bug: Running APISIX in AWS with AWS CDK hangs on deployment

[0xBradock]

Current Behavior

When deploying the CDK example it hangs when deploying ApiSixService.

Expected Behavior

It should finish deployment

Code `./bin/apigw.ts` (for reference) (👇 EDIT)

```typescript import { App, Duration, CfnOutput, Stack, StackProps } from 'aws-cdk-lib'; import { Port, Vpc } from 'aws-cdk-lib/aws-ec2'; import { Cluster, TaskDefinition, ContainerImage, Compatibility } from 'aws-cdk-lib/aws-ecs'; import { ApplicationLoadBalancedFargateService, NetworkLoadBalancedFargateService } from 'aws-cdk-lib/aws-ecs-patterns'; import { Construct } from 'constructs'; const app = new App(); const env = { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION, }; export class ApiSixStack extends Stack { constructor(scope: Construct, id: string, props?: StackProps) { super(scope, id, props); const vpc = Vpc.fromLookup(this, 'VPC', { isDefault: true, }); const cluster = new Cluster(this, 'Cluster', { vpc, }); /** * ApiSix service */ const taskDefinition = new TaskDefinition(this, 'TaskApiSix', { compatibility: Compatibility.FARGATE, memoryMiB: '512', cpu: '256', }); taskDefinition .addContainer('apisix', { image: ContainerImage.fromRegistry('iresty/apisix'), // 1️⃣ 👇 Added logging logging: LogDriver.awsLogs({ streamPrefix: 'apisix', logRetention: RetentionDays.ONE_MONTH }), }) .addPortMappings({ containerPort: 9080, }); taskDefinition .addContainer('etcd', { // image: ContainerImage.fromRegistry('gcr.azk8s.cn/etcd-development/etcd:v3.3.12'), // 1️⃣ 👇 Using oficial bitnami/etcd image // image: ContainerImage.fromRegistry('bitnami/etcd:latest'), // 2️⃣ 👇 Using usggested image from https://apisix.apache.org/docs/apisix/next/aws/ image: ContainerImage.fromRegistry('gcr.azk8s.cn/etcd-development/etcd:v3.3.12'), // 1️⃣ 👇 Added logging logging: LogDriver.awsLogs({ streamPrefix: 'etcd', logRetention: RetentionDays.ONE_MONTH }), // 1️⃣👇 required by bitnami/etcd {@see https://hub.docker.com/r/bitnami/etcd} environment: { ETCD_ENABLE_V2: 'true', ALLOW_NONE_AUTHENTICATION: 'yes', ETCD_ADVERTISE_CLIENT_URLS: 'http://127.0.0.1:2379', ETCD_LISTEN_CLIENT_URLS: 'http://127.0.0.1:2379', }, }) .addPortMappings({ containerPort: 2379, }); const svc = new ApplicationLoadBalancedFargateService(this, 'ApiSixService', { cluster, taskDefinition, }); svc.targetGroup.setAttribute('deregistration_delay.timeout_seconds', '30'); svc.targetGroup.configureHealthCheck({ interval: Duration.seconds(5), healthyHttpCodes: '404', healthyThresholdCount: 2, unhealthyThresholdCount: 3, timeout: Duration.seconds(4), }); /** * PHP service */ const taskDefinitionPHP = new TaskDefinition(this, 'TaskPHP', { compatibility: Compatibility.FARGATE, memoryMiB: '512', cpu: '256', }); taskDefinitionPHP .addContainer('php', { image: ContainerImage.fromRegistry('abiosoft/caddy:php'), }) .addPortMappings({ containerPort: 2015, }); const svcPHP = new NetworkLoadBalancedFargateService(this, 'PhpService', { cluster, taskDefinition: taskDefinitionPHP, assignPublicIp: true, }); // allow Fargate task behind NLB to accept all traffic svcPHP.service.connections.allowFromAnyIpv4(Port.tcp(2015)); svcPHP.targetGroup.setAttribute('deregistration_delay.timeout_seconds', '30'); svcPHP.loadBalancer.setAttribute('load_balancing.cross_zone.enabled', 'true'); new CfnOutput(this, 'ApiSixDashboardURL', { value: `http://${svc.loadBalancer.loadBalancerDnsName}/apisix/dashboard/`, }); } } new ApiSixStack(app, 'apisix-stack-dev', { env }); ```

Code `./bin/apigw.ts` Modification 3️⃣

