Placement constraints are not supported with FARGATE.

lockwobr commented 2 years ago

Summary

I was trying to add to existing ECS services a placement constraint. I applied this with no issues. I later tried to create a new service with this same placement constraint and got the below error. This issue corrupted my state file. I could not revert the existing ECS services, nor could I destroy them. To fix my state file I had to remove all ECS services from the state file, then manually delete the services outside of terraform and then recreate them to fix the state file.

placement_constraints {
    type       = "memberOf"
    expression = "attribute:ecs.availability-zone not_in [us-east-1e]" // use1-az3
 }

Because I had these issues it then tried to add the same constraint on the task definition and got another error. I was lucky this time it was on create, so it didn't mess up the state file.

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform v1.0.8
on darwin_arm64
+ provider registry.terraform.io/hashicorp/archive v2.2.0
+ provider registry.terraform.io/hashicorp/aws v4.25.0

Affected Resource(s)

aws_ecs_task_definition
aws_ecs_service

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

# ECS Service
resource aws_ecs_service extract {
  launch_type = "FARGATE"
  platform_version = "LATEST"
  name            = local.extract_ecs_name
  cluster         = "arn:aws:ecs:us-east-1:${data.aws_caller_identity.this_caller.account_id}:cluster/${local.ecs_cluster_name}"
  task_definition = aws_ecs_task_definition.extract.arn
  desired_count   = var.extract_count
  deployment_minimum_healthy_percent = 0
  deployment_maximum_percent = 100

  propagate_tags = "SERVICE"

  deployment_controller {
    type = "ECS" # Rolling deployment (can only blue/green with Code Deploy)
  }

  network_configuration {
    subnets = var.subnets
    security_groups = ["sg-foobar"]
    assign_public_ip = true
  }
  tags = local.tags

###### this is issues
  placement_constraints {
    type       = "memberOf"
    expression = "attribute:ecs.availability-zone not_in [us-east-1e]" // use1-az3
 }
###### end issue

  lifecycle {
    ignore_changes = [
      task_definition,
      launch_type,
      platform_version,
      name,
      task_definition,
      desired_count,
      deployment_minimum_healthy_percent,
      deployment_maximum_percent,
      health_check_grace_period_seconds,
      deployment_controller
    ]
  }
}

Debug Output

Actual Behavior

ECS Service error.

│ Error: error creating ECS service (reso_tx_hris_sqs_joiner): InvalidParameterException: Placement constraints are not supported with FARGATE launch type.
│ 
│   with module.reso_ingest["tx_hris"].aws_ecs_service.joiner,
│   on ingest_module/ecs.tf line 180, in resource "aws_ecs_service" "joiner":
│  180: resource aws_ecs_service joiner {
│

ECS Task Definition error.

│ Error: failed creating ECS Task Definition (rets_recolorado_extract): ClientException: Fargate compatible task definitions do not support constraints
│
│   with module.rets_ingest[“recolorado”].aws_ecs_task_definition.extract,
│   on ingest_module/ecs.tf line 250, in resource “aws_ecs_task_definition” “extract”:
│  250: resource aws_ecs_task_definition extract {

Steps to Reproduce

ECS Service Issue.

Create a Fargate ECS service.
Once created add a placement constraint
After a constraint is added try to remove the constraint. This will really mess up your state file, and put in a very hard-to-correct state.

ECS Task Definition issue.

Create a task definition for ecs and include this, it will fail to create the task definition.

placement_constraints {
type       = "memberOf"
expression = "attribute:ecs.availability-zone not_in [us-east-1e]" // use1-az3
}

Important Factoids

I was able to check from the awscli the placement_constraint did exist in both cases (service, task).
This seems like 2 bugs but are related I feel so I am opening one issue.

trevorrea commented 2 years ago

This is an interesting one as I understood that placement constraints were not supported by Fargate at all.

See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement.html where it says "Task placement strategies and constraints aren't supported for tasks using the Fargate launch type. Fargate tasks are spread across Availability Zones"

So to me the bug is that the provider allowed you to create a placement constraint at all when it's not supported.

github-actions[bot] commented 2 weeks ago

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!

hashicorp / terraform-provider-aws