AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
Modifies the status of an Amazon ECS container instance.
Once a container instance has reached an ACTIVE
state, you can change the status of a container instance to DRAINING
to manually remove an instance from a cluster, for example to perform system updates, update the Docker daemon, or scale down the cluster size.
DRAINING
until it has reached an ACTIVE
status. If the instance is in any other status, an error will be received.When you set a container instance to DRAINING
, Amazon ECS prevents new tasks from being scheduled for placement on the container instance and replacement service tasks are started on other container instances in the cluster if the resources are available. Service tasks on the container instance that are in the PENDING
state are stopped immediately.
Service tasks on the container instance that are in the RUNNING
state are stopped and replaced according to the service's deployment configuration parameters, minimumHealthyPercent
and maximumPercent
. You can change the deployment configuration of your service using UpdateService .
minimumHealthyPercent
is below 100%, the scheduler can ignore desiredCount
temporarily during task replacement. For example, desiredCount
is four tasks, a minimum of 50% allows the scheduler to stop two existing tasks before starting two new tasks. If the minimum is 100%, the service scheduler can't remove existing tasks until the replacement tasks are considered healthy. Tasks for services that do not use a load balancer are considered healthy if they're in the RUNNING
state. Tasks for services that use a load balancer are considered healthy if they're in the RUNNING
state and are reported as healthy by the load balancer.maximumPercent
parameter represents an upper limit on the number of running tasks during task replacement. You can use this to define the replacement batch size. For example, if desiredCount
is four tasks, a maximum of 200% starts four new tasks before stopping the four tasks to be drained, provided that the cluster resources required to do this are available. If the maximum is 100%, then replacement tasks can't start until the draining tasks have stopped.Any PENDING
or RUNNING
tasks that do not belong to a service aren't affected. You must wait for them to finish or stop them manually.
A container instance has completed draining when it has no more RUNNING
tasks. You can verify this using ListTasks .
When a container instance has been drained, you can set a container instance to ACTIVE
status and once it has reached that status the Amazon ECS scheduler can begin scheduling tasks on the instance again.
See also: AWS API Documentation
update-container-instances-state
[--cluster <value>]
--container-instances <value>
--status <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
--cluster
(string)
The short name or full Amazon Resource Name (ARN) of the cluster that hosts the container instance to update. If you do not specify a cluster, the default cluster is assumed.
--container-instances
(list)
A list of up to 10 container instance IDs or full ARN entries.
(string)
Syntax:
"string" "string" ...
--status
(string)
The container instance state to update the container instance with. The only valid values for this action are
ACTIVE
andDRAINING
. A container instance can only be updated toDRAINING
status once it has reached anACTIVE
state. If a container instance is inREGISTERING
,DEREGISTERING
, orREGISTRATION_FAILED
state you can describe the container instance but can't update the container instance state.Possible values:
ACTIVE
DRAINING
REGISTERING
DEREGISTERING
REGISTRATION_FAILED
--cli-input-json
(string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--debug
(boolean)
Turn on debug logging.
--endpoint-url
(string)
Override command's default URL with the given URL.
--no-verify-ssl
(boolean)
By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate
(boolean)
Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.
--output
(string)
The formatting style for command output.
--query
(string)
A JMESPath query to use in filtering the response data.
--profile
(string)
Use a specific profile from your credential file.
--region
(string)
The region to use. Overrides config/env settings.
--version
(string)
Display the version of this tool.
--color
(string)
Turn on/off color output.
--no-sign-request
(boolean)
Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle
(string)
The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout
(int)
The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout
(int)
The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
To use the following examples, you must have the AWS CLI installed and configured. See the Getting started guide in the AWS CLI User Guide for more information.
Unless otherwise stated, all examples have unix-like quotation rules. These examples will need to be adapted to your terminal's quoting rules. See Using quotation marks with strings in the AWS CLI User Guide .
To update the state of a container instance
The following update-container-instances-state
updates the state of the specified container instance to DRAINING
which will remove it from the cluster is it registered to.
