TechQA.

Missing container attribute

2.1k views Asked by At

I am running EC2 instance with RancherOS ECS-enabled AMI v1.0.4 in ECS cluster.

The instance joins cluster, but ECS tasks are failing to start because container instance is missing an attribute required by the task.

The ECS task that is failing to start has IAM role and requires com.amazonaws.ecs.capability.task-iam-role attribute. After checking which attributes the container instance has (using cli aws ecs describe-container-instances), it can be seen that this required attribute is missing.

When I remove IAM role from the task, it starts fine.

When I run instance with Amazon ECS-optimized AMI everything works fine.

I followed official RancherOS ECS guide, including verifying ECS Container Instance IAM Role, without success.

amazon-web-services amazon-ec2 amazon-ecs rancher
Original Q&A
1

There are 1 answers

0
Dmitry On

After looking in the source code of ECS agent, it became apparent that by default this functionality is disabled. In order to enable it environment variable ECS_ENABLE_TASK_IAM_ROLE should have value true.

Adding it to cloud-config file does the job:

#cloud-config
rancher:
  environment:
    ECS_ENABLE_TASK_IAM_ROLE: true

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-EC2

Related Questions in AMAZON-ECS

Related Questions in RANCHER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions