Each step was clearly explained and executed with clinical precision. It was straight to the point, without unnecessary chatter. The content was excellent. Keep up the fantastic work, and I'm eagerly anticipating watching your new videos. Thanks!
Thanks for the amazing videos. If anyone else is facing the issue with creation of s3 bucket with error related to region name, its because the bucket names are global and unique. Just change the bucket_name in locals in `src/5_Terraform_ECR_ECS/locals.tf`
Hi Rob @cumuluscycles, first of all, thank you so much for an amazing tutorial! I have one question, i have a private vpc setup with 2 subnets (just for demo purposes) how to make sure that my ecs cluster is using that vpc and not creating/using a new / default vpc? Thanks Secondly, do you have any platform where you do one on one trainings ? I love the way you explain things :) Thanks
Yes, because your TF backend config will be referencing a Bucket which no longer exists, since it was destroyed. You can get around this (HACK) by setting your backend to "local", running "terraform init -reconfigure", "terraform apply" then setting your remote backend and running "terraform init -reconfigure" again. I know it's a "hack", but it worked for me -- and I don't know of another way of restoring remote state after doing a destroy. If you find another way, please let me know.
@@YourAliasIsNotAvailableI manually created the S3 bucket and referenced it in the `main.tf` file, which resolved my issue. Additionally, to ensure that the ECR repository is forcefully removed when running `terraform destroy`, it is important to set the `force_delete` property to `true` in the ECR resource. This will ensure that the ECR repository is deleted even if it contains Docker images.
My task definition in AWS is showing an error that implies either network connectivity or access rights having faulty configuration while trying to pull the docker image from ecr to run as a task. Could it be because I’m using an already existing/defined task execution rule? And is it ok to just create another one but with a different name? PS: I love the calmness with which you explained what you were doing. And in general I’m missing the exceptional cases, like, what are some of the most occurring things that go wrong and how to fix them.
Sure, you could create a new Task Exec Role, but I'd suggest trying to figure out what's wrong with the existing Role (ex: missing permissions). See if this AWS Resource helps: docs.aws.amazon.com/AmazonECS/latest/developerguide/task_cannot_pull_image.html
At 20:31, you showed the successful deployment of the cluster and tasks. However, the Last deployment section in the Services tab shows the "Last deployment" is "In progress". Is this the expected behavior? Do we need to configure the health checks for the target group and load balancer?
@@cumuluscycles That totally makes sense. For some reason, I was using the image versus the url. Follow up question, since we are creating the demo-app-ecr-repo as a private repository, do we need extra IAM privileges or dependencies? Asking because when I tried to do the tutorial, I kept experiencing the following error: Error: creating ECS Service (cc-demo-app-service): InvalidParameterException: The target group with targetGroupArn arn:aws:elasticloadbalancing:us-east-1:339712971032:targetgroup/cc-demo-alb-tg/88fb8f6694cc49b0 does not have an associated load balancer. │ │ with module.ecsCluster.aws_ecs_service.demo_app_service, │ on demo-modules/ecs/ecs.tf line 100, in resource "aws_ecs_service" "demo_app_service": │ 100: resource "aws_ecs_service" "demo_app_service" { I have defined the alb as "aws_alb" "application_load_balancer", similar to your example. Was wondering if the alb is trying to be created out of order somehow.
Each step was clearly explained and executed with clinical precision. It was straight to the point, without unnecessary chatter. The content was excellent. Keep up the fantastic work, and I'm eagerly anticipating watching your new videos. Thanks!
Sir videos are very informative and clearly explained. Thanks for describing it in detail. looking for more videos like this. Thank you
this was great! concise, short and to the point no 4 hour bs. Thank you so much for the quality content
Glad you liked it!
Thank you!! very easy to follow
Sir, you are into completely different level of teaching, thank you for all those wonderfull sessions. Wishing you all the success
Thank you for putting this playlist together!
You're very welcome!
