使用 AWS Elasticsearch 在 AWS ECS 上 运行 临时时无法查看工作流
Cannot See Workflows while Running Temporal on AWS ECS with AWS Elasticsearch
我在 AWS ECS 上部署了 Temporal 和 Temporal Web。我使用 Docker Compose 文件复制了配置:https://github.com/temporalio/docker-compose/blob/main/docker-compose.yml
我使用了这个配置文件:https://github.com/temporalio/docker-compose/blob/main/dynamicconfig/development_es.yaml
对于 Elasticsearch,我使用了具有 ES v7.10 的启用单节点密码的 AWS Elasticsearch 域。
对于 Postgres,我使用了具有 Postgres v13.3 的启用单实例密码的 AWS RDS 数据库。
我对 Temporal 的任务定义如下:
{
"ipcMode": null,
"executionRoleArn": "arn:aws:iam::999999999999:role/dev-ecs-task-execution-role",
"containerDefinitions": [
{
"dnsSearchDomains": null,
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": {
"awslogs-group": "awslogs-dev",
"awslogs-region": "eu-central-1",
"awslogs-create-group": "true",
"awslogs-stream-prefix": "awslogs-temporal"
}
},
"entryPoint": [],
"portMappings": [
{
"hostPort": 7233,
"protocol": "tcp",
"containerPort": 7233
}
],
"command": [],
"linuxParameters": null,
"cpu": 32,
"environment": [
{
"name": "DB",
"value": "postgresql"
},
{
"name": "DB_PORT",
"value": "5432"
},
{
"name": "DYNAMIC_CONFIG_FILE_PATH",
"value": "/temporal/development_es.yaml"
},
{
"name": "ENABLE_ES",
"value": "true"
},
{
"name": "ES_PORT",
"value": "443"
},
{
"name": "ES_SCHEME",
"value": "https"
},
{
"name": "ES_VERSION",
"value": "v7"
},
{
"name": "LOG_LEVEL",
"value": "info"
},
{
"name": "SERVICES",
"value": "history,matching,frontend,worker"
}
],
"resourceRequirements": null,
"ulimits": [],
"dnsServers": null,
"mountPoints": [
{
"readOnly": true,
"containerPath": "/temporal",
"sourceVolume": "configVolume"
}
],
"workingDirectory": null,
"secrets": [
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_POSTGRES_USERNAME",
"name": "POSTGRES_USER"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_POSTGRES_PASSWORD",
"name": "POSTGRES_PWD"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_POSTGRES_HOST",
"name": "POSTGRES_SEEDS"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_ES_HOST",
"name": "ES_SEEDS"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_ES_USERNAME",
"name": "ES_USER"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_ES_PASSWORD",
"name": "ES_PWD"
}
],
"dockerSecurityOptions": null,
"memory": 256,
"memoryReservation": 128,
"volumesFrom": [],
"stopTimeout": 60,
"image": "temporalio/auto-setup:1.15.0",
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": null,
"hostname": null,
"extraHosts": null,
"pseudoTerminal": null,
"user": null,
"readonlyRootFilesystem": null,
"dockerLabels": null,
"systemControls": null,
"privileged": null,
"name": "temporal"
}
],
"placementConstraints": [],
"memory": null,
"taskRoleArn": null,
"compatibilities": [
"EC2"
],
"taskDefinitionArn": "arn:aws:ecs:eu-central-1:999999999999:task-definition/temporal-dev:36",
