带有ECS蓝色/绿色部署的AWS CodePipeline失败并出现内部错误 [英] AWS CodePipeline with ECS Blue/Green deployment fails with internal error
问题描述
我设置了CodePipeline,可以在其中构建对代码的更改并将图像推送到ECR.我正在寻找使用新映像来自动更新ECS的方法.我已经配置了ECS蓝色/绿色操作,但是当它运行时,它几乎立即失败,并显示一条有关内部错误"的消息.在CodeDeploy中没有创建失败的部署.
I have a CodePipeline set up where changes to code builds and pushes an image to ECR. I am looking to automate updating ECS with the new image as it is built. I have configured the ECS Blue/Green action but when it runs it fails almost immediately with a message about an "Internal Error". There is no failed deployment created in CodeDeploy.
我已经用两个输入配置了CodePipeline:
I have configured CodePipeline with two inputs:
- 用于构建图像的源代码
- S3中的一个zip,其中包含appspec.yaml和taskdef.json
任何一个输入发生更改时,我都会重建容器并推送到带有ECR标签的"latest".下一步应该是对ECS进行蓝色/绿色部署.我已经配置了CodeDeploy,并且如果手动触发,则可以正常工作.
When either input changes I rebuild the container and push to ECR tagged 'latest'. The next step should be a Blue/Green deployment to ECS. I have configured CodeDeploy and the job works if triggered manually.
通过CodePipeline触发它会失败,并且我收到一条消息操作执行失败内部错误.错误参考代码:< some id>.我怀疑IAM可能存在一些潜在问题,但在此阶段我找不到从哪里开始.CodeDeploy中没有显示失败的部署,因此我看不到一种获取有关失败原因的更多信息的方法.
When it is triggered via CodePipeline it will fail and I receive a message "Action execution failed InternalError. Error reference code: <some id>". I suspect that there may be some underlying issue with IAM but I can't find where to start looking at this stage. There is no failed deployment shown in CodeDeploy so I don't see a way to get more information about what has failed.
我对CodePipeline的政策是从此处记录的政策中复制的:
My policy for CodePipeline is copied from the one documented here: https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-custom-role.html#view-default-service-role-policy
我已在此处阅读了故障排除文档: https://docs.aws.amazon.com/codepipeline/latest/userguide/troubleshooting.html
I have read through the troubleshooting docs here: https://docs.aws.amazon.com/codepipeline/latest/userguide/troubleshooting.html
我认为我的问题类似于此处描述的问题: https://forums.aws.amazon.com/thread.jspa?messageID=897822
I believe my issue is similar to the one described here: https://forums.aws.amazon.com/thread.jspa?messageID=897822
推荐答案
在阅读了类似的文章后,在serverfault.com和AWS论坛上,我已经能够解决此问题.
After a bit more reading of similar posts here, on serverfault.com and the AWS forums I have been able to resolve this.
在我的情况下,问题是我的taskdef.json无效.我花了几个小时才能完成每个步骤,才意识到虽然它是有效的JSON,但它仅包含容器定义部分.修复后,它现在似乎可以正常工作.
In my case the issue was that my taskdef.json was not valid. It took me several hours going through each step to realise that while it was valid JSON it only included the container definitions section. On fixing that it appears to now be working correctly.
最后,我有两个相关的CodePipelines.一个用于将更新的ECR映像部署到ECS(如上所述),另一个用于更新基础结构并生成包含 taskdef.json 和 appspec.yaml 的zip.如果该zip更改了,那么我的容器管道就会运行;如果容器图像源发生变化,也是如此.它需要更多的测试,但目前看来工作非常顺利.
In the end I have two, related, CodePipelines. One for deploying updated ECR images to ECS (described above) and the other which updates infrastructure and generates a zip containing taskdef.json and appspec.yaml. If that zip changes then my container pipeline runs; likewise if the container image source changes. It needs more testing but right now this appears to be working very smoothly.
这篇关于带有ECS蓝色/绿色部署的AWS CodePipeline失败并出现内部错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
