Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update health check #230

Closed
wants to merge 1 commit into from
Closed

Update health check #230

wants to merge 1 commit into from

Conversation

dylanratcliffe
Copy link
Member

No description provided.

@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 1, 2025

mapped Expected Changes

replaced ecs-task-definition › facial-recognition-terraform-example 
--- current
+++ planned
@@ -1,27 +1,27 @@
-arn: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:7
-arn_without_revision: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example
-container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20240827194315707700000013.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:1234"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234,"hostPort":1234,"protocol":"tcp"}],"systemControls":[],"volumesFrom":[]}]'
+arn: (known after apply)
+arn_without_revision: (known after apply)
+container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20240827194315707700000013.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:8080"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234}],"volumesFrom":[]}]'
 cpu: "1024"
-enable_fault_injection: false
+enable_fault_injection: (known after apply)
 ephemeral_storage: []
-execution_role_arn: ""
+execution_role_arn: null
 family: facial-recognition-terraform-example
-id: facial-recognition-terraform-example
+id: (known after apply)
 inference_accelerator: []
-ipc_mode: ""
+ipc_mode: null
 memory: "2048"
 network_mode: awsvpc
-pid_mode: ""
+pid_mode: null
 placement_constraints: []
 proxy_configuration: []
 requires_compatibilities:
     - FARGATE
-revision: 7
+revision: (known after apply)
 runtime_platform: []
 skip_destroy: false
-tags: {}
-tags_all: {}
-task_role_arn: ""
+tags: null
+tags_all: (known after apply)
+task_role_arn: null
 terraform_address: module.scenarios[0].aws_ecs_task_definition.face
 terraform_name: module.scenarios[0].aws_ecs_task_definition.face
 track_latest: false

unmapped Unmapped Changes

Note

These changes couldn't be mapped to a discoverable cloud resource and therefore won't be included in the blast radius calculation.

updated aws_ecs_service › module.scenarios[0].aws_ecs_service.face 
--- current
+++ planned
@@ -43,7 +43,7 @@
 service_registries: []
 tags: {}
 tags_all: {}
-task_definition: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:7
+task_definition: (known after apply)
 terraform_address: module.scenarios[0].aws_ecs_service.face
 terraform_name: module.scenarios[0].aws_ecs_service.face
 timeouts: null

Blast Radius

items Items edges Edges
24 32

Open in Overmind

warning Risks

high Inconsistent Health Check Configuration in ECS Task Definition [High]

The proposed change to the ECS task definition updates the health check command to use localhost:8080, while the containerPort remains set to 1234. This inconsistency could cause incorrect health checking behavior, where the application might be erroneously assumed unhealthy because the health check is conducted on an incorrect port.

  • Potential Impact: The ECS service could consistently mark tasks as unhealthy due to checks being executed on an unintended port. This may lead to repeated task restarts and possible service downtime, causing reduced application availability and affecting services relying on the facial recognition application.
  • Evidence: Logs indicate previous incidents of task restarts due to failed health checks. ELB target groups and ECS service configurations further corroborate that the current setup uses port 1234, while the proposed health check command has shifted to check 8080.

To mitigate this risk, adjust the containerPort to match the intended health check port (8080) or verify whether the application should indeed handle traffic on port 8080. Alternatively, reassess and correct the health check command if port 1234 is to remain in use. Related Resources: ECS Task Definition 540044833068.eu-west-2.ecs-task-definition.facial-recognition-terraform-example, ECS Service and ELB Configurations.

@dylanratcliffe dylanratcliffe deleted the dylanratcliffe-patch-3 branch April 3, 2025 12:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dylanratcliffe