"family": "temporal-dev",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.execution-role-awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.efsAuth"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.efs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.container-ordering"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.25"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.secrets.ssm.environment-variables"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.task-eni"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.29"
}
],
"pidMode": null,
"requiresCompatibilities": [
"EC2"
],
"networkMode": "awsvpc",
"runtimePlatform": null,
"cpu": null,
"revision": 36,
"status": "ACTIVE",
"inferenceAccelerators": null,
"proxyConfiguration": null,
"volumes": [
{
"fsxWindowsFileServerVolumeConfiguration": null,
"efsVolumeConfiguration": {
"transitEncryptionPort": null,
"fileSystemId": "fs-99999999",
"authorizationConfig": null,
"transitEncryption": null,
"rootDirectory": "temporal"
},
"name": "configVolume",
"host": null,
"dockerVolumeConfiguration": null
}
]
}
我对 Temporal Web 的任务定义如下:
{
"ipcMode": null,
"executionRoleArn": "arn:aws:iam::999999999999:role/dev-ecs-task-execution-role",
"containerDefinitions": [
{
"dnsSearchDomains": null,
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": {
"awslogs-group": "awslogs-dev",
"awslogs-region": "eu-central-1",
"awslogs-create-group": "true",
"awslogs-stream-prefix": "awslogs-temporal-web"
}
},
"entryPoint": [],
"portMappings": [
{
"hostPort": 8088,
"protocol": "tcp",
"containerPort": 8088
}
],
"command": [],
"linuxParameters": null,
"cpu": 32,
"environment": [
{
"name": "TEMPORAL_GRPC_ENDPOINT",
"value": "temporal.dev-local:7233"
},
{
"name": "TEMPORAL_PERMIT_WRITE_API",
"value": "true"
}
],
"resourceRequirements": null,
"ulimits": [],
"dnsServers": null,
"mountPoints": [],
"workingDirectory": null,
"secrets": [],
"dockerSecurityOptions": null,
"memory": 256,
"memoryReservation": 128,
"volumesFrom": [],
"stopTimeout": 60,
"image": "temporalio/web:1.13.0",
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": null,
"hostname": null,
"extraHosts": null,
"pseudoTerminal": null,
"user": null,
"readonlyRootFilesystem": null,
"dockerLabels": null,
"systemControls": null,
"privileged": null,
"name": "temporal-web"
}
],
"placementConstraints": [],
"memory": null,
"taskRoleArn": null,
"compatibilities": [
"EC2"
],
"taskDefinitionArn": "arn:aws:ecs:eu-central-1:999999999999:task-definition/temporal-web-dev:7",
"family": "temporal-web-dev",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.execution-role-awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.container-ordering"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.task-eni"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.29"
}
],
"pidMode": null,
"requiresCompatibilities": [
"EC2"
],
"networkMode": "awsvpc",
"runtimePlatform": null,
"cpu": null,
"revision": 7,
"status": "ACTIVE",
"inferenceAccelerators": null,
"proxyConfiguration": null,
"volumes": []
}
我能够 运行 这 2 个容器成功地临时连接到 Postgres 和 Elasticsearch 并成功写入数据。
问题是,我在 Temporal Web UI 上看不到任何工作流,在我创建的命名空间和默认命名空间下都看不到,但我可以在 Elasticsearch 上看到数据。
我找不到任何错误日志,我只能在 AWS CloudWatch 下看到 Temporal 和 Temporal Web 的信息日志 UI。
我错过了什么?实际问题是什么?是否有任何教程或指南可以使用动态配置使其在 AWS ECS 上与 AWS RDS Postgres 和 AWS Elasticsearch 一起工作?
