Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BATCH] [request]: Allow control of Task Definition Network Configurations on Batch ECS/EC2 #2332

Open
vinibiso opened this issue Apr 19, 2024 · 0 comments
Open

[BATCH] [request]: Allow control of Task Definition Network Configurations on Batch ECS/EC2 #2332

vinibiso opened this issue Apr 19, 2024 · 0 comments
Labels
Proposed Community submitted issue

Comments

@vinibiso
Copy link

Community Note

  • Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about your request
Allow for a way to either:

  • Set on Batch Job Definition the Task definition instead of just the container it should run
  • Ability to configure networking configurations of the task definitions when launched on ECS EC2, specifically the Network mode.

Which service(s) is this request for?
Batch with ECS/EC2

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Ultimately we want to be able to use Batch to run our batch processes.
Today we run multiple ECS containers in every 10 minutes or so for multiple of our clients. These are running on an ECS/EC2 Cluster with a Capacity provider. The task definition is in AWSVPC mode which make the container have a security group.
This is important because our databases allow only specific security groups.
On trying to proof of concept batch, I created the Computing environment using the exact same definitions(subnet and security group) of the ones we use today on our working ECS/EC2/CapacityProvider/LaunchConfiguration setup.
Than I create the Job Definition with the exact same container that works today.
When running a Job I found out that the ECS Task Definition created by the Batch Job Definition when using ECS/EC2 set the network configuration to be Host by default.
Which mean the Task spawned by the Batch Job doesn't have an ENI or security group. And in theory, since it is in Host mode, it should be using the Security group and ENI of the host.
However, the container that ran can't seem to access the DB. Almost like it doesn't have access to the network.
Keep in mind that this container running is a script to check data, not a service, so the container is not mapped to any port.
So the only way I can see this working is if in the Batch Job Definition I was allowed to tell which network mode the Task definition create by it should have. Which would be AWSVPC, which is the same one of the manual setup we have that works.

Are you currently working around this issue?
It's impossible to use batch for our use case right now.
I'm working around it by doing manual batching using an ECS/EC2 cluster and using a container to check if the containers spawn.
But we wanted to use Batch to take advantage of the underling balancing system of EC2 instances and Queuing
@vinibiso vinibiso added the Proposed Community submitted issue label Apr 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Proposed Community submitted issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@vinibiso