```typescript import { App, Duration, Stack, StackProps } from 'aws-cdk-lib'; import { SubnetType, Vpc } from 'aws-cdk-lib/aws-ec2'; import { Cluster, ContainerImage, LogDriver, FargateTaskDefinition } from 'aws-cdk-lib/aws-ecs'; import { ApplicationLoadBalancedFargateService } from 'aws-cdk-lib/aws-ecs-patterns'; import { RetentionDays } from 'aws-cdk-lib/aws-logs'; import { Construct } from 'constructs'; const app = new App(); const env = { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION, }; export class ApiSixStack extends Stack { constructor(scope: Construct, id: string, props?: StackProps) { super(scope, id, props); const vpc = new Vpc(this, 'SkeletonVpc', { cidr: '172.31.0.0/16', natGateways: 1, maxAzs: 3, subnetConfiguration: [ { cidrMask: 20, name: 'public', subnetType: SubnetType.PUBLIC }, { cidrMask: 20, name: 'data', subnetType: SubnetType.PRIVATE_ISOLATED }, ], }); const cluster = new Cluster(this, 'apisix-cluster', { clusterName: 'service-cluster', containerInsights: true, vpc, }); const taskDefinition = new FargateTaskDefinition(this, 'apisix-task', { cpu: 256, memoryLimitMiB: 512, }); /** APISIX */ taskDefinition .addContainer('apisix-container', { image: ContainerImage.fromRegistry('apache/apisix'), logging: LogDriver.awsLogs({ streamPrefix: 'apisix', logRetention: RetentionDays.ONE_MONTH }), }) .addPortMappings({ containerPort: 9080, hostPort: 9080, }); /** ETCD */ taskDefinition .addContainer('etcd-container', { image: ContainerImage.fromRegistry('bitnami/etcd:latest'), logging: LogDriver.awsLogs({ streamPrefix: 'etcd', logRetention: RetentionDays.ONE_MONTH }), environment: { ETCD_ENABLE_V2: 'true', ALLOW_NONE_AUTHENTICATION: 'yes', ETCD_ADVERTISE_CLIENT_URLS: 'http://127.0.0.1:2379', ETCD_LISTEN_CLIENT_URLS: 'http://127.0.0.1:2379', }, }) .addPortMappings({ containerPort: 2379, hostPort: 2379, }); const svc = new ApplicationLoadBalancedFargateService(this, 'etcd-albfgs', { assignPublicIp: true, cluster, circuitBreaker: { rollback: true }, memoryLimitMiB: 512, cpu: 256, listenerPort: 80, desiredCount: 1, taskDefinition, }); svc.targetGroup.configureHealthCheck({ interval: Duration.seconds(5), healthyHttpCodes: '404', healthyThresholdCount: 2, unhealthyThresholdCount: 3, timeout: Duration.seconds(4), }); } } new ApiSixStack(app, 'apisix-stack-dev', { env }); ```

Error Logs

Modification 1️⃣

There were no logs for the service neither for task

Modification 2️⃣

There were no logs for the service neither for task

Modification 3️⃣

etcd-service.csv apisix-service.csv apisix-task.csv etcd-task.csv

Steps to Reproduce

1. Have a CDK working
2. Copy the contents of the example
3. cdk deploy <stack-name>

Environment

• CDK version (run cdk --version): 2.128.0 (build d995261)
• APISIX version (run apisix version): iresty/apisix
• Operating system (run uname -a): AWS ECS
• OpenResty / Nginx version (run openresty -V or nginx -V): N/A
• etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info): gcr.azk8s.cn/etcd-development/etcd:v3.3.12
• APISIX Dashboard version, if relevant: N/A
• Plugin runner version, for issues related to plugin runners: N/A
• LuaRocks version, for installation issues (run luarocks --version): N/A

[shreemaan-abhishek]

are there any error logs?