Geek Answers Handbook

ECS Fargate Scheduled Task Not Launched

I am trying to set up a scheduled task using ECS ​​Fargate, but I cannot understand why it is not running. I can confirm that the task works correctly using RunTask , but when I try to run it on schedule, all I get is a set of "FailedInvocations" without explanation.

However, I know that the rule works, so this is a good sign. See the screenshot below:

enter image description here

But every time it fires, it just happens “FailedInvocation”. Here is the planning rule:

enter image description here

And the default permissions for ecsEventRole only with ecs:runTask :

enter image description here

 { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ecs:RunTask" ], "Resource": [ "*" ] } ] }

My guess is that this ecsEventsRole does not have enough permissions. Should I try to give it the ones that ecsTaskExecutionRole ?

Thanks

UPDATE: This is now supported in the us-east-1 . See comments.

+19
amazon-web-services scheduled-tasks amazon-ecs aws-fargate aws-ecs
source share
4 answers

I had a similar problem when regular scheduled ECS tasks were not running.

I finally resolved this by adding an additional policy to ecsEventsRole that allows CloudWatch Events to pass IAM roles to ECS tasks:

 { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iam:ListInstanceProfiles", "iam:ListRoles", "iam:PassRole" ], "Resource": "*" } ] }
+8
source share

Here is a possible workaround: use the lambda function as the target for the cloud view rule and create the task in the code of the lambda function.

Here is a sample code for a lambda function: https://lobster1234.imtqy.com/2017/12/03/run-tasks-with-aws-fargate-and-lambda/

The links describe how to pack a new version of boto using the lambda function, but this is no longer necessary, since AWS has already updated the version of lambda boto to 1.4.8

I tested and works.

+3
source share

Although more than a year has passed, AWS still does not have the proper way to view call logs.

As you already know, we can call tasks using RunTask manually, like scheduled tasks.

The only difference is that the scheduled task runs according to CloudWatch rules.

We can easily see the call logs in CloudTrail Event history , go there and filter events with the name of the event: RunTask and select the time range that you want to check, find the event and click View Event , you will see an error code and an answer.

+2
source share

Have you tried using aws cli and running aws events put-rule and then aws events put-targets --rule <value> --targets <value> ? I had a similar problem and I used (latest version) aws cli for me.

Here is a sample:

aws events put-rule --name "DailyLambdaFunction" --schedule-expression "cron(0 9 * * ? *)"

The following is a command in one line:

 aws events put-targets --rule cli-RS-rule --targets '{"Arn":"arn:aws:ecs:1234/cluster/clustername","EcsParameters":{"LaunchType": "FARGATE","NetworkConfiguration": {"awsvpcConfiguration": {"AssignPublicIp": "ENABLED", "SecurityGroups": [ "sg-id1233" ], "Subnets": [ "subnet-1234" ] }},"TaskCount": 1,"TaskDefinitionArn": "arn:aws:ecs:1234:task-definition/taskdef"},"Id": "sampleID111","RoleArn": "arn:aws:iam:1234:role/eventrole"}'
0
source share

More articles:


All Articles