Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(ecs): nat network mode for windows tasks #4317

Merged
merged 11 commits into from
Oct 3, 2019

Conversation

kolomied
Copy link
Contributor

@kolomied kolomied commented Oct 1, 2019

Add NAT network mode to support Windows container networking.
This is the only network mode supported by Windows.
See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html for additional details.

fixes #4272


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

Add NAT network mode to support Windows container networking.
This is the only network mode supported by Windows.
See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html for additional details.

fixes aws#4272
@kolomied kolomied requested a review from SoManyHs as a code owner October 1, 2019 14:37
@mergify
Copy link
Contributor

mergify bot commented Oct 1, 2019

Thanks so much for taking the time to contribute to the AWS CDK ❤️

We will shortly assign someone to review this pull request and help get it
merged. In the meantime, please take a minute to make sure you follow this
checklist
:

  • PR title type(scope): text
    • type: fix, feat, refactor go into CHANGELOG, chore is hidden
    • scope: name of module without aws- or cdk- prefix or postfix (e.g. s3 instead of aws-s3-deployment)
    • text: use all lower-case, do not end with a period, do not include issue refs
  • PR Description
    • Rationale: describe rationale of change and approach taken
    • Issues: indicate issues fixed via: fixes #xxx or closes #xxx
    • Breaking?: last paragraph: BREAKING CHANGE: <describe what changed + link for details>
  • Testing
    • Unit test added. Prefer to add a new test rather than modify existing tests
    • CLI or init templates change? Re-run/add CLI integration tests
  • Documentation
    • README: update module README to describe new features
    • API docs: public APIs must be documented. Copy from official AWS docs when possible
    • Design: for significant features, follow design process

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@kolomied
Copy link
Contributor Author

kolomied commented Oct 1, 2019

@SoManyHs I'm afraild I need you help here - here is the error from the build:

Installing from NPM...
npm ERR! code ETARGET
npm ERR! notarget No matching version found for @aws-cdk/aws-ec2@^1.10.1.
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! notarget 
npm ERR! notarget It was specified as a dependency of '@aws-cdk/aws-servicediscovery'
npm ERR! notarget 

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2019-10-01T15_27_25_592Z-debug.log

[Container] 2019/10/01 15:27:25 Command did not exit successfully /bin/bash ./build.sh exit status 1
[Container] 2019/10/01 15:27:25 Phase complete: BUILD State: FAILED
[Container] 2019/10/01 15:27:25 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: /bin/bash ./build.sh. Reason: exit status 1

Just successfully re-run ./build.sh locally without any errors. I'm puzzled because I didn't change ec2 module at all.

@piradeepk piradeepk self-assigned this Oct 1, 2019
}

private renderNetworkMode(networkMode: NetworkMode): string | undefined {
// 'NAT' is the only supported network mode for Windows containers,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since it is also explained in the ENUM def, I think you can combine those lines of comment into the ENUM one.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, makes sense. Thanks!

@rix0rrr rix0rrr self-assigned this Oct 2, 2019
@rix0rrr rix0rrr requested a review from piradeepk October 2, 2019 08:24
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@@ -428,6 +428,14 @@ export class TaskDefinition extends TaskDefinitionBase {
private findContainer(containerName: string): ContainerDefinition | undefined {
return this.containers.find(c => c.containerName === containerName);
}

private isEphemeralPortMappingSupported(networkMode: NetworkMode): boolean {
return networkMode === NetworkMode.BRIDGE || networkMode === NetworkMode.NAT;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: personally, I'd prefer these conditions in the if statement itself, just to allow for ease of debugging.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No problem, will address that

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@piradeepk piradeepk added the @aws-cdk/aws-ecs Related to Amazon Elastic Container label Oct 2, 2019
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Copy link
Contributor

@piradeepk piradeepk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ship it! @kolomied, thanks for taking the time to fix this issue!

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Oct 3, 2019

Thank you for contributing! Your pull request is now being automatically merged.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify mergify bot merged commit 9ceb995 into aws:master Oct 3, 2019
@kolomied kolomied deleted the kolomied/nat-networkmode branch October 3, 2019 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
@aws-cdk/aws-ecs Related to Amazon Elastic Container
Projects
None yet
Development

Successfully merging this pull request may close these issues.

ECS: TaskDefinition.network mode does not support empty (aka <default>) value
5 participants