0

I am creating ECS cluster, service and task using cloudformation but it gives an error: Embedded stack arn:aws:cloudformation:us-east-2:0212657325299:stack/Root-Cluster-153O1DKDIKGLV/f1123c5c-d1f9-11ea-1216-2a3e4111fce2 was not successfully created: The following resource(s) failed to create: [Myservice, LoadBalancerListener]. I have created a root stack which runs the vpc stack and Cluster stack. This error occurs when running the Cluster stack. I think the error is in the Load balancer and role in Myservice but I am unable to figure the solution. Any help would be appreciated.

---
AWSTemplateFormatVersion: 2010-09-09 
Parameters:
    SubnetA:
      Type: String
    SubnetB:
      Type: String
    VpcID:
      Type: String
Resources:
    Albsg:
        Type: AWS::EC2::SecurityGroup
        Properties:
            GroupName: alb-sg
            VpcId: !Ref VpcID
            SecurityGroupIngress:
                - IpProtocol: tcp
                  FromPort: 22
                  ToPort: 22
                  CidrIp: 0.0.0.0/0
                  Description: For traffic from Internet
                - IpProtocol: tcp
                  FromPort: 80
                  ToPort: 80
                  CidrIp: 0.0.0.0/0
                  Description: For traffic from Internet
            GroupDescription: Security Group for demo server
    Alb:
        Type: AWS::ElasticLoadBalancingV2::LoadBalancer
        Properties: 
            IpAddressType: ipv4
            Name: Alb
            Scheme: internet-facing
            SecurityGroups: 
                - !Ref Albsg
            Subnets:
                - Ref: "SubnetA"
                - Ref: "SubnetB"
            Type: application
    DefaultTargetGroup:
        Type: AWS::ElasticLoadBalancingV2::TargetGroup
        Properties:
            Name: alb-tg
            VpcId: !Ref VpcID
            Port: 80
            Protocol: HTTP
    LoadBalancerListener:
        Type: AWS::ElasticLoadBalancingV2::Listener
        Properties:
            LoadBalancerArn: !Ref Alb
            Port: 80
            Protocol: HTTP
            DefaultActions:
                - Type: forward
                  TargetGroupArn: !Ref DefaultTargetGroup 
    MyCluster:
        Type: AWS::ECS::Cluster
        Properties: 
            ClusterName: Flask-redis
    Myservice:
        Type: AWS::ECS::Service
        Properties: 
            Cluster: !Ref MyCluster        
            DeploymentController:   
                Type: ECS
            DesiredCount: 2
            LaunchType: EC2
            LoadBalancers: 
                - !Ref Alb
            # Role: String
            SchedulingStrategy: REPLICA
            ServiceName: Python-service
            TaskDefinition: !Ref Task
    Task:
        Type: AWS::ECS::TaskDefinition
        Properties:
            Family: redis-python 
            ContainerDefinitions: 
              - Essential: true
                Image: redis:latest
                Name: redis            
            Cpu: .5 vCPU
            # ExecutionRoleArn: !Ref Role
            Memory: 0.5 GB
            NetworkMode: bridge
            RequiresCompatibilities:
                - EC2---
AWSTemplateFormatVersion: 2010-09-09 
Parameters:
    SubnetA:
      Type: String
    SubnetB:
      Type: String
    VpcID:
      Type: String
Resources:
    Albsg:
        Type: AWS::EC2::SecurityGroup
        Properties:
            GroupName: alb-sg
            VpcId: !Ref VpcID
            SecurityGroupIngress:
                - IpProtocol: tcp
                  FromPort: 22
                  ToPort: 22
                  CidrIp: 0.0.0.0/0
                  Description: For traffic from Internet
                - IpProtocol: tcp
                  FromPort: 80
                  ToPort: 80
                  CidrIp: 0.0.0.0/0
                  Description: For traffic from Internet
            GroupDescription: Security Group for demo server
    Alb:
        Type: AWS::ElasticLoadBalancingV2::LoadBalancer
        Properties: 
            IpAddressType: ipv4
            Name: Alb
            Scheme: internet-facing
            SecurityGroups: 
                - !Ref Albsg
            Subnets:
                - Ref: "SubnetA"
                - Ref: "SubnetB"
            Type: application
    DefaultTargetGroup:
        Type: AWS::ElasticLoadBalancingV2::TargetGroup
        Properties:
            Name: alb-tg
            VpcId: !Ref VpcID
            Port: 80
            Protocol: HTTP
    LoadBalancerListener:
        Type: AWS::ElasticLoadBalancingV2::Listener
        Properties:
            LoadBalancerArn: !Ref Alb
            Port: 80
            Protocol: HTTP
            DefaultActions:
                - Type: forward
                  TargetGroupArn: !Ref DefaultTargetGroup 
    MyCluster:
        Type: AWS::ECS::Cluster
        Properties: 
            ClusterName: Flask-redis
    Myservice:
        Type: AWS::ECS::Service
        Properties: 
            Cluster: !Ref MyCluster        
            DeploymentController:   
                Type: ECS
            DesiredCount: 2
            LaunchType: EC2
            LoadBalancers: 
                - !Ref Alb
            # Role: String
            SchedulingStrategy: REPLICA
            ServiceName: Python-service
            TaskDefinition: !Ref Task
    Task:
        Type: AWS::ECS::TaskDefinition
        Properties:
            Family: redis-python 
            ContainerDefinitions: 
              - Essential: true
                Image: redis:latest
                Name: redis            
            Cpu: .5 vCPU
            # ExecutionRoleArn: !Ref Role
            Memory: 0.5 GB
            NetworkMode: bridge
            RequiresCompatibilities:
                - EC2

1 Answers1

0

The AWS::ECS::Service LoadBalancer is an object. There were also other issues:

  • Missing DependsOn
  • Missing port on container

I used the template in us-east-1 using default VPC. The template will still not work as there are no container instances. But at least your original issue should be addressed.

