Hi,When I tried to deploy the ECS Fargate service using AWS CDK, I get stuck at the task launch and after A while I get an error:
ResourceInitializationError: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve ecr registry auth: service call has been retried 3 time(s): RequestError: send request failed caused by: Post "https://api.ecr.ap-northeast-2.amazonaws.com/": dial tcp 54.180.184.238:443: i/o timeout. Please check your task network configuration..
Here is my cdk code:
ps:I'm not writing** [isDefault: true]** in loopup vpc, because if I write it that way, I'll have two more subnets that I don't know where they came from.
`
const vpc = ec2.Vpc.fromLookup(this, "Default VPC", {
//default vpc id
vpcId: "vpc-069bd0d6dea52bc66", //The VPC ID shown here is the only VPC in ap-northeast-2
});
const publicSubnets = vpc.selectSubnets({
subnetType: ec2.SubnetType.PUBLIC,
availabilityZones: ["ap-northeast-2a", "ap-northeast-2b"],
});
//The printout here is same as aws console
publicSubnets.subnets.forEach((subnet) => {
console.log("==>>subnetId:" + subnet.subnetId + "\n");
});
const cluster = new ecs.Cluster(this, "Cluster", {
clusterName: "DemoClusterForCdk",
vpc,
});
const fargateTaskDefinition = new ecs.TaskDefinition(this, "TaskDefinition-Fargate", {
compatibility: ecs.Compatibility.FARGATE,
cpu: "256",
memoryMiB: "512",
networkMode: ecs.NetworkMode.AWS_VPC,
});
fargateTaskDefinition.addContainer("FargateTaskContainer", {
//private repository
image: ecs.ContainerImage.fromEcrRepository(
ecr.Repository.fromRepositoryName(
this,
"ECR-Repository-nginxDemos",
"nginxdemos-hello"
),
"latest"
),
portMappings: [{ containerPort: 80 }],
});
const fargateService = new ecs.FargateService(this, "DemoFargateService", {
cluster,
taskDefinition: fargateTaskDefinition,
desiredCount: 2,
serviceName: "DemoFargateService",
vpcSubnets: { subnets: publicSubnets.subnets },
});
const alb = new elbv2.ApplicationLoadBalancer(this, "DemoALB", {
vpc,
internetFacing: true,
ipAddressType: elbv2.IpAddressType.IPV4,
vpcSubnets: publicSubnets,
});
const listener = alb.addListener("DemoListener", {
port: 80,
protocol: elbv2.ApplicationProtocol.HTTP,
});
listener.addTargets("DemoTarget", {
port: 80,
protocol: elbv2.ApplicationProtocol.HTTP,
targets: [fargateService],
});
`
During deployment, the startup task will continue to be retried, and of course, it will continue to fail.
Why is this? The subnet is public.
It worked. Thank you.