【发布时间】:2018-11-05 06:55:51
【问题描述】:
我正在尝试通过 aws cli 将容器部署到 ECS (Fargate)。我能够成功创建任务定义,当我想向我的 Fargate 集群添加新服务时出现问题。
这是执行的命令:
aws ecs create-service --cli-input-json file://aws_manual_cfn/ecs-service.json
这是我得到的错误:
An error occurred (InvalidParameterException) when calling the CreateService operation: You cannot specify an IAM role for services that require a service linked role.`
ecs-service.json
{
"cluster": "my-fargate-cluster",
"role": "AWSServiceRoleForECS",
"serviceName": "dropinfun-spots",
"desiredCount": 1,
"launchType": "FARGATE",
"networkConfiguration": {
"awsvpcConfiguration": {
"assignPublicIp": "ENABLED",
"securityGroups": ["sg-06d506f7e444f2faa"],
"subnets": ["subnet-c8ffcbf7", "subnet-1c7b6078", "subnet-d47f7efb", "subnet-e704cfad", "subnet-deeb43d1", "subnet-b59097e8"]
}
},
"taskDefinition": "dropinfun-spots-task",
"loadBalancers": [
{
"targetGroupArn": "arn:aws:elasticloadbalancing:us-east-1:************:targetgroup/dropinfun-spots-target-group/c21992d4a411010f",
"containerName": "dropinfun-spots-service",
"containerPort": 80
}
]
}
task-definition.json
{
"family": "dropinfun-spots-task",
"executionRoleArn": "arn:aws:iam::************:role/aws-service-role/ecs.amazonaws.com/AWSServiceRoleForECS",
"memory": "0.5GB",
"cpu": "256",
"networkMode": "awsvpc",
"requiresCompatibilities": [
"FARGATE"
],
"containerDefinitions": [
{
"name": "dropinfun-spots-service",
"image": "************.dkr.ecr.us-east-1.amazonaws.com/dropinfun-spots-service:latest",
"memory": 512,
"portMappings": [
{
"containerPort": 80
}
],
"essential": true
}
]
}
知道如何管理这个linked-role错误吗?
【问题讨论】:
-
我收到此错误的另一个原因(向服务添加第二个目标组):“如果您的任务定义使用 awsvpc 网络模式或服务配置为使用服务发现、外部部署控制器、多个目标组或 Elastic Inference 加速器,在这种情况下,您不应在此处指定角色。”
标签: aws-cli amazon-ecs aws-fargate amazon-ecr