---
AWSTemplateFormatVersion: 2010-09-09 
Parameters:
    SubnetA:
      Default: subnet-00afd36c5eb1d367b
      Type: String
    SubnetB:
      Default: subnet-0573cd428fe807ebc
      Type: String
    VpcID:
      Default: vpc-040d4c42ee5a159fc  
      Type: String
Resources:
    Albsg:
        Type: AWS::EC2::SecurityGroup
        Properties:
            GroupName: alb-sg
            VpcId: !Ref VpcID
            SecurityGroupIngress:
                - IpProtocol: tcp
                  FromPort: 22
                  ToPort: 22
                  CidrIp: 0.0.0.0/0
                  Description: For traffic from Internet
                - IpProtocol: tcp
                  FromPort: 80
                  ToPort: 80
                  CidrIp: 0.0.0.0/0
                  Description: For traffic from Internet
            GroupDescription: Security Group for demo server

    Alb:
        Type: AWS::ElasticLoadBalancingV2::LoadBalancer
        Properties: 
            IpAddressType: ipv4
            Name: Alb
            Scheme: internet-facing
            SecurityGroups: 
                - !Ref Albsg
            Subnets:
                - Ref: "SubnetA"
                - Ref: "SubnetB"
            Type: application

    DefaultTargetGroup:
        Type: AWS::ElasticLoadBalancingV2::TargetGroup
        Properties:
            Name: alb-tg
            VpcId: !Ref VpcID
            Port: 5000
            Protocol: HTTP

    LoadBalancerListener:
        Type: AWS::ElasticLoadBalancingV2::Listener
        Properties:
            LoadBalancerArn: !Ref Alb
            Port: 80
            Protocol: HTTP
            DefaultActions:
                - Type: forward
                  TargetGroupArn: !Ref DefaultTargetGroup 

    MyCluster:
        Type: AWS::ECS::Cluster
        Properties: 
            ClusterName: Flask-redis

    Myservice:
        Type: AWS::ECS::Service
        DependsOn: LoadBalancerListener  
        Properties: 
            Cluster: !Ref MyCluster        
            DeploymentController:   
                Type: ECS
            DesiredCount: 2
            LaunchType: EC2
            LoadBalancers: 
                -  ContainerName: redis
                   ContainerPort: 5000
                   TargetGroupArn: !Ref DefaultTargetGroup 
            # Role: String
            SchedulingStrategy: REPLICA
            ServiceName: Python-service
            TaskDefinition: !Ref Task

    Task:
        Type: AWS::ECS::TaskDefinition
        Properties:
            Family: redis-python 
            ContainerDefinitions: 
              - Essential: true
                Image: redis:latest
                Name: redis
                PortMappings:
                  - ContainerPort: 5000
                    #HostPort: Integer
                    #Protocol: tcp
            Cpu: .5 vCPU
            # ExecutionRoleArn: !Ref Role
            Memory: 0.5 GB
            NetworkMode: bridge
            RequiresCompatibilities:
                - EC2
Marcin
  • 215,873
  • 14
  • 235
  • 294
  • What if I have 2 container. Python and redis then? Python ContainerPort is 5000 and since I am using bridge network so in links I would give redis as I need my python container to talk to redis. In this Scenario what should be the configuration? –  Jul 30 '20 at 03:04
  • @aws-noob I modified the answer with corrected version of your template. – Marcin Jul 30 '20 at 05:43
  • Thanks Marcin, Giving the desired count in my service doesn't spin up the ec2 instance? I fit doesn't then how will I spin the ec2 instance? –  Jul 30 '20 at 07:50
  • @aws-noob You have to create the container instances, for example in an auto-scaling group. Or maybe, just use fargate instead of EC2 launch type. Do you really need to use EC2 launch type for ECS? – Marcin Jul 30 '20 at 07:52
  • I need to spin up the EC2 instance without using auto-scaling . I need to use Ec2 launch type. I am doing it for the first time in cloud formation. When I created it with console I didn't configure the auto scaling. I am actually in training and have to meet certain requirement can't use fargate. –  Jul 30 '20 at 07:55
  • 1
    @aws-noob I see. Then ceate it as a regular instance. Make sure to choose ECS-optmized AMI instead of a generic one, and modify its user data to register to a cluster. – Marcin Jul 30 '20 at 07:59
  • @aws-noob Thanks. Also an instance role with `AmazonEC2ContainerServiceforEC2Role` policy will be needed. You can try, and if does not work, please make new question as this is new issue (how to create such an instance) :-) – Marcin Jul 30 '20 at 08:02
  • Much appreciated, will do but let me first try it myself. Thanks for giving me a lead :D –  Jul 30 '20 at 08:04
  • 1
    @aws-noob No problem. Its good learning experience. Add ASG to it as next challenge level in the solution later :-). – Marcin Jul 30 '20 at 08:05