I got the error when I created a service in ECS.
As the error says, the error happens in CodeDeploy.
The CodeDeploy deployment was not successful.
CodeDeploy The blue/green deployment was not successfully started
for the service: The Deployment Group 'DgpECS-blogClu-test' already
has an active Deployment 'd-6C9HNEPDA' (Service: AmazonCodeDeploy;
Status Code: 400; Error Code: DeploymentLimitExceededException;
Request ID: 5d4984d5-29fa-4681-97e4-acfa54b55e2b; Proxy: null)
How can I solve it?
Go to CodeDeploy. Then, check "Deployment group deployment history" at Application.
One deployment group is already running so you got the error because you cannot run multiple deployment groups at the same time.
You can stop it or wait for it to finish. Then, you can run another deployment group.
Related
I'm trying to create ECS Fargate deployment using Cloudformation script, but the script fails during creation of ECS Cluster with error saying that unable to assume service role. I'm not able to figure out what I'm missing in the script, I have tried many ways none of them seem to be working.
Here is the link to cloud formation script as I'm not able to post it here due to character limitation.
ECS Cloudformation script
the error where the resource creation fails.
Resource handler returned message: "Invalid request provided: CreateCluster Invalid Request: Unable to assume the service linked role. Please verify that the ECS service linked role exists. (Service: AmazonECS; Status Code: 400; Error Code: InvalidParameterException; Request ID: e08ab312-4bd8-4c21-852f-ae5d49cc5932; Proxy: null)" (RequestToken: a686f226-e1d3-7b4c-13f1-66fa0a516c51, HandlerErrorCode: InvalidRequest
I'm able to get it working if I create an ECS cluster from aws console, as it creates a service liked role. But I want to work without creating the cluster manually from Console, enerything building up from Cloudformation. I tried looking over aws docs and did dig up Internet but couldn't get it working.Can anyone please help me out.
I am trying to stop a service on AWS with the Bamboo ECS Service Delete task. However, I got the following error:
Deleting service 'my-service' on cluster 'my-cluster':
Service request rejected by AWS!
com.amazonaws.services.ecs.model.InvalidParameterException: The service cannot be stopped while it is scaled above 0. (Service: AmazonECS; Status Code: 400; Error Code: InvalidParameterException; Request ID: 03dab8da-xyz)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1695)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1350)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1101)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:758)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:732)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:714)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:674)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:656)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:520)
at com.amazonaws.services.ecs.AmazonECSClient.doInvoke(AmazonECSClient.java:3289)
at com.amazonaws.services.ecs.AmazonECSClient.invoke(AmazonECSClient.java:3256)
at com.amazonaws.services.ecs.AmazonECSClient.invoke(AmazonECSClient.java:3245)
at com.amazonaws.services.ecs.AmazonECSClient.executeDeleteService(AmazonECSClient.java:859)
at com.amazonaws.services.ecs.AmazonECSClient.deleteService(AmazonECSClient.java:831)
at net.utoolity.atlassian.bamboo.taws.ECSServiceTask.executeDelete(ECSServiceTask.java:344)
at net.utoolity.atlassian.bamboo.taws.ECSServiceTask.execute(ECSServiceTask.java:141)
at net.utoolity.atlassian.bamboo.taws.AWSTask.execute(AWSTask.java:164)
at com.atlassian.bamboo.task.TaskExecutorImpl.lambda$executeTasks$3(TaskExecutorImpl.java:319)
at com.atlassian.bamboo.task.TaskExecutorImpl.executeTaskWithPrePostActions(TaskExecutorImpl.java:252)
at com.atlassian.bamboo.task.TaskExecutorImpl.executeTasks(TaskExecutorImpl.java:319)
at com.atlassian.bamboo.task.TaskExecutorImpl.execute(TaskExecutorImpl.java:112)
at com.atlassian.bamboo.build.pipeline.tasks.ExecuteBuildTask.call(ExecuteBuildTask.java:73)
at com.atlassian.bamboo.v2.build.agent.DefaultBuildAgent.executeBuildPhase(DefaultBuildAgent.java:203)
at com.atlassian.bamboo.v2.build.agent.DefaultBuildAgent.build(DefaultBuildAgent.java:175)
at com.atlassian.bamboo.v2.build.agent.BuildAgentControllerImpl.lambda$waitAndPerformBuild$0(BuildAgentControllerImpl.java:129)
at com.atlassian.bamboo.variable.CustomVariableContextImpl.withVariableSubstitutor(CustomVariableContextImpl.java:185)
at com.atlassian.bamboo.v2.build.agent.BuildAgentControllerImpl.waitAndPerformBuild(BuildAgentControllerImpl.java:123)
at com.atlassian.bamboo.v2.build.agent.DefaultBuildAgent$1.run(DefaultBuildAgent.java:126)
at com.atlassian.bamboo.utils.BambooRunnables$1.run(BambooRunnables.java:48)
at com.atlassian.bamboo.security.ImpersonationHelper.runWith(ImpersonationHelper.java:26)
at com.atlassian.bamboo.security.ImpersonationHelper.runWithSystemAuthority(ImpersonationHelper.java:17)
at com.atlassian.bamboo.security.ImpersonationHelper$1.run(ImpersonationHelper.java:41)
at java.lang.Thread.run(Thread.java:745)
Finished task 'delete ecs service' with result: Error
I assume that the reason is that there is already a task still running in this ECS service. However, when I am using the aws-cli command, then the service is deleted without any problems:
aws ecs delete-service --cluster my-cluster --service my-service --force
Maybe there is no force option in the Bamboo task. Any Ideas?
