I have a custom ECS AMI, running Debian 10. I launch the ECS-Agent as a container, as suggested in the docs here. Everything works fine.
Recently, I was asked to integrate EFS into the cluster, so that containers running within specific tasks would have access to shared, persistent storage.
I added the efs-utils package to the AMI build, as documented in the git repo. The instances themselves now automatically mount to EFS on boot, and users on the instances can read/write to the EFS mount.
However, tasks configured to use the efsVolumeConfiguration
parameter in the task volume definition fail to get placed; the good old Container instance missing required attribute
error.
Because the instances themselves have no problem mounting to EFS on boot, I’ve implemented a workaround using regular docker volumes, so the containers running in the task mount EFS on the host via normal docker volume, but I’d prefer to have the ECS -> EFS integration working properly.
When I run the ECS-CLI check-attributes
command against any of the instances in my cluster I get:
ecs-cli check-attributes --task-def my-task --container-instances my-container-instance-id --cluster my-ecs-cluser
Container Instance Missing Attributes
my-container-instance-id ecs.capability.efsAuth
And indeed, in the console, when I go cluster
->instances
->specific-instance
->actions
->view/edit attributes
, all of the ecs.capability.xxx
contain empty values.
When do these values get populated? How should I augment the AMI build so that these values get populated with the proper values?
Please let me know if you need any additional information.
Thanks in advance!
3
Answers
Apologies, I thought I marked this as the answer a long time ago.
Answer from @bravinator932421
This also worked for me .
I am not sure if this functionality of using EFS with ECS is supported on Debian based systems since the documentation 1 does not provide commands for Debian.
Still, try these steps:
<empty>
I had the same problem but I got it when trying out Bottlerocket, which apparently does not support encrypted EFS mounts. Removing the transit encryption requirement fixed it.