#refarch (2024-03)
Cloud Posse Reference Architecture
2024-03-27
Hey, getting a weird error when trying to deploy ecs-services tasks. Some, but not all of our services are failing to deploy with this error:
│ Error: creating ECS Task Definition (taskname): ClientException: When networkMode=awsvpc, the application protocol must be one of [http, http2, grpc]
│
│ with module.ecs_alb_service_task[0].aws_ecs_task_definition.default[0],
│ on .terraform/modules/ecs_alb_service_task/main.tf line 49, in resource "aws_ecs_task_definition" "default":
│ 49: resource "aws_ecs_task_definition" "default" {
│
We can’t find any meaningful difference between the services that deploy and the ones that don’t
appProtocol is an optional string and we don’t have it set for any of the other tasks that are working
and setting it also doesn’t seem to matter
based on the error message, it sounds like awsvpc network mode requires one of those 3 app protocols. When you tried setting appProtocol, what happened?
didn’t make a difference, same error
that should go under port_mappings correct?
yes that should be right. Could you share how you configured that variable?
port_mappings:
- containerPort: 80
hostPort: 80
protocol: tcp
appProtocol: http
I’m assuming Slack reformatted that right? YAML indentation is picky
port_mappings:
- containerPort: 80
hostPort: 80
protocol: tcp
appProtocol: http
it doesn’t seem to be picking up the appProtocol var
it’s weird because this works fine for some other ecs-services with nearly the same config
yeah that is bizarre. Can you share a config that is working? What’s the difference?
port_mappings:
- containerPort: 8080
hostPort: 8080
protocol: tcp
oh lol. I’m trying to reproduce locally, one minute
we’re on version: 1.417.0
I can’t reproduce this. Whenever I add the appProtocol, it is passed all the way through. Could you try describing a component that is working and a component that isnt working? Then check the values that are passed to terraform:
For example, describe the component:
atmos describe component ecs/platform/service/echo-server -s plat-use2-sandbox
Then double check that the port_mappings include appProtocol under port_mappings.
Then also check that task network_mode is awsvpc
atmos describe component ecs/platform/service/echo-server -s plat-use2-sandbox
...
vars:
...
containers:
service:
...
port_mappings:
- appProtocol: http
containerPort: 8080
hostPort: 8080
protocol: tcp
...
task:
...
network_mode: awsvpc
oh maybe you might have a lifecycle rule configured for the task definition? In that case it could be that terraform is ignoring your changes. When you add or change appProtocol, if you run terraform plan does it show changes?
standby, we think we might have a larger issue with ECS clusters that is manifesting as this error for some weird reason
we deployed a new ECS cluster yesterday and might have broken some stuff by accident
if it’s still busted after the ECS cluster is rebuilt, I’ll give this a shot and follow up. thank you!
sounds good. let me know!
yeah this ended up being a totally separate issue with a weird error message for some reason
it looks like it was partly being caused by some cached task definitions in the ecs s3 mirror
yeah I believe this PR was the fix for anyone else looking up this thread in the future: https://github.com/cloudposse/terraform-aws-components/pull/1008