用于将 s3 存储桶同步到 nginx 的 aws sidecar 容器正在输出 1000 条日志并停止和启动

问题描述 投票:0回答:1

我已经设置了一个任务定义来运行 nginx ecs 容器。经过测试并有效。 我添加了一个 sidecar 容器来与 nginx 容器共享卷,因此它可以将内容上传到容器,如下所示。

我收到了 sidecar 容器的大量详细日志,它只是不断启动和停止我的服务。欢迎任何建议。谢谢

注:

  • 我的 s3 存储桶中只有 4 个文件。 index.html、contact.html 和其他一些 html 文件。

  • 分配的所有角色都允许访问任务。

任务定义.json

{
  "family": "nginx-example-development2",
  "requiresCompatibilities": [
    "EC2"
  ],
  "taskRoleArn": <ecsTaskRole>,
  "executionRoleArn": <ecsTaskExecutionRole>,
  "networkMode": "bridge",
  "containerDefinitions": [
      {
      "name": "s3-sync-container",
      "image": "amazon/aws-cli:latest",
      "memory": 256,
      "cpu": 128,
      "essential": true, 
      "command": [
        "/bin/sh", "-c", 
        "aws s3 sync  <S3_BUCKET> /shared/s3-cache --delete --only-show-errors && while true; do sleep 3600; done"
      ],
      "environment": [
        {
          "name": "AWS_DEFAULT_REGION",
          "value": <REGION>
        }
      ],
      "mountPoints": [
        {
          "sourceVolume": "shared-cache-volume",
          "containerPath": "/shared/s3-cache"
        }
      ],
      "healthCheck": {
        "command": ["CMD-SHELL", "test -f /usr/share/nginx/html/s3-cache/index.html && echo 'ready' || exit 1"],
        "interval": 30,
        "timeout": 5,
        "retries": 3,
        "startPeriod": 0
      },
      "logConfiguration": {
        "logDriver": "awslogs",
        "options": {
          "awslogs-group": "my-sidecar-logs",
          "awslogs-region": "eu-west-2", 
          "awslogs-stream-prefix": "s3-sync"
        }
      }
    },
    {
      "name": "nginx-example-development2",
      "image":  <DOCKER_IMG>,
      "linuxParameters": {
        "initProcessEnabled": true
      },
      "cpu": 128,
      "memoryReservation": 256,
      "essential": true,
      "dependsOn": [
        {
          "containerName": "s3-sync-container",
          "condition": "HEALTHY"
        }
      ],
      "mountPoints": [
        {
          "sourceVolume": "shared-cache-volume",
          "containerPath": "/usr/share/nginx/html/s3-cache"
        }
      ],
      "environment": [
        {
          "name": "ECS_CONTAINER_METADATA_URI",
          "value": ""
        }, {
          "name": "NGINX_PORT",
          "value": "8080"
        }
      ],
      "logConfiguration": {
        "logDriver": "awslogs",
        "options": {
          "awslogs-create-group": "true",
          "awslogs-group": "nginx-example-development2",
          "awslogs-region": <REGION>,
          "awslogs-stream-prefix": "ecs"
        }
      },
      "portMappings": [
        {
          "containerPort": 8080,
          "hostPort": 8080,
          "protocol": "tcp"
        }
      ],
      "healthCheck": {
        "command": [
          "CMD-SHELL",
          "/usr/local/bin/healthcheck.sh"
        ],
        "interval": 30,
        "timeout": 60,     
        "retries": 1, 
        "startPeriod": 30  
      },
      "command": [
        "nginx", "-g", "daemon off;"
      ]
    }
    
  ],
  "volumes": [
    {
      "name": "shared-cache-volume",
      "host": {
        "sourcePath": "/ecs/shared-cache"
      }
    }
  ]
}

这些是我收到的日志类型:1000s


08 October 2024 at 18:38 (UTC+1:00) iotthingsgraph | iottwinmaker uniqueid...
s3-sync-container

08 October 2024 at 18:38 (UTC+1:00) iotwireless | ivs uniqueid... s3-sync-container

08 October 2024 at 18:38 (UTC+1:00) ivs-realtime | ivschat uniqueid...
s3-sync-container

08 October 2024 at 18:38 (UTC+1:00)
kafka | kafkaconnect
uniqueid... s3-sync-container

08 October 2024 at 18:38 (UTC+1:00) kendra | kendra-ranking

我也收到了这个错误,但它没有准确指出是什么,而且很难过滤这么多日志:

aws:错误:参数命令:无效选择,有效选择是:

amazon-s3 aws-cli ecs-taskdefinition
1个回答
0
投票

好吧,这就是问题所在。

  1. 修复详细日志

“image”:“amazon/aws-cli:latest”导致了详细消息。我不知道如何解决这个问题。我决定暂时将其替换为: "image": "amazonlinux:2"

  1. 修复导致容器无法正常运行的配置问题

删除详细日志后,我可以在日志中看到问题。

我必须修复一些配置项:

