Amazon ECS stopped tasks error codes for the Amazon EC2 launch type - Amazon Elastic Container Service

Amazon ECS stopped tasks error codes for the Amazon EC2 launch type

The following are the possible error messages you may receive when your EC2 task is stopped unexpectedly. The error messages are returned by the container agent and the prefix is dependent on the platform version the task is using.

To check your stopped tasks for an error message using the AWS Management Console, see View Amazon ECS stopped task errors.

TaskFailedToStart errors for Amazon EC2

The following are some TaskFailedToStart error messages and actions that you can take to fix the errors.

Unexpected EC2 error while attempting to Create Network Interface with public IP assignment enabled in subnet 'subnet-id': InsufficientFreeAddressesInSubnet

This happens when a task that uses the aswsvpc network mode and runs in a subnet with a public IP address, and the subnet does not have enough IP addresses.

The number of available IP addresses is available on the subnet details page in the Amazon EC2 console, or by using describe-subnets. For more information, see View your subnet in the Amazon VPC User Guide.

To fix this issue, you can create a new subnet to run your task in.

The selected task definition is not compatible with the selected compute strategy

This error occurs when you chose a task definition with a launch type that does not match the cluster capacity type. For more information, see Amazon ECS launch types. You need to select a task definition that matches the capacity provider assigned to your cluster.

RESOURCE:ENI

This error occurs when your cluster doesn't have any available elastic network interface attachment points, which are required for tasks that use the awsvpc network mode. Amazon EC2 instances have a limit to the number of network interfaces that can be attached to them, and the primary network interface counts as one. For more information about how many network interfaces are supported for each instance type, see IP Addresses Per Network Interface Per Instance Type in the Amazon EC2 User Guide for Linux Instances.

RESOURCE:GPU

This error occurs when the number of GPUs requested by the task are unavailable and you might need to add GPU-enabled container instances to your cluster. For more information, see Amazon ECS task definitions for GPU workloads.

AGENT

This error occurs when the container instance that you attempted to launch a task onto has an agent that's currently disconnected. To prevent extended wait times for task placement, the request was rejected.

For information about how to troubleshoot an agent that's disconnected, see How do I troubleshoot a disconnected Amazon ECS agent.

LOCATION

This error occurs when the container instance that you attempted to launch a task onto is in a different Availability Zone than the subnets that you specified in your awsVpcConfiguration.

ATTRIBUTE

This error occurs when the task definition contains a parameter that requires a specific container instance attribute that isn't available on your container instances. For example, if your task uses the awsvpc network mode, but there are no instances in your specified subnets with the ecs.capability.task-eni attribute. For more information about which attributes are required for specific task definition parameters and agent configuration variables, see Amazon ECS task definition parameters and Amazon ECS container agent configuration.

MISSING

This error occurs when the container instance that you attempted to launch the task onto can't be found. Check if the wrong cluster or Region is specified, or the container instance ARN or ID is misspelled.

INACTIVE

This error occurs when the container instance that you attempted to launch a task onto was previously deregistered with Amazon ECS and can't be used.

ResourceInitializationError errors for Amazon EC2

The following are some ResourceInitializationError error messages and actions that you can take to fix the errors.

failed to initialize logging driver: <reason>

This error occurs when your task fails to find the CloudWatch log group you defined in the task definition. For information about how to debug and fix this issue, see How do I resolve the "ResourceInitializationError: failed to validate logger args" error in Amazon ECS on AWS re:Post.

unable to pull secrets or registry auth: execution resource retrieval failed: unable to get registry auth from asm

Fargate platform version 1.4.0 does not have a network path from the VPC where your task runs to the Amazon ECR repository, or Secrets Manager.

You can use any of the following solutions:

  • Launch your tasks into a public subnet with a public IP address and that uses an internet gateway. This internet gateway allows your tasks to communicate with the Amazon ECR repository, or Secrets Manager. For more information, see Public subnet and internet gateway.

  • Launch tasks in a private subnet that has a VPC routing table configured to route outbound traffic via a NAT gateway in a public subnet. For more information, see Private subnet and NAT gateway.

  • Launch tasks in a private subnet and make sure you have AWS PrivateLink endpoints configured in your VPC, for the services you need (for example, Amazon ECR). For more information, see Amazon ECS interface VPC endpoints (AWS PrivateLink).

ecr:GetAuthorizationToken

The task must have the task execution role. For information about the role see Amazon ECS task execution IAM role.

SpotInterruption errors for Amazon EC2

The following are some SpotInterruption error messages and actions that you can take to fix the errors.

SpotInterruption

This error occurs when there are no available Spot Instances or EC2 takes back Spot capacity.

You can have your instances run in multiple Availability Zones to allow for more capacity.