aws ecs update-container-instances-state \
--container-instances 765936fadbdd46b5991a4bd70c2a43d4 \
--status DRAINING
Output:
{
"containerInstances": [
{
"containerInstanceArn": "arn:aws:ecs:us-west-2:130757420319:container-instance/default/765936fadbdd46b5991a4bd70c2a43d4",
"ec2InstanceId": "i-013d87ffbb4d513bf",
"version": 4390,
"versionInfo": {
"agentVersion": "1.29.0",
"agentHash": "a190a73f",
"dockerVersion": "DockerVersion:18.06.1-ce"
},
"remainingResources": [
{
"name": "CPU",
"type": "INTEGER",
"doubleValue": 0,
"longValue": 0,
"integerValue": 1536
},
{
"name": "MEMORY",
"type": "INTEGER",
"doubleValue": 0,
"longValue": 0,
"integerValue": 2681
},
{
"name": "PORTS",
"type": "STRINGSET",
"doubleValue": 0,
"longValue": 0,
"integerValue": 0,
"stringSetValue": [
"22",
"2376",
"2375",
"51678",
"51679"
]
},
{
"name": "PORTS_UDP",
"type": "STRINGSET",
"doubleValue": 0,
"longValue": 0,
"integerValue": 0,
"stringSetValue": []
}
],
"registeredResources": [
{
"name": "CPU",
"type": "INTEGER",
"doubleValue": 0,
"longValue": 0,
"integerValue": 2048
},
{
"name": "MEMORY",
"type": "INTEGER",
"doubleValue": 0,
"longValue": 0,
"integerValue": 3705
},
{
"name": "PORTS",
"type": "STRINGSET",
"doubleValue": 0,
"longValue": 0,
"integerValue": 0,
"stringSetValue": [
"22",
"2376",
"2375",
"51678",
"51679"
]
},
{
"name": "PORTS_UDP",
"type": "STRINGSET",
"doubleValue": 0,
"longValue": 0,
"integerValue": 0,
"stringSetValue": []
}
],
"status": "DRAINING",
"agentConnected": true,
"runningTasksCount": 2,
"pendingTasksCount": 0,
"attributes": [
{
"name": "ecs.capability.secrets.asm.environment-variables"
},
{
"name": "ecs.capability.branch-cni-plugin-version",
"value": "e0703516-"
},
{
"name": "ecs.ami-id",
"value": "ami-00e0090ac21971297"
},
{
"name": "ecs.capability.secrets.asm.bootstrap.log-driver"
},
{
"name": "com.amazonaws.ecs.capability.logging-driver.none"
},
{
"name": "ecs.capability.ecr-endpoint"
},
{
"name": "ecs.capability.docker-plugin.local"
},
{
"name": "ecs.capability.task-cpu-mem-limit"
},
{
"name": "ecs.capability.secrets.ssm.bootstrap.log-driver"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.30"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.31"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.32"
},
{
"name": "ecs.availability-zone",
"value": "us-west-2c"
},
{
"name": "ecs.capability.aws-appmesh"
},
{
"name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.24"
},
{
"name": "ecs.capability.task-eni-trunking"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.25"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.26"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.27"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.28"
},
{
"name": "com.amazonaws.ecs.capability.privileged-container"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.29"
},
{
"name": "ecs.cpu-architecture",
"value": "x86_64"
},
{
"name": "com.amazonaws.ecs.capability.ecr-auth"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.20"
},
{
"name": "ecs.os-type",
"value": "linux"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.22"
},
{
"name": "ecs.capability.task-eia"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.23"
},
{
"name": "ecs.capability.private-registry-authentication.secretsmanager"
},
{
"name": "com.amazonaws.ecs.capability.logging-driver.syslog"
},
{
"name": "com.amazonaws.ecs.capability.logging-driver.json-file"
},
{
"name": "ecs.capability.execution-role-awslogs"
},
{
"name": "ecs.vpc-id",
"value": "vpc-1234"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.17"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
},
{
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
},
{
"name": "ecs.capability.task-eni"
},
{
"name": "ecs.capability.execution-role-ecr-pull"
},
{
"name": "ecs.capability.container-health-check"
},
{
"name": "ecs.subnet-id",
"value": "subnet-1234"
},
{
"name": "ecs.instance-type",
"value": "c5.large"
},
{
"name": "com.amazonaws.ecs.capability.task-iam-role-network-host"
},
{
"name": "ecs.capability.container-ordering"
},
{
"name": "ecs.capability.cni-plugin-version",
"value": "91ccefc8-2019.06.0"
},
{
"name": "ecs.capability.pid-ipc-namespace-sharing"
},
{
"name": "ecs.capability.secrets.ssm.environment-variables"
},
{
"name": "com.amazonaws.ecs.capability.task-iam-role"
}
],
"registeredAt": 1560788724.507,
"attachments": [],
"tags": []
}
],
"failures": []
}
containerInstances -> (list)
The list of container instances.
