amazon-web-services - 在ECS中附加Volume EFS

尝试将EFS文件系统与ECS一起安装时，出现以下错误:
ResourceInitializationError:无法调用EFS utils命令来设置EFS卷:stderr:mount.nfs4:对等方重置连接:EFS utils命令执行失败；码:32
我的堆栈:

---
  AWSTemplateFormatVersion: "2010-09-09"
  Description: "Template Test"
  Outputs:
    FileSystemID:
      Description: "File system ID"
      Value:
        Ref: FileSystem
  Parameters:
    VolumeName:
      Default: myEFSvolume
      Description: "The name to be used for the EFS volume"
      MinLength: "1"
      Type: String
  Resources:
    ECSCluster:
      Properties:
        ClusterName: jenkins-cluster
      Type: "AWS::ECS::Cluster"
    EFSMountTarget1:
      Properties:
        FileSystemId:
          Ref: FileSystem
        SecurityGroups:
          - "sg-0082cea75ba714505"
        SubnetId: "subnet-0f0b0d3aaada62b6c"
      Type: "AWS::EFS::MountTarget"
    FileSystem:
      Properties:
        Encrypted: true
        FileSystemTags:
          - Key: Name
            Value:
              Ref: VolumeName
        PerformanceMode: generalPurpose
      Type: "AWS::EFS::FileSystem"
    JenkinsService:
      Type: "AWS::ECS::Service"
      Properties:
        Cluster:
          Ref: ECSCluster
        DesiredCount: 2
        LaunchType: FARGATE
        NetworkConfiguration:
          AwsvpcConfiguration:
            AssignPublicIp: ENABLED
            SecurityGroups:
              - "sg-0082cea75ba714505"
            Subnets:
              - "subnet-0f0b0d3aaada62b6c"
        PlatformVersion: "1.4.0"
        ServiceName: JenkinsService

        TaskDefinition:
          Ref: JenkinsTaskDef
    JenkinsTaskDef:
      Type: "AWS::ECS::TaskDefinition"
      Properties:
        Cpu: 2048
        Memory: 4096
        Family: efs-example-task-fargate
        NetworkMode: awsvpc
        TaskRoleArn: "arn:xxxxx/ecs"
        ExecutionRoleArn: "arn:xxxxxx:role/ecs"
        RequiresCompatibilities:
          - FARGATE
        ContainerDefinitions:
          - Cpu: 1024
            Memory: 2048
            PortMappings:
              - HostPort: 8080
                ContainerPort: 8080
              - HostPort: 50000
                ContainerPort: 50000
            image: "xxxxxxx.dkr.ecr.us-east-1.amazonaws.com/sample:latest"
            mountPoints:
              - containerPath: /var/jenkins_home
                readOnly: false
                sourceVolume: myEfsVolume
            name: jenkins
        volumes:
          - name: myEfsVolume
            efsVolumeConfiguration:
              fileSystemId:
                Ref: FileSystem
              rootDirectory: /var/jenkins_home
              transitEncryption: ENABLED

我正在根据文档执行:
https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_EFSVolumeConfiguration.html

最佳答案

您需要在网络接口(interface)和任务定义的安全组上打开入站端口2049。即使将其设置为为您创建安全组，它也不会自动设置。

关于amazon-web-services - 在ECS中附加Volume EFS，我们在Stack Overflow上找到一个类似的问题：https://stackoverflow.com/questions/63181122/