The solution was to update the ECS Service first and set the desired count to 0 and then to delete the service.
I used to deploy a Java web application to Elastic Beanstalk (EC2) as root user without this problem. Now I'm using a recommended way of deploying as IAM service user and I get the following errors. I suspect it's because of lack of permissions (policies) but I don't know what policies should I assign to the IAM user.
QUESTION: Could you help me in finding the right policies?
commands:
eb init --profile eb_admin
eb create --single
output of the 2nd command:
Printing Status:
2019-05-26 12:08:58 INFO createEnvironment is starting.
2019-05-26 12:08:59 INFO Using elasticbeanstalk-eu-central-1-726173845157 as Amazon S3 storage bucket for environment data.
2019-05-26 12:09:26 INFO Created security group named: awseb-e-ire9qdzahd-stack-AWSEBSecurityGroup-L5VUAQLDAA9F
2019-05-26 12:09:42 ERROR Stack named 'awseb-e-ire9qdzahd-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: [MountTargetSecurityGroup, AWSEBEIP, sslSecurityGroupIngress, FileSystem].
2019-05-26 12:09:42 ERROR Creating security group failed Reason: The vpc ID 'vpc-7166611a' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidVpcID.NotFound; Request ID: c1d0ce4d-830d-4b0c-9f84-85d8da4f7243)
2019-05-26 12:09:42 ERROR Creating EIP: 54.93.84.166 failed. Reason: Resource creation cancelled
2019-05-26 12:09:42 ERROR Creating security group ingress named: sslSecurityGroupIngress failed Reason: Resource creation cancelled
2019-05-26 12:09:44 INFO Launched environment: stack-overflow-dev. However, there were issues during launch. See event log for details.
Important!
I use a few .ebextensions scripts in order to initialize the environment:
nginx
https-instance-securitygroup
storage-efs-createfilesystem
storage-efs-mountfilesystem
After reviewing the logs, I also noticed that I forgot to create VPC which is required for EFS filesystem. Could it be that 1 failed script (storage-efs-createfilesystem) is the root cause of subsequent failing operations?
Yes, the lack of VPC has caused the other resources to fail to create. Elastic Beanstalk and the storage-efs-createfilesystem extension use CloudFormation underneath.
storage-efs-createfilesystem Cfn template creates MountTargetSecurityGroup SG and that failed due to lack of VPC. The AWSEBEIP, sslSecurityGroupIngress and FileSystem resource creation is then cancelled.
I am deploying simple Spring Boot app on Amazon Elastic Beanstalk.
It seems pretty simple.
I just created war-file and deployed it on Amazon.
However, I receives the following errors during creating the environment:
Creating Auto Scaling group named:
awseb-e-5zxuiqb7jh-stack-AWSEBAutoScalingGroup-1JVXAWPWCK3FK failed.
Reason: You have requested more instances (1) than your current
instance limit of 0 allows for the specified instance type. Please
visit http://aws.amazon.com/contact-us/ec2-request to request an
adjustment to this limit. Launching EC2 instance failed.
Stack named 'awseb-e-5zxuiqb7jh-stack' aborted operation. Current
state: 'CREATE_FAILED' Reason: The following resource(s) failed to
create: [AWSEBAutoScalingGroup].
I have an identity TVM on Amazon Elastic Beanstalk that when I try to start it gives
014-07-07 15:29:46 UTC+0100 ERROR Stack named 'awseb-e-ybrpewdr7z-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: AWSEBInstanceLaunchWaitCondition. (Service: AmazonCloudFormation; Status Code: 400; Error Code: OperationError; Request ID: null)
Now If I go to logs and click snapshot logs all that happens is it waits for a while showing processing but then I get no logs showing up. Does anyone please have an idea what the problem is so I can see either the logs and/or sort the startup problem?
This was security issue.
Amazon ECB uses a VPC, now that may already be running especially if a RDB has been created first. Now the groups on the EB instance can show acces rights reuired. But the VPC has an underlying security ACL that is not group based. When a RDB is created first that initially created the VPC the VPC instance gets the rights just to access the DB, so will not allow for example HTTP traffic through this cannot get to the EB to set it up.