注意:当我 运行 在本地使用 docker-compose 时,它有效。
我在这里检查了 temporal-system 命名空间,我能够看到工作流:https://temporal-dev.example.com/namespaces/temporal-system/workflows?range=last-30-days&status=ALL
我还可以在我们的命名空间中看到工作流。
我做了以下事情:
- 我在 Elasticsearch 上启用了身份验证(用户名和密码)以成功连接。
- 我从 Elasticsearch 中删除了时间索引。
- 我使用下图将临时版本升级到v1.15.0:
temporalio/auto-setup:1.15.0
- 之前是1.13.1
- 我从 Postgres 中删除了时间数据库。
- 我重新启动了临时 ECS 服务和创建命名空间的服务。
成功了。
我在 AWS ECS 上部署了 Temporal 和 Temporal Web。我使用 Docker Compose 文件复制了配置:https://github.com/temporalio/docker-compose/blob/main/docker-compose.yml
我使用了这个配置文件:https://github.com/temporalio/docker-compose/blob/main/dynamicconfig/development_es.yaml
对于 Elasticsearch,我使用了具有 ES v7.10 的启用单节点密码的 AWS Elasticsearch 域。
对于 Postgres,我使用了具有 Postgres v13.3 的启用单实例密码的 AWS RDS 数据库。
我对 Temporal 的任务定义如下:
{
"ipcMode": null,
"executionRoleArn": "arn:aws:iam::999999999999:role/dev-ecs-task-execution-role",
"containerDefinitions": [
{
"dnsSearchDomains": null,
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": {
"awslogs-group": "awslogs-dev",
"awslogs-region": "eu-central-1",
"awslogs-create-group": "true",
"awslogs-stream-prefix": "awslogs-temporal"
}
},
"entryPoint": [],
"portMappings": [
{
"hostPort": 7233,
"protocol": "tcp",
"containerPort": 7233
}
],
"command": [],
"linuxParameters": null,
"cpu": 32,
"environment": [
{
"name": "DB",
"value": "postgresql"
},
{
"name": "DB_PORT",
"value": "5432"
},
{
"name": "DYNAMIC_CONFIG_FILE_PATH",
"value": "/temporal/development_es.yaml"
},
{
"name": "ENABLE_ES",
"value": "true"
},
{
"name": "ES_PORT",
"value": "443"
},
{
"name": "ES_SCHEME",
"value": "https"
},
{
"name": "ES_VERSION",
"value": "v7"
},
{
"name": "LOG_LEVEL",
"value": "info"
},
{
"name": "SERVICES",
"value": "history,matching,frontend,worker"
}
],
"resourceRequirements": null,
"ulimits": [],
"dnsServers": null,
"mountPoints": [
{
"readOnly": true,
"containerPath": "/temporal",
"sourceVolume": "configVolume"
}
],
"workingDirectory": null,
"secrets": [
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_POSTGRES_USERNAME",
"name": "POSTGRES_USER"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_POSTGRES_PASSWORD",
"name": "POSTGRES_PWD"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_POSTGRES_HOST",
"name": "POSTGRES_SEEDS"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_ES_HOST",
"name": "ES_SEEDS"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_ES_USERNAME",
"name": "ES_USER"
},
{
"valueFrom": "arn:aws:ssm:eu-central-1:999999999999:parameter/docker/dev/temporal_ES_PASSWORD",
"name": "ES_PWD"
}
],
"dockerSecurityOptions": null,
"memory": 256,
"memoryReservation": 128,
"volumesFrom": [],
"stopTimeout": 60,
"image": "temporalio/auto-setup:1.15.0",
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": null,
"hostname": null,
"extraHosts": null,
"pseudoTerminal": null,
"user": null,
"readonlyRootFilesystem": null,
"dockerLabels": null,
"systemControls": null,
"privileged": null,
"name": "temporal"
}
],
"placementConstraints": [],
"memory": null,
"taskRoleArn": null,
"compatibilities": [
"EC2"
],
"taskDefinitionArn": "arn:aws:ecs:eu-central-1:999999999999:task-definition/temporal-dev:36",
"family": "temporal-dev",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.execution-role-awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.efsAuth"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.efs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.container-ordering"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.25"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.secrets.ssm.environment-variables"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.task-eni"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.29"