(structure)
An Amazon EC2 or External instance that's running the Amazon ECS agent and has been registered with a cluster.
containerInstanceArn -> (string)
The Amazon Resource Name (ARN) of the container instance. For more information about the ARN format, see Amazon Resource Name (ARN) in the Amazon ECS Developer Guide .ec2InstanceId -> (string)
The ID of the container instance. For Amazon EC2 instances, this value is the Amazon EC2 instance ID. For external instances, this value is the Amazon Web Services Systems Manager managed instance ID.capacityProviderName -> (string)
The capacity provider that's associated with the container instance.version -> (long)
The version counter for the container instance. Every time a container instance experiences a change that triggers a CloudWatch event, the version counter is incremented. If you're replicating your Amazon ECS container instance state with CloudWatch Events, you can compare the version of a container instance reported by the Amazon ECS APIs with the version reported in CloudWatch Events for the container instance (inside thedetail
object) to verify that the version in your event stream is current.versionInfo -> (structure)
The version information for the Amazon ECS container agent and Docker daemon running on the container instance.
agentVersion -> (string)
The version number of the Amazon ECS container agent.agentHash -> (string)
The Git commit hash for the Amazon ECS container agent build on the amazon-ecs-agent GitHub repository.dockerVersion -> (string)
The Docker version that's running on the container instance.remainingResources -> (list)
For CPU and memory resource types, this parameter describes the remaining CPU and memory that wasn't already allocated to tasks and is therefore available for new tasks. For port resource types, this parameter describes the ports that were reserved by the Amazon ECS container agent (at instance registration time) and any task containers that have reserved port mappings on the host (with the
host
orbridge
network mode). Any port that's not specified here is available for new tasks.(structure)
Describes the resources available for a container instance.
name -> (string)
The name of the resource, such asCPU
,MEMORY
,PORTS
,PORTS_UDP
, or a user-defined resource.type -> (string)
The type of the resource. Valid values:INTEGER
,DOUBLE
,LONG
, orSTRINGSET
.doubleValue -> (double)
When thedoubleValue
type is set, the value of the resource must be a double precision floating-point type.longValue -> (long)
When thelongValue
type is set, the value of the resource must be an extended precision floating-point type.integerValue -> (integer)
When theintegerValue
type is set, the value of the resource must be an integer.stringSetValue -> (list)
When the
stringSetValue
type is set, the value of the resource must be a string type.(string)
registeredResources -> (list)
For CPU and memory resource types, this parameter describes the amount of each resource that was available on the container instance when the container agent registered it with Amazon ECS. This value represents the total amount of CPU and memory that can be allocated on this container instance to tasks. For port resource types, this parameter describes the ports that were reserved by the Amazon ECS container agent when it registered the container instance with Amazon ECS.
(structure)
Describes the resources available for a container instance.
name -> (string)
The name of the resource, such asCPU
,MEMORY
,PORTS
,PORTS_UDP
, or a user-defined resource.type -> (string)
The type of the resource. Valid values:INTEGER
,DOUBLE
,LONG
, orSTRINGSET
.doubleValue -> (double)
When thedoubleValue
type is set, the value of the resource must be a double precision floating-point type.longValue -> (long)
When thelongValue
type is set, the value of the resource must be an extended precision floating-point type.integerValue -> (integer)
When theintegerValue
type is set, the value of the resource must be an integer.stringSetValue -> (list)
When the
stringSetValue
type is set, the value of the resource must be a string type.(string)
status -> (string)
The status of the container instance. The valid values are
REGISTERING
,REGISTRATION_FAILED
,ACTIVE
,INACTIVE
,DEREGISTERING
, orDRAINING
.If your account has opted in to the
awsvpcTrunking
account setting, then any newly registered container instance will transition to aREGISTERING
status while the trunk elastic network interface is provisioned for the instance. If the registration fails, the instance will transition to aREGISTRATION_FAILED
status. You can describe the container instance and see the reason for failure in thestatusReason
parameter. Once the container instance is terminated, the instance transitions to aDEREGISTERING
status while the trunk elastic network interface is deprovisioned. The instance then transitions to anINACTIVE
status.The
ACTIVE
status indicates that the container instance can accept tasks. TheDRAINING
indicates that new tasks aren't placed on the container instance and any service tasks running on the container instance are removed if possible. For more information, see Container instance draining in the Amazon Elastic Container Service Developer Guide .statusReason -> (string)
The reason that the container instance reached its current status.agentConnected -> (boolean)
This parameter returnstrue
if the agent is connected to Amazon ECS. An instance with an agent that may be unhealthy or stopped returnfalse
. Only instances connected to an agent can accept task placement requests.runningTasksCount -> (integer)
The number of tasks on the container instance that have a desired status (desiredStatus
) ofRUNNING
.pendingTasksCount -> (integer)
The number of tasks on the container instance that are in thePENDING
status.agentUpdateStatus -> (string)
The status of the most recent agent update. If an update wasn't ever requested, this value isNULL
.attributes -> (list)
The attributes set for the container instance, either by the Amazon ECS container agent at instance registration or manually with the PutAttributes operation.
