Terraform: CreateService error: host port mapping for the container port is required

I've also confirmed this is an issue on 0.7.5

How your service configuration looks like?

Mine looks like this - and I have the same issue:

resource "aws_ecs_service" "api-ecs-service" {
  name = "${var.app_name}-${var.environment}-api"  
  cluster = "${aws_ecs_cluster.ecs-cluster.id}"  
  task_definition = "${aws_ecs_task_definition.api-task.arn}"  
  desired_count = 2
  iam_role = "${aws_iam_role.ecsServiceRole.name}"  
  load_balancer {  
    elb_name = "${aws_elb.api-lb.name}"    
    container_name = "${var.app_name}-api"    
    container_port = 5000    
    host_port      = 80    
  }  
  depends_on = ["aws_iam_role.ecsInstanceRole"]  
}

This seems to be a logical issue. How should the ELB map to a random container port?

The solution would be to remove the elb and use another proxy/loadbalancer which asks consul-dns/http-api for service xy or via hot config reloading if the services comes online or goes offline.

So this was the reason why I asked for the missing service configuration or in other words, do you use an ELB ? ;)

As I understand it, this is a supported configuration in ECS now? You can map container ports to a specified port on the ELB, rather than using containerPort->hostPort->ELB

But, looking into it again, maybe that's because I need to use an ALB, rather than an ELB?

Correct, its a feature supported in ECS with an ALB. From the AWS docs:

The port number on the container instance to reserve for your container. You can specify a non-reserved host port for your container port mapping (this is referred to as static host port mapping), or you can omit the hostPort (or set it to 0) while specifying a containerPort and your container will automatically receive a port (this is referred to as dynamic host port mapping) in the ephemeral port range for your container instance operating system and Docker version.

The issue with not being able to set it to zero is that right now you can only run a maximum density of one type of task per physical instance.

Hi folks,
@adamgotterer I don't think the hostPort was ever required _on the Terraform's side_. The error you pasted is just an error Terraform got from the AWS API - you may spot the status code & request id which are both suggesting this is coming from the API.

* aws_ecs_service.splash: InvalidParameterException: A host port mapping for the container port 8050 is required.
        status code: 400, request id: 4c62c49b-8cb1-11e6-80b6-f7589245b505

While we don't control the AWS API and cannot control the requirements on that side it seems the behaviour has changed since you opened this issue and it is now possible to omit the parameter.

Taking your original example:

resource "aws_ecs_task_definition" "splash" {
  family = "splash"
  container_definitions = <<DEFINITION
[
  {
    "name": "splash",
    "image": "scrapinghub/splash:2.2",
    "cpu": 10,
    "memory": 250,
    "essential": true,
    "portMappings": [
      {
        "containerPort": 8050,
        "protocol": "tcp"
      }
    ]
  }
]
DEFINITION
}

$ terraform apply
aws_ecs_task_definition.splash: Creating...
  arn:                   "" => "<computed>"
  container_definitions: "" => "5f2e0af7cb97721d04ae576964ffebb66b2aae4f"
  family:                "" => "splash"
  network_mode:          "" => "<computed>"
  revision:              "" => "<computed>"
aws_ecs_task_definition.splash: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Feel free to check out a full example with ECS & ALB (courtesy of @catsby, I just removed the hostPort to verify & demonstrate it works):
https://github.com/radeksimko/ecs_loadbalancing_demo/tree/remove-optional-host-port

I've tested your example w/ both latest version (current master) and 0.7.5. Do let me know if the problem persists.

@alitheg I believe that this is a separate problem and I don't think that host_port parameter was ever supported in the aws_ecs_service's load_balancer block. ECS TD & ELB/ALB configuration is mainly responsible for the instance/LB port mapping along with ECS agent.

I just tested omitting the hostport as well as setting it to zero on Terraform v0.8.2 and it's working as expected. Thank you!

hi, i get the same error with the last terraform version on macos

Terraform v0.12.21

• provider.aws v2.51.0
• provider.template v2.1.2

any idea ?

https://github.com/hashicorp/terraform/issues/24274

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.