  • 健康检查不应位于 nginx 路径上,而应位于卷路径上。即:/共享/s3-cache/已上传
  • 我不得不稍微尝试一下健康检查:两个任务之间的startPeriodtimeout以使其完成。
  • 我在 SIGTERM 上添加了一个陷阱,以确保它不会连续运行而阻止 nginx 启动。 陷阱“退出 0”SIGTERM
  • 我注意到我的 cmd 在 nginx 容器本身上失败:nginx 不是一个有效的选项。我刚刚删除了 cmd,因为它是不必要的。 - “命令”:[“nginx”,“-g”,“守护进程关闭;”]

任务定义-extract.json

{  
 "containerDefinitions": [{
    "image": "amazonlinux:2",
    "command": [
      "/bin/bash", "-c", 
      "touch /shared/s3-cache2/uploaded &&
       echo 'Files uploaded!' && 
       trap 'exit 0' SIGTERM && 
       while true; do sleep 10; done"
    ],
   "healthCheck": {
      "command": [
        "CMD-SHELL", 
       "test -f /shared/s3-cache/uploaded && echo 'ready' || exit 1"
      ],
    }
}

成功了。

  1. 为 sidecar 创建新的存储库以安装 aws-cli 以作为 sidecar 运行 我用新上传的存储库替换了该图像,该存储库使用相同的 “amazonlinux:2”,这次它在构建时安装 aws-cli,然后运行脚本来同步文件。

Dockerfile

FROM amazonlinux:2

RUN yum update -y && \
    yum install -y aws-cli && \
    mkdir -p /shared/s3-cache

COPY s3-sync-to-bucket.sh ./s3-sync-to-bucket.sh

ENTRYPOINT ["/bin/sh", "-c", "./s3-sync-to-bucket.sh"]

s3-sync-to-bucket.sh

#!/bin/sh
echo "syncing bucket"
aws s3 sync s3://$BUCKET_NAME /shared/s3-cache --delete --only-show-errors --quiet --exact-timestamps
touch /shared/s3-cache/uploaded
echo 'Files uploaded to bucket!'
trap 'exit 0' SIGTERM
while true; do sleep 10; done

更新了任务定义.json


{
  "family": "nginx-example-development2",
  "requiresCompatibilities": [
    "EC2"
  ],
  "taskRoleArn": <ecsTaskRole>,
  "executionRoleArn": <ecsTaskExecutionRole>,
  "networkMode": "bridge",
  "containerDefinitions": [
      {
      "name": "nginx-example-dev-sidecar",
      "image": <side-car-image>,
      "memory": 256,
      "cpu": 128,
      "essential": true,
      "environment": [
        {
          "name": "AWS_DEFAULT_REGION",
          "value": "eu-west-2"
        }
      ],
      "mountPoints": [
        {
          "sourceVolume": "shared-cache-volume",
          "containerPath": "/shared/s3-cache"
        }
      ],
      "healthCheck": {
        "command": ["CMD-SHELL", "test -f /shared/s3-cache/uploaded && echo 'ready' || exit 1"],
        "interval": 60,
        "timeout": 10,
        "retries": 1,
        "startPeriod": 30
      },
      "logConfiguration": {
        "logDriver": "awslogs",
        "options": {
          "awslogs-group": "nginx-example-dev-sidecar",
          "awslogs-region": <REGION>, 
          "awslogs-stream-prefix": "s3-sync"
        }
      }
    },
    {
      "name": "nginx-example-development2",
      "image": <nginx-image>,
      "linuxParameters": {
        "initProcessEnabled": true
      },
      "cpu": 128,
      "memoryReservation": 256,
      "essential": true,
      "dependsOn": [
        {
          "containerName": "nginx-example-dev-sidecar",
          "condition": "HEALTHY"
        }
      ],
      "mountPoints": [
        {
          "sourceVolume": "shared-cache-volume",
          "containerPath": "/usr/share/nginx/html/s3-cache"
        }
      ],
      "environment": [
        {
          "name": "ECS_CONTAINER_METADATA_URI",
          "value": ""
        }, {
          "name": "NGINX_PORT",
          "value": "8080"
        }
      ],
      "logConfiguration": {
        "logDriver": "awslogs",
        "options": {
          "awslogs-create-group": "true",
          "awslogs-group": "nginx-example-development2",
          "awslogs-region": <REGION>,
          "awslogs-stream-prefix": "ecs"
        }
      },
      "portMappings": [
        {
          "containerPort": 8080,
          "hostPort": 8080,
          "protocol": "tcp"
        }
      ],
      "healthCheck": {
        "command": [
          "CMD-SHELL",
          "/usr/local/bin/healthcheck.sh"
        ],
        "interval": 30,
        "timeout": 60,     
        "retries": 1, 
        "startPeriod": 30  
      }
    }
    
  ],
  "volumes": [
    {
      "name": "shared-cache-volume",
      "host": {
        "sourcePath": "/ecs/shared-cache"
      }
    }
  ]
}

现在可以按预期运行。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.