You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
Tell us about your request
Allow for a way to either:
Set on Batch Job Definition the Task definition instead of just the container it should run
Ability to configure networking configurations of the task definitions when launched on ECS EC2, specifically the Network mode.
Which service(s) is this request for?
Batch with ECS/EC2
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Ultimately we want to be able to use Batch to run our batch processes.
Today we run multiple ECS containers in every 10 minutes or so for multiple of our clients. These are running on an ECS/EC2 Cluster with a Capacity provider. The task definition is in AWSVPC mode which make the container have a security group.
This is important because our databases allow only specific security groups.
On trying to proof of concept batch, I created the Computing environment using the exact same definitions(subnet and security group) of the ones we use today on our working ECS/EC2/CapacityProvider/LaunchConfiguration setup.
Than I create the Job Definition with the exact same container that works today.
When running a Job I found out that the ECS Task Definition created by the Batch Job Definition when using ECS/EC2 set the network configuration to be Host by default.
Which mean the Task spawned by the Batch Job doesn't have an ENI or security group. And in theory, since it is in Host mode, it should be using the Security group and ENI of the host.
However, the container that ran can't seem to access the DB. Almost like it doesn't have access to the network.
Keep in mind that this container running is a script to check data, not a service, so the container is not mapped to any port.
So the only way I can see this working is if in the Batch Job Definition I was allowed to tell which network mode the Task definition create by it should have. Which would be AWSVPC, which is the same one of the manual setup we have that works.
Are you currently working around this issue?
It's impossible to use batch for our use case right now.
I'm working around it by doing manual batching using an ECS/EC2 cluster and using a container to check if the containers spawn.
But we wanted to use Batch to take advantage of the underling balancing system of EC2 instances and Queuing
The text was updated successfully, but these errors were encountered:
Community Note
Tell us about your request
Allow for a way to either:
Which service(s) is this request for?
Batch with ECS/EC2
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Ultimately we want to be able to use Batch to run our batch processes.
Today we run multiple ECS containers in every 10 minutes or so for multiple of our clients. These are running on an ECS/EC2 Cluster with a Capacity provider. The task definition is in AWSVPC mode which make the container have a security group.
This is important because our databases allow only specific security groups.
On trying to proof of concept batch, I created the Computing environment using the exact same definitions(subnet and security group) of the ones we use today on our working ECS/EC2/CapacityProvider/LaunchConfiguration setup.
Than I create the Job Definition with the exact same container that works today.
When running a Job I found out that the ECS Task Definition created by the Batch Job Definition when using ECS/EC2 set the network configuration to be Host by default.
Which mean the Task spawned by the Batch Job doesn't have an ENI or security group. And in theory, since it is in Host mode, it should be using the Security group and ENI of the host.
However, the container that ran can't seem to access the DB. Almost like it doesn't have access to the network.
Keep in mind that this container running is a script to check data, not a service, so the container is not mapped to any port.
So the only way I can see this working is if in the Batch Job Definition I was allowed to tell which network mode the Task definition create by it should have. Which would be AWSVPC, which is the same one of the manual setup we have that works.
Are you currently working around this issue?
It's impossible to use batch for our use case right now.
I'm working around it by doing manual batching using an ECS/EC2 cluster and using a container to check if the containers spawn.
But we wanted to use Batch to take advantage of the underling balancing system of EC2 instances and Queuing
The text was updated successfully, but these errors were encountered: