vpc.privateSubnets.map((m) => m.subnetId),
},
});
}
}
{
"name": "cdk",
"version": "0.1.0",
"bin": {
"cdk": "bin/cdk.js"
},
"scripts": {
"build": "tsc",
"watch": "tsc -w",
"test": "jest",
"cdk": "cdk"
},
"devDependencies": {
"@aws-cdk/assert": "1.101.0",
"@aws-cdk/aws-apigatewayv2": "1.101.0",
"@aws-cdk/core": "1.101.0",
"@aws-cdk/aws-ec2": "1.101.0",
"@aws-cdk/aws-ecr": "1.101.0",
"@aws-cdk/aws-ecs": "1.101.0",
"@aws-cdk/aws-elasticloadbalancingv2": "1.101.0",
"@aws-cdk/aws-iam": "1.101.0",
"@aws-cdk/aws-logs": "1.101.0",
"@aws-cdk/aws-servicediscovery": "1.101.0",
"@types/jest": "^26.0.10",
"@types/node": "10.17.27",
"jest": "^26.4.2",
"ts-jest": "^26.2.0",
"aws-cdk": "1.101.0",
"ts-node": "^9.0.0",
"typescript": "~3.9.7"
},
"dependencies": {
"@aws-cdk/core": "1.101.0",
"source-map-support": "^0.5.16"
}
}
整个教程的所有代码都可以在这个github链接中找到
共有1个答案
芮宇航
超时是由于BookService试图访问一个名称错误的ECR。概括一下这个答案,如果有超时,最好记录哪些资源超时,并检查所有组成元素。
类似资料:
-
我目前正在开发一个云备份解决方案,其中涉及到多达8个在spring-boot中开发的微服务,并使用mongo DB atlas作为持久层。 微服务包括Netflix ZUUL API网关和Netflix Eureka作为服务发现机制。微服务被要求彼此进行明显的对话。 对微服务进行了对接。到目前为止,我已经使用docker-compose文件将它们部署到EC2实例中,该文件列出了使用docker网络
-
我正在尝试使用无服务器将lambda函数部署到AWS。执行时 无服务器部署--详细 我得到以下错误每次: 无服务器错误--------------------------------------- 出现错误:mainTable-无效的KeySchema:第一个 myserverless.yml如下所示: 你们中有人能帮忙吗? 干杯
-
本文向大家介绍阿里云ECS服务器部署django的方法,包括了阿里云ECS服务器部署django的方法的使用技巧和注意事项,需要的朋友参考一下 参考 服务器安装的是Centos 系统。 uwsgi是使用pip安装的。 nginx是使用yum install nginx安装。 python 2.7, mysql 5.5使用 yum安装。 它们之间的逻辑关系如下: the web client <->
-
这将不会拉出图像,因为imagePullPolicy总是。 那就跑吧 kubectl编辑部署HTTP-部署 编辑:已经出现的图像只是信息性的,这是豆荚描述的最后一行 警告退避7s(x8超过91s)kubelet,minikube退避重新启动容器失败
-
部署服务 我们使用 docker service 命令来管理 Swarm 集群中的服务,该命令只能在管理节点运行。 新建服务 现在我们在上一节创建的 Swarm 集群中运行一个名为 nginx 服务。 $ docker service create --replicas 3 -p 80:80 --name nginx nginx:1.13.7-alpine 现在我们使用浏览器,输入任意节点 IP
-
我试图在配置为eclipse的Jboss服务器中部署ear文件,但当我试图部署它时,它总是以超时异常结束。我试图增加我的服务器超时时间,但似乎没有帮助。但是同一个ear当我尝试在eclipse之外的同一台服务器上部署时,它被成功地部署,即使在通过google处理了几个相关问题之后,也无法找到根案例。 根据我的观察,这个问题似乎不是由于jboss配置造成的,因为当直接部署时,同一个ear和服务器似乎