aws/amazon-ssm-agent

aws ssm start-session fails with TargetNotConnected on ECS on Fargate

ganeshgk opened this issue · 2 comments

ganeshgk commented

I have ECS running with Fargate launchtype: the containers are running successfully, however to troubleshoot/debug an issue I tried the
AWS ECS Exec, however while trying with the https://github.com/aws-containers/amazon-ecs-exec-checker all checks are passed, it only shows in red

 Managed Agent Status
    ----------
         1. STOPPED (Reason: null) for "containernameredacted" - LastStartedAt: null

Since there are many reports of ECS Exec not working & based on this comment #361 (comment) I tried using the

aws ssm start-session --target ecs:.... but it throws TargetNotConnected error,


aws ssm start-session --target ecs:clusternameredacted_e7e36d0d4e744104bd4d225c44daddfe_e7e36d0d4e744104bd4d225c44daddfe-3839356491

An error occurred (TargetNotConnected) when calling the StartSession operation: ecs:clusternameredacted_e7e36d0d4e744104bd4d225c44daddfe_e7e36d0d4e744104bd4d225c44daddfe-3839356491 is not connected

so my questions is

  • is it not possible to connect to containers running on ECS with fargate launchtype
  • Is any config missing for the aws ssm start-session for ECS Fargate?
    If somebody has already faced this targetnotconnected for ssm start-session please do guide on the solution?
bcmedeiros commented

I struggled with a similar problem for hours, and running the ECS task with --enable-execute-command fixed the problem for me. ECS services can also be configured to spawn their tasks with that flag on.

This is really weird since nothing on https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-troubleshooting.html mentioned this flag, and SSM and ECS Exec not exactly the same thing AFAICS.

Anyway, I hope this helps.

ziwangj commented

Thanks for reaching out. Did above answer solve the issue you had? If not, can you please provide the below information for further investigation?

  1. The agent and SSMCLI version: https://docs.aws.amazon.com/systems-manager/latest/userguide/plugin-version-history.html https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent-get-version.html
  2. The agent log: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-agent-logs.html