This message was deleted.
# aws
s
This message was deleted.
b
you’ll likely need to debug in the AWS console there, the task is likely crashlooping
j
So you think my Pulumi logic looks ok?
b
yep, can’t see any issues with it there
one thing to check: you’ve defined a privaye subnet somwhere. Does that have NAT gateway? can the task pull the image correctly?
j
Yes, I defined the NAT gw as part of my VPC resource.
Copy code
# Reduces # of NatGateways to save $$$ NOT intended for production
    nat_gateways=awsx.ec2.NatGatewayConfigurationArgs(
        strategy = awsx.ec2.NatGatewayStrategy.SINGLE
q
Definitely look at the task running to troubleshoot. • You could set a desired count to 0 and start it manually in AWS Console first, to allow deployment to complete before troubleshooting it. • Add a deployment circuit breaker setting to make ECS roll back the deployment on failure, when you have something that is a stable version, for future deployments. Is the security open properly for ingress and egress?
j
Thanks @quaint-hydrogen-7228 I will try that. Ingress/Egress is open
Copy code
description = "Allow web traffic for cluster",
    vpc_id = vpc.vpc_id,
    ingress = [aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 80 inbound from Internet",
        from_port = 80,
        to_port = 80,
        protocol = "tcp",
        cidr_blocks = ["0.0.0.0/0"]
    )],
    egress = [aws.ec2.SecurityGroupEgressArgs(
        description = "Allow all traffic out from cluster",
        from_port = 0,
        to_port = 0,
        protocol = "tcp",
        cidr_blocks = ["0.0.0.0/0"]
    )]