Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Container port mappings are not shown in ECS metadata response on Fargate #4291

Open
hmahmood opened this issue Aug 16, 2024 · 6 comments
Open

Comments

@hmahmood
Copy link

hmahmood commented Aug 16, 2024

Summary

Not seeing the Ports field on container metadata in a response for the /task endpoint from a V4 metadata endpoint.

Description

The task definition has the portMappings field populated like so for the container:

            "portMappings": [
                {
                    "name": "nginx-80-tcp",
                    "containerPort": 80,
                    "hostPort": 80,
                    "protocol": "tcp"
                }

Expected Behavior

Observed Behavior

Environment Details

ECS Fargate

Supporting Log Snippets

@hmahmood
Copy link
Author

hmahmood commented Oct 4, 2024

Any insight into this? Is this a bug or something is missing from the task definition?

@amogh09
Copy link
Contributor

amogh09 commented Oct 9, 2024

Hi @hmahmood . There is no /tasks V4 metadata endpoint. Do you mean /task endpoint?

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint-v4-fargate.html

@hmahmood
Copy link
Author

hmahmood commented Oct 9, 2024

Hi @hmahmood . There is no /tasks V4 metadata endpoint. Do you mean /task endpoint?

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint-v4-fargate.html

Sorry, yes, that is what I meant.

@amogh09
Copy link
Contributor

amogh09 commented Oct 14, 2024

@hmahmood Port mappings are not applicable to awsvpc network mode and that's why task metadata does not include it in its response.

I see that documentation of portMappings suggests that it may be used with awsvpc network mode but in fact it's redundant.

For task definitions (both the Fargate and EC2 launch type) that use the awsvpc network mode, only specify the containerPort. The hostPort is always ignored, and the container port is automatically mapped to a random high-numbered port on the host.

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions

@hmahmood
Copy link
Author

Thanks @amogh09 . I also see this on the same page:

Note
After a task reaches the RUNNING status, manual and automatic host and container port assignments are visible in the following locations:

Console: The Network Bindings section of a container description for a selected task.

AWS CLI: The networkBindings section of the describe-tasks command output.

API: The DescribeTasks response.

Metadata: The task metadata endpoint.

I am not seeing the automatic port assignment from the task metadata endpoint as the blurb above claims.

@amogh09
Copy link
Contributor

amogh09 commented Dec 19, 2024

@hmahmood There is no port assignment when using awsvpc network mode. Task gets a dedicated ENI and network namespace in awsvpc network mode and does not use the host's default ENI and network namespace.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants