如何解决将efs音量添加到ecs fargate
我想将EFS与Fargate一起使用,但是在任务启动时出现此错误:
ResourceInitializationError: failed to invoke EFS utils commands to set up EFS volumes: stderr: Failed to resolve "fs-xxxxx.efs.eu-west-1.amazonaws.com" - check that your file system ID is correct
我已经检查了文件系统ID,它是正确的...如何获得有关此错误的更多信息? 可能与安全组有关吗?
这是我在terraform中使用的代码,我在两个可用区域中使用了两个安装点:
resource "aws_efs_file_system" "efs_apache" {
}
resource "aws_efs_mount_target" "efs-mount" {
count = 2
file_system_id = aws_efs_file_system.efs_apache.id
subnet_id = sort(var.subnet_ids)[count.index]
security_groups = [aws_security_group.efs.id]
}
resource "aws_efs_access_point" "efs-access-point" {
file_system_id = aws_efs_file_system.efs_apache.id
}
resource "aws_security_group" "efs" {
name = "${var.name}-efs-sg"
description = "Allow traffic from self"
vpc_id = var.vpc_id
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 2049
to_port = 2049
protocol = "tcp"
security_groups = [aws_security_group.fargate_sg.id]
}
}
这是Fargate服务:
resource "aws_ecs_task_definition" "task_definition" {
family = var.name
requires_compatibilities = ["FARGATE"]
network_mode = "awsvpc"
execution_role_arn = aws_iam_role.task_execution_role.arn
task_role_arn = aws_iam_role.task_role.arn
cpu = var.cpu
memory = var.memoryHardLimit
volume {
name = "efs-apache"
efs_volume_configuration {
file_system_id = aws_efs_file_system.efs_apache.id
root_directory = "/"
transit_encryption = "ENABLED"
authorization_config {
access_point_id = aws_efs_access_point.efs-access-point.id
iam = "ENABLED"
}
}
}
depends_on = [aws_efs_file_system.efs_apache]
container_definitions = <<EOF
[
{
"name": "${var.name}","image": "${data.aws_caller_identity.current.account_id}.dkr.ecr.${data.aws_region.current.name}.amazonaws.com/${lower(var.project_name)}_app:latest","memory": ${var.memoryHardLimit},"memoryReservation": ${var.memorySoftLimit},"cpu": ${var.cpu},"essential": true,"command": [
"/bin/sh -c \"/app/start.sh"
],"entryPoint": [
"sh","-c"
],"mountPoints": [
{
"containerPath": "/var/www/sites_json","sourceVolume": "efs-apache","readOnly": false
}
],"portMappings": [
{
"containerPort": ${var.docker_container_port},"hostPort": ${var.docker_container_port}
}
],"logConfiguration": {
"logDriver": "awslogs","options": {
"awslogs-group": "${var.name}-Task-LogGroup","awslogs-region": "${data.aws_region.current.name}","awslogs-stream-prefix": "ecs"
}
}
}
]
EOF
}
我该如何解决?
解决方法
确保已在VPC中启用DNS解析和DNS主机名。 EFS需要启用这两个选项才能工作,因为它依赖于DNS主机名来解析连接。因为互联网上的大多数文档都将重点放在了此错误的安全组上,所以这让我停了一会儿。
Terraform AWS提供程序资源 $this->db->select('tbl_account_details.*',FALSE);
$this->db->select('tbl_users.*');
$this->db->join('tbl_users','tbl_users.user_id = tbl_account_details.user_id','left');
$this->db->where('(designations_id=2 or designations_id=3 )');
$this->db->where('tbl_users.user_id NOT IN(SELECT user_id FROM tbl_attendance WHERE tbl_attendance.date_in='.$date.' && attendance_status=3 OR attendance_status=4 )');
$query_result = $this->db->get('tbl_users');
$result = $query_result->result();
return $result;
默认情况下设置aws_vpc
,因此您需要将其显式设置为true。您的Terraform VPC配置应如下所示:
enable_dns_hostnames = false
,
我花了几个小时调查 saùe 问题,问题是 EFS 没有安装在子网上(Terraform 脚本中缺少 aws_efs_mount_target
)
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。