I have an EC2-managed instance of EC2 running in VPC (on one of the private subnets). When you try to run the task in this instance, it seems to be unable to pull out the image. As far as I can understand from the documentation, the ECS agent does not require special configuration to pull the image from the repo.
Looking at the Docker logs, I repeatedly see the following:
level=error msg="Download failed, retrying: dial tcp 54.231.17.81:443: i/o timeout"
The ecs-agent logs repeatedly show me that the image is not loading:
Pulling image module="TaskEngine" image="REDACTED.dkr.ecr.us-east-1.amazonaws.com/REDACTED:latest" status="Retrying in 19 seconds"
He ultimately tries to start the image, but obviously does not work and exits. Giving me the message below on the Cluster Tasks tab:
STOPPED (Essential container in task exited)
This error occurs with both amzn-ami-2016.03.e and amzn-ami-2016.03.d AMIs
Are there any specific configuration or network rules that I need to apply in order to be able to pull from ECR?
Any help here would be greatly appreciated.
As an additional note, the instance has access to the Internet (pinging google.com works fine), and when I try to pull an image from the Docker Hub, it also works fine.
source share