Deploy Amazon ECS services by replacing tasks - Amazon Elastic Container Service
Container image resolutionFailure detection
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Deploy Amazon ECS services by replacing tasks

When you create a service which uses the rolling update (ECS) deployment type, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration. The deployment configuration consists of the following:

  • The minimumHealthyPercent represents the lower limit on the number of tasks that should be running for a service during a deployment or when a container instance is draining, as a percent of the desired number of tasks for the service. This value is rounded up. For example if the minimum healthy percent is 50 and the desired task count is four, then the scheduler can stop two existing tasks before starting two new tasks. Likewise, if the minimum healthy percent is 75% and the desired task count is two, then the scheduler can't stop any tasks due to the resulting value also being two.

    If tasks become unhealthy, the Amazon ECS service scheduler will start replacement tasks first and maintain minimumHealthyPercent tasks until the replacement tasks become healthy. As the replacement tasks launch and become healthy, the unhealthy tasks will gradually be stopped.

  • The maximumPercent represents the upper limit on the number of tasks that should be running for a service during a deployment or when a container instance is draining, as a percent of the desired number of tasks for a service. This value is rounded down. For example if the maximum percent is 200 and the desired task count is four then the scheduler can start four new tasks before stopping four existing tasks. Likewise, if the maximum percent is 125 and the desired task count is three, the scheduler can't start any tasks due to the resulting value also being three.

Important

When setting a minimum healthy percent or a maximum percent, you should ensure that the scheduler can stop or start at least one task when a deployment is initiated. If your service has a deployment that is stuck due to an invalid deployment configuration, a service event message will be sent. For more information, see service (service-name) was unable to stop or start tasks during a deployment because of the service deployment configuration. Update the minimumHealthyPercent or maximumPercent value and try again..

A rolling deployment uses the deployment circuit breaker to determine if the tasks reach a steady state. The deployment circuit breaker can optionally roll back a deployment on failure.

Container image resolution

To ensure that all tasks in a service use the same container image, Amazon ECS resolves container image names and any image tags specified in the task definition to container image digests. If you create a service that runs and maintains a single task, that task is used to establish the container image digest. If you create a service that runs and maintains multiple tasks, the service scheduler starts one task first during deployment. This first task is used to establish the container image digest.

After the container image digest has been established, Amazon ECS uses the digest to start any other desired tasks, and for any future service updates. This leads to all tasks in a service always running identical container images, resulting in version consistency for your software.

If three or more attempts at establishing the container image digest fail, the deployment continues without image digest resolution. If the deployment circuit breaker is enabled, the deployment is additionally failed and rolled back.

Note

  • Amazon ECS doesn't capture digests of sidecar containers managed by Amazon ECS, such as the Amazon GuardDuty security agent or Service Connect proxy.

  • Amazon ECS doesn't capture digests of containers in services that use a Classic Load Balancer.

  • The minimum Fargate platform version for image digest resolution is 1.4.0.

  • Amazon ECS Agent versions lower than 1.31.0 don't support image digest resolution. Agent versions 1.31.0 to 1.69.0 support image digest resolution only for images pushed to Amazon ECR repositories. Agent versions 1.70.0 or higher support image digest resolution for all images.

  • To reduce potential latency associated with container image resolution in services with multiple tasks, run Amazon ECS agent version 1.83.0 or higher on EC2 container instances. To avoid potential latency altogether, specify container image digests in your task definition.

Failure detection

The are two methods which provide a way to quickly identify when a deployment has failed, and then to optionally roll back the failure to the last working deployment.

The methods can be used separately or together. When both methods are used, the deployment is set to failed as soon as the failure criteria for either failure method is met.

Use the following guidelines to help determine which method to use:

  • Circuit breaker - Use this method when you want to stop a deployment when the tasks can't start.

  • CloudWatch alarms - Use this method when you want to stop a deployment based on application metrics.