AWS Fargate-CannotPullContainerError(500)? [英] AWS Fargate - CannotPullContainerError (500)?
问题描述
我正在使用AWS ECS托管我的服务。当我尝试使用Fargate定义任务时,出现以下问题。
I'm using AWS ECS to host my services. When I try to define task with fargate, I'm getting this below problem.
CannotPullContainerError:API错误(500):获取 https://xxxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/v2/ :net / http:请求在取消时等待连接(等待标题时超出了Client.Timeout)
CannotPullContainerError: API error (500): Get https://xxxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
此外,我还授予了IAM用户访问ECR的全部权限。请帮助我解决这个问题。
Further I gave full permissions to access ECR in the IAM user as well. Please help me to sort out this problem.
推荐答案
在这里看看: https://github.com/aws/amazon-ecs-agent/issues/1128
在特别是 samuelkarp
您在下面看到的错误通常是由于缺乏互联网
来拉取图像的缘故。图像提取是通过任务使用的网络
接口进行的,并因此共享安全组和
路由规则。
The error you are seeing below is commonly due to lack of internet access to pull the image. The image pull occurs over the network interface used by the Task, and as such shares security group and routing rules.
请检查您的配置对于以下内容:
Please check your configuration for the following:
如果要启动没有公共IP的任务,请确保子网上的
路由表具有 0.0.0.0/0 访问NAT网关或
NAT实例,以确保可以访问互联网。如果您的路由表中有
个Internet网关,则它就像防火墙一样,在阻止
连接。如果您要启动具有公共
IP的任务,请确保子网上的路由表的 0.0.0.0/0将
转到互联网网关,以确保您能够使用公用IP
成功进入流量。验证您的安全组规则是否有
任务允许出站访问。此处的默认值通常是所有
流量为0.0.0.0/0。如果这些网络更改均不适用于您
或无法解决您的问题,请告知我们,以便我们为
提供进一步的帮助。
If you are launching a task without a public IP, make sure that the route table on the subnet has "0.0.0.0/0" going to a NAT Gateway or NAT instance to ensure access to the internet. If your route table has an internet gateway, this is acting like a firewall and preventing the connection from being made. If you are launching a task with a public IP, make sure that the route table on the subnet has "0.0.0.0/0" going to an internet gateway to ensure you will be able to use the public IP successfully for ingress traffic. Verify your security group rules for the Task allows for outbound access. The default here is typically All Traffic to 0.0.0.0/0. If neither of those networking changes apply to you or if they do not fix your problem, please let us know so we can further assist.
这篇关于AWS Fargate-CannotPullContainerError(500)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
