amazon-ecs-cli icon indicating copy to clipboard operation
amazon-ecs-cli copied to clipboard

Published 20 hours ago verified publisher icon aws

Error creating/updating service when only container port specified

Open bronislav opened this issue 4 years ago • 7 comments

Summary

Error "ClientException: When networkMode=awsvpc, the host ports and container ports in port mappings must match" occurred during service create/update using compose style commands, if only container port specified.

Description

  • Which specific command was run? Creating service using compose style command ecs-cli compose service up
  • Which version of the CLI you are using?
❯ ecs-cli --version
ecs-cli version 1.18.1 (*UNKNOWN)
  • Which version of Go are you using?
❯ go version
go version go1.14.2 darwin/amd64
  • What platform are you using to run ECS CLI commands? MacOS

Config files

  • docker-compose.yml
version: '3'

services:
  api:
    image: <image_name>
    command: ./bin/start-api
    ports:
      - "9292"
    logging:
      driver: awslogs
      options:
        awslogs-group: log-group
        awslogs-region: eu-central-1
        awslogs-stream-prefix: "api"
  • ecs-params.yml
version: 1

task_definition:
  task_execution_role: arn:aws:iam::account-id:role/role-name
  ecs_network_mode: awsvpc
  task_size:
    mem_limit: 0.5GB
    cpu_limit: 256
  docker_volumes:
run_params:
  network_configuration:
    awsvpc_configuration:
      subnets:
        - "subnet-1"
        - "subnet-2"
        - "subnet-3"
      security_groups:
        - "sg-1"
      assign_public_ip: ENABLED
  • ~/.ecs/config
version: v1
default: staging
clusters:
  staging:
    cluster: default
    region: eu-central-1
    default_launch_type: FARGATE

Expected Behavior

Service created and host port assigned dynamically.

Observed Behavior

ERRO[0000] Error registering task definition             error="ClientException: When networkMode=awsvpc, the host ports and container ports in port mappings must match." family=service_name
ERRO[0000] Create task definition failed                 error="ClientException: When networkMode=awsvpc, the host ports and container ports in port mappings must match."
FATA[0000] ClientException: When networkMode=awsvpc, the host ports and container ports in port mappings must match.

I think this error occurred because port mappings being converted incorrectly. According to the converter code https://github.com/aws/amazon-ecs-cli/blob/3970a6c1f38bc750ff9c068f53220aa177c7df54/ecs-cli/modules/cli/compose/adapter/convert.go#L353 hostPort became 0 if not set explicitly.

bronislav avatar Apr 23 '20 22:04 bronislav

Hi @bronislav thanks for creating the issue. Will update soon after further investigation.

hossain-rayhan avatar Apr 28 '20 06:04 hossain-rayhan

I am getting this error as well. I changed my port mappings to explicitly set the host side, even when it's the same port as the container side, and it is still emitting this error:

ERRO[0000] Create task definition failed                 error="ClientException: When networkMode=awsvpc, the host ports and container ports in port mappings must match."
FATA[0000] ClientException: When networkMode=awsvpc, the host ports and container ports in port mappings must match.

For one thing, this error message lacks context - I don't know which port mapping it's complaining about. Ideally, it should name the service definition which contains the port mapping, or at least name the ports in question. But the main issue is that in my compose file, I explicitly configure host:container mappings, so I don't know why it's still throwing this error.

docker-compose.yml:

    ports:
      - "2182:2181"
      - "2888:2888"
      - "3888:3888"

Corresponding ECS task definition port-mapping:

      "PortMappings": [{
          "ContainerPort": 2181,
          "HostPort": 2182,
          "Protocol": "tcp"
        },{
          "ContainerPort": 2888,
          "HostPort": 2888,
          "Protocol": "tcp"
        },{
          "ContainerPort": 3888,
          "HostPort": 3888,
          "Protocol": "tcp"
        }],

ecs-cli version 1.18.1 MacOS: 10.14

wolfch-elsevier avatar Apr 29 '20 15:04 wolfch-elsevier

@wolfch-elsevier I think issue in this port mapping - "2182:2181". Error states that ports should match.

bronislav avatar May 03 '20 11:05 bronislav

@wolfch-elsevier I think issue in this port mapping - "2182:2181". Error states that ports should match.

Hi, that was a typo in my docker-compose.yml. I corrected that to 2181:2181 but now I get :

ClientException: TCP container port '2181' is used multiple times in task when networkMode=awsvpc

But that's another problem. As far as this ticket goes, specifying the host port to be the same as the container port is the solution. How you can have multiple zookeeper nodes (containers) with the same ports, I haver no idea.

wolfch-elsevier avatar May 04 '20 10:05 wolfch-elsevier

@wolfch-elsevier You can't have multiple containers with the same port in one task. You may start several tasks for this purpose.

bronislav avatar May 04 '20 10:05 bronislav

@pkandasamy91 Are there any updates regarding this issue?

/cc @hossain-rayhan

bronislav avatar May 04 '20 10:05 bronislav

@wolfch-elsevier You can't have multiple containers with the same port in one task. You may start several tasks for this purpose.

Ok, I thought in awsvpc mode each container has it's own ENI so they could use the same port because it's qualified by private IP, but I will try the the per-task approach. Thanks for stretching the answer beyond the scope of this ticket! :)

wolfch-elsevier avatar May 04 '20 10:05 wolfch-elsevier