Amazon-ecs-agent: Fargate: CannotPullContainerError: - the error is displayed for alredy successfully configured services
Hello.
I set up several Fargate services in one cluster several days ago, and it worked like a charm.
But suddenly several days ago half of the services are down, because of the next error
CannotPullContainerError: API error (500): Get https://xxx.dkr.ecr.us-east-1.amazonaws.com/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
I suppose no modifications were done, but I tried to investigate the problem and checked all possible solutions, which are suggested here
https://github.com/aws/amazon-ecs-agent/issues/1128
And all suggested solutions are met in my environment:
- Public IP is enabled for Fargate Service
- Seciruty group is configured with allowing of outbound access for all kind of information.
Did something is changed during last few days or some problems on Amazon appear?
smuryginim
All 2 comments
The problem was with routing table. The answer is
- If you are launching a task without a public IP, make sure that the route table on the subnet has "0.0.0.0/0" going to a NAT Gateway or NAT instance to ensure access to the internet. If your route table has an internet gateway, this is acting like a firewall and preventing the connection from being made. If you are launching a task with a public IP, make sure that the route table on the subnet has "0.0.0.0/0" going to an internet gateway to ensure you will be able to use the public IP successfully for ingress traffic.
smuryginim
on 27 Feb 2018
@smuryginim I am facing a similar issue. My subnet is private with route table entry 0.0.0.0/0 to nat gateway and security group allows all outbound traffic. But I still cannot pull images. Do security group's inbound rules matter?
abhyuditjain
on 28 Jan 2020
Related issues
YurgenUA
路
3Comments
AbelGuti
路
5Comments
flowirtz
路
5Comments
MartinMitro
路
3Comments
sparrc
路
4Comments
Most helpful comment
The problem was with routing table. The answer is