Search code examples
amazon-web-servicesaws-cloudformationamazon-ecs

CloudFormation template stuck at CREATE_IN_PROGRESS when creating ECS service

I'm creating a ECS service in CloudFormation.

I receive no error, it just will sit at the CREATE_IN_PROGRESS on the logical ID = Service phase..

Here's my CF template (ECS cluster & some other stuff above but cut out due to relevance).

  TaskDefinition:
    Type: 'AWS::ECS::TaskDefinition'
    Properties:
      Family: flink
      Memory: 2048
      Cpu: 512
      NetworkMode: awsvpc
      RequiresCompatibilities:
        - FARGATE 
      ContainerDefinitions:
        - Name: flink-jobmanager
          Image: ACCOUNT_ID.dkr.ecr.us-west-1.amazonaws.com/teststack-flink:latest
          Essential: true
          PortMappings:
            - ContainerPort: 8081
              HostPort: 8081
          LogConfiguration:
            LogDriver: awslogs
            Options:
              awslogs-group: ecs/flink-stream
              awslogs-region: !Ref AWS::Region
              awslogs-stream-prefix: ecs
          Command:
            - jobmanager
        - Name: flink-taskmanager
          Image: ACCOUNT_ID.dkr.ecr.us-west-1.amazonaws.com/teststack-flink:latest
          Essential: true
          Command:
            - taskmanager
      ExecutionRoleArn: !Sub arn:aws:iam::${AWS::AccountId}:role/ecsTaskExecutionRole
      Volumes: []
      TaskRoleArn: !Sub arn:aws:iam::${AWS::AccountId}:role/ecsTaskExecutionRole
      Tags:
        -
          Key: EnvironmentStage
          Value: !Ref EnvironmentStage

  Service:
    Type: 'AWS::ECS::Service'
    Properties:
      ServiceName: !Join ['', [!Ref EnvironmentStage, '-', !Ref 'AWS::StackName']]
      Cluster: !Join ['', ['arn:aws:ecs:', !Ref 'AWS::Region', ':', !Ref 'AWS::AccountId', ':cluster/', !Ref ECSCluster]]
      LaunchType: FARGATE
      DeploymentConfiguration:
        MaximumPercent: 200
        MinimumHealthyPercent: 75
      TaskDefinition: !Join ['', ['arn:aws:ecs:', !Ref 'AWS::Region', ':', !Ref 'AWS::AccountId', ':task-definition/', !Ref TaskDefinition]]
      # TaskDefinition: !Ref TaskDefinition
      DesiredCount: 1
      DeploymentController:
        Type: ECS
      EnableECSManagedTags: true
      PropagateTags: TASK_DEFINITION
      SchedulingStrategy: REPLICA
      NetworkConfiguration:
        AwsvpcConfiguration:
          AssignPublicIp: ENABLED
          SecurityGroups:
            - !Ref FlinkSecurityGroup
          Subnets:
            - subnet-466da11c
            - subnet-6fe65509
      Tags:
        -
          Key: EnvironmentStage
          Value: !Ref EnvironmentStage

The containers both deploy to the cluster when I set it up manually

Solution

  • After checking clusters -> CLUSTER_NAME -> tasks -> stopped I saw the following:

    Status reason   CannotStartContainerError: Error response from daemon: 
failed to initialize logging driver: failed to create Cloudwatch log stream: 
ResourceNotFoundException: The specified log group does not exist.

    The issue was simply that I forgot to add the creating of a log group to to my CF template.. So I added this:

      LogGroup:
    Type: AWS::Logs::LogGroup
    Properties:
      LogGroupName: !Sub ${EnvironmentStage}-service-flink

    Then modified the LogConfiguration in TaskDefinition to this:

    LogConfiguration:
  LogDriver: awslogs
  Options:
    awslogs-group: !Ref LogGroup
    awslogs-region: !Ref 'AWS::Region'
    awslogs-stream-prefix: flink

    Now the CF template works like a charm :)