I'm currently facing some challenges while setting up health checks for my containers in ECS. I used the command `CMD-SHELL,curl -f http://localhost:8000/health` to check the health status, and it returns the JSON response: `{ "service":"service", "status":"UP", "java_version":"21", "timestamp":"2025-11-14T13:33:16.548721119", "architecture":"hexagonal" }`. However, I also see a response of '200' on other containers, yet ECS still marks them as "unhealthy" and terminates the containers. I understand that any command returning an exit code of 0 is considered healthy, but I'm skeptical since several things might return a 0 exit code even if they're not functioning correctly, like a 404 error. I tried adding a `sleep 30` command and three retries, thinking it might be a timing issue, but I'm still getting marked as unhealthy. Does anyone have any insights on what I might be missing? Thanks for your help!
2 Answers
It seems like your health check command is mostly correct! Remember that ECS checks the exit code of the command you use—if it returns 0, you're good. In your case, your `curl -f` command appears to be set up right because it returns a 200 status. A common issue arises from how you specify the command in your ECS task definition. Make sure it includes a space after `cmd-shell`, like this: `cmd-shell, curl -f http://localhost:8000/health || exit 1`. This way, if `curl` fails for any reason (like 404 or other connection issues), it will give a non-zero exit code. Also, check that your application is fully ready when ECS starts its health checks. Instead of `sleep 30` in your command, try adjusting the ECS health check parameters for `startperiod` and `retries` so it waits longer before declaring a container unhealthy. Confirm that the health endpoint is accessible within the container on `localhost:8000` without any network issues. Lastly, test the health check command manually inside the container to ensure it exits with 0—that's the command you should replicate in ECS.
You might want to consider using the CMD option instead of CMD-SHELL. It can sometimes make a difference in how ECS processes your health checks. Give it a shot!
I'm already using the CMD option actually. What exactly do you mean by that?