}
],
"pidMode": null,
"requiresCompatibilities": [
"EC2"
],
"networkMode": "awsvpc",
"runtimePlatform": null,
"cpu": null,
"revision": 36,
"status": "ACTIVE",
"inferenceAccelerators": null,
"proxyConfiguration": null,
"volumes": [
{
"fsxWindowsFileServerVolumeConfiguration": null,
"efsVolumeConfiguration": {
"transitEncryptionPort": null,
"fileSystemId": "fs-99999999",
"authorizationConfig": null,
"transitEncryption": null,
"rootDirectory": "temporal"
},
"name": "configVolume",
"host": null,
"dockerVolumeConfiguration": null
}
]
}
我对 Temporal Web 的任务定义如下:
{
"ipcMode": null,
"executionRoleArn": "arn:aws:iam::999999999999:role/dev-ecs-task-execution-role",
"containerDefinitions": [
{
"dnsSearchDomains": null,
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": {
"awslogs-group": "awslogs-dev",
"awslogs-region": "eu-central-1",
"awslogs-create-group": "true",
"awslogs-stream-prefix": "awslogs-temporal-web"
}
},
"entryPoint": [],
"portMappings": [
{
"hostPort": 8088,
"protocol": "tcp",
"containerPort": 8088
}
],
"command": [],
"linuxParameters": null,
"cpu": 32,
"environment": [
{
"name": "TEMPORAL_GRPC_ENDPOINT",
"value": "temporal.dev-local:7233"
},
{
"name": "TEMPORAL_PERMIT_WRITE_API",
"value": "true"
}
],
"resourceRequirements": null,
"ulimits": [],
"dnsServers": null,
"mountPoints": [],
"workingDirectory": null,
"secrets": [],
"dockerSecurityOptions": null,
"memory": 256,
"memoryReservation": 128,
"volumesFrom": [],
"stopTimeout": 60,
"image": "temporalio/web:1.13.0",
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": null,
"hostname": null,
"extraHosts": null,
"pseudoTerminal": null,
"user": null,
"readonlyRootFilesystem": null,
"dockerLabels": null,
"systemControls": null,
"privileged": null,
"name": "temporal-web"
}
],
"placementConstraints": [],
"memory": null,
"taskRoleArn": null,
"compatibilities": [
"EC2"
],
"taskDefinitionArn": "arn:aws:ecs:eu-central-1:999999999999:task-definition/temporal-web-dev:7",
"family": "temporal-web-dev",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.execution-role-awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.container-ordering"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.task-eni"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.29"
}
],
"pidMode": null,
"requiresCompatibilities": [
"EC2"
],
"networkMode": "awsvpc",
"runtimePlatform": null,
"cpu": null,
"revision": 7,
"status": "ACTIVE",
"inferenceAccelerators": null,
"proxyConfiguration": null,
"volumes": []
}
我能够 运行 这 2 个容器成功地临时连接到 Postgres 和 Elasticsearch 并成功写入数据。
问题是,我在 Temporal Web UI 上看不到任何工作流,在我创建的命名空间和默认命名空间下都看不到,但我可以在 Elasticsearch 上看到数据。
我找不到任何错误日志,我只能在 AWS CloudWatch 下看到 Temporal 和 Temporal Web 的信息日志 UI。
我错过了什么?实际问题是什么?是否有任何教程或指南可以使用动态配置使其在 AWS ECS 上与 AWS RDS Postgres 和 AWS Elasticsearch 一起工作?
注意:当我 运行 在本地使用 docker-compose 时,它有效。
我在这里检查了 temporal-system 命名空间,我能够看到工作流:https://temporal-dev.example.com/namespaces/temporal-system/workflows?range=last-30-days&status=ALL
我还可以在我们的命名空间中看到工作流。
我做了以下事情:
- 我在 Elasticsearch 上启用了身份验证(用户名和密码)以成功连接。
- 我从 Elasticsearch 中删除了时间索引。
- 我使用下图将临时版本升级到v1.15.0:
temporalio/auto-setup:1.15.0- 之前是1.13.1
- 我从 Postgres 中删除了时间数据库。
- 我重新启动了临时 ECS 服务和创建命名空间的服务。
成功了。