Thanks for the amazing videos. If anyone else is facing the issue with creation of s3 bucket with error related to region name, its because the bucket names are global and unique. Just change the bucket_name in locals in `src/5_Terraform_ECR_ECS/locals.tf`
Thank you mate, amazing explanation
Excellent, clearly explained :)
You sir, got yourself a new sub! Awesome video, looking forward to watching more videos from you :)
Thanks for this video sir, but I have one question: Why auto assign ip addresse to the fargate knowing that it will be accessible from alb?
Hi Rob @cumuluscycles, first of all, thank you so much for an amazing tutorial! I have one question, i have a private vpc setup with 2 subnets (just for demo purposes) how to make sure that my ecs cluster is using that vpc and not creating/using a new / default vpc? Thanks
Secondly, do you have any platform where you do one on one trainings ? I love the way you explain things :) Thanks
These videos are incredible.
I’m glad you’re finding them useful!
Thank you so much :)
@Cumulus great video. Just wondering will tf-state module not create issues while applying again after a destroy ?
Yes, because your TF backend config will be referencing a Bucket which no longer exists, since it was destroyed. You can get around this (HACK) by setting your backend to "local", running "terraform init -reconfigure", "terraform apply" then setting your remote backend and running "terraform init -reconfigure" again. I know it's a "hack", but it worked for me -- and I don't know of another way of restoring remote state after doing a destroy. If you find another way, please let me know.
Add
lifecycle {
prevent_destroy = true
}
to your state-bucket resource.
@@YourAliasIsNotAvailableI manually created the S3 bucket and referenced it in the `main.tf` file, which resolved my issue. Additionally, to ensure that the ECR repository is forcefully removed when running `terraform destroy`, it is important to set the `force_delete` property to `true` in the ECR resource. This will ensure that the ECR repository is deleted even if it contains Docker images.
My task definition in AWS is showing an error that implies either network connectivity or access rights having faulty configuration while trying to pull the docker image from ecr to run as a task.
Could it be because I’m using an already existing/defined task execution rule? And is it ok to just create another one but with a different name?
PS: I love the calmness with which you explained what you were doing. And in general I’m missing the exceptional cases, like, what are some of the most occurring things that go wrong and how to fix them.
Sure, you could create a new Task Exec Role, but I'd suggest trying to figure out what's wrong with the existing Role (ex: missing permissions). See if this AWS Resource helps: docs.aws.amazon.com/AmazonECS/latest/developerguide/task_cannot_pull_image.html
At 20:31, you showed the successful deployment of the cluster and tasks. However, the Last deployment section in the Services tab shows the "Last deployment" is "In progress".
Is this the expected behavior? Do we need to configure the health checks for the target group and load balancer?
I think that he missed a few things like building the container and pushing to the ecr registry and also adding healthchecks for the tgs.
@cumulus , great video , but after creation of s3 I am getting 409 error.
Thank you
New sub, thx
At 13:51, why did you set the name to var.ecr_repo_url?
Hi. That line defines the variable value that will be passed in, which contains the URL to the Docker Image in the ECR Repo. Does that make sense?
@@cumuluscycles That totally makes sense. For some reason, I was using the image versus the url. Follow up question, since we are creating the demo-app-ecr-repo as a private repository, do we need extra IAM privileges or dependencies? Asking because when I tried to do the tutorial, I kept experiencing the following error:
Error: creating ECS Service (cc-demo-app-service): InvalidParameterException: The target group with targetGroupArn arn:aws:elasticloadbalancing:us-east-1:339712971032:targetgroup/cc-demo-alb-tg/88fb8f6694cc49b0 does not have an associated load balancer.
│
│ with module.ecsCluster.aws_ecs_service.demo_app_service,
│ on demo-modules/ecs/ecs.tf line 100, in resource "aws_ecs_service" "demo_app_service":
│ 100: resource "aws_ecs_service" "demo_app_service" {
I have defined the alb as "aws_alb" "application_load_balancer", similar to your example. Was wondering if the alb is trying to be created out of order somehow.
@@cumuluscycles That makes perfect sense. For some reason I was adding the image tag vs the url. I got it to work successfully once I made the change.