(structure)
An attribute is a name-value pair that's associated with an Amazon ECS object. Use attributes to extend the Amazon ECS data model by adding custom metadata to your resources. For more information, see Attributes in the Amazon Elastic Container Service Developer Guide .
name -> (string)
The name of the attribute. Thename
must contain between 1 and 128 characters. The name may contain letters (uppercase and lowercase), numbers, hyphens (-), underscores (_), forward slashes (/), back slashes (), or periods (.).value -> (string)
The value of the attribute. Thevalue
must contain between 1 and 128 characters. It can contain letters (uppercase and lowercase), numbers, hyphens (-), underscores (_), periods (.), at signs (@), forward slashes (/), back slashes (), colons (:), or spaces. The value can't start or end with a space.targetType -> (string)
The type of the target to attach the attribute with. This parameter is required if you use the short form ID for a resource instead of the full ARN.targetId -> (string)
The ID of the target. You can specify the short form ID for a resource or the full Amazon Resource Name (ARN).registeredAt -> (timestamp)
The Unix timestamp for the time when the container instance was registered.attachments -> (list)
The resources attached to a container instance, such as an elastic network interface.
(structure)
An object representing a container instance or task attachment.
id -> (string)
The unique identifier for the attachment.type -> (string)
The type of the attachment, such asElasticNetworkInterface
,Service Connect
, andAmazonElasticBlockStorage
.status -> (string)
The status of the attachment. Valid values arePRECREATED
,CREATED
,ATTACHING
,ATTACHED
,DETACHING
,DETACHED
,DELETED
, andFAILED
.details -> (list)
Details of the attachment.
For elastic network interfaces, this includes the network interface ID, the MAC address, the subnet ID, and the private IPv4 address.
For Service Connect services, this includes
portName
,clientAliases
,discoveryName
, andingressPortOverride
.For Elastic Block Storage, this includes
roleArn
,deleteOnTermination
,volumeName
,volumeId
, andstatusReason
(only when the attachment fails to create or attach).(structure)
A key-value pair object.
name -> (string)
The name of the key-value pair. For environment variables, this is the name of the environment variable.value -> (string)
The value of the key-value pair. For environment variables, this is the value of the environment variable.tags -> (list)
The metadata that you apply to the container instance to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.
The following basic restrictions apply to tags:
- Maximum number of tags per resource - 50
- For each resource, each tag key must be unique, and each tag key can have only one value.
- Maximum key length - 128 Unicode characters in UTF-8
- Maximum value length - 256 Unicode characters in UTF-8
- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.
- Tag keys and values are case-sensitive.
- Do not use
aws:
,AWS:
, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for Amazon Web Services use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.(structure)
The metadata that you apply to a resource to help you categorize and organize them. Each tag consists of a key and an optional value. You define them.
The following basic restrictions apply to tags:
- Maximum number of tags per resource - 50
- For each resource, each tag key must be unique, and each tag key can have only one value.
- Maximum key length - 128 Unicode characters in UTF-8
- Maximum value length - 256 Unicode characters in UTF-8
- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.
- Tag keys and values are case-sensitive.
- Do not use
aws:
,AWS:
, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for Amazon Web Services use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.key -> (string)
One part of a key-value pair that make up a tag. Akey
is a general label that acts like a category for more specific tag values.value -> (string)
The optional part of a key-value pair that make up a tag. Avalue
acts as a descriptor within a tag category (key).healthStatus -> (structure)
An object representing the health status of the container instance.
overallStatus -> (string)
The overall health status of the container instance. This is an aggregate status of all container instance health checks.details -> (list)
An array of objects representing the details of the container instance health status.
(structure)
An object representing the result of a container instance health status check.
type -> (string)
The type of container instance health status that was verified.status -> (string)
The container instance health status.lastUpdated -> (timestamp)
The Unix timestamp for when the container instance health status was last updated.lastStatusChange -> (timestamp)
The Unix timestamp for when the container instance health status last changed.
failures -> (list)
Any failures associated with the call.
(structure)
A failed resource. For a list of common causes, see API failure reasons in the Amazon Elastic Container Service Developer Guide .
arn -> (string)
The Amazon Resource Name (ARN) of the failed resource.reason -> (string)
The reason for the failure.detail -> (string)
The details of the failure.