Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

How can I add SSL using ACM with ECS blue green deployment

0

Hi, Currently, I am using code commit, code build, and code pipeline (ECS Blue Green) for blue-green deployment. Everything is working great. I have also selected blue green option while creating the service and attached 2 listeners and target groups(HTTP).

I have attached the domain to ALB. Now I want to add SSL to the domain, but SSL configuration in the application load balancer requires a specific target group with weight. But in the case of blue-green deployment, the Target group will change each time when I deploy something using ecs bg pipeline.

Also, I don't want to specify the weight on the alb. Is there any way to add acm in the load balancer in case of bg deployment

Themen
EntwicklertoolsBehälterVernetzung & Bereitstellung von InhaltenSicherheit, Identität & Konformität
Tags
AWS CodePipelineAmazon Elastischer Container-ServiceAmazon Route 53AWS ZertifikatsmanagerApplication Load Balancer
Sprache
English
Atul Anand
gefragt vor 10 Monaten503 Aufrufe
1 Antwort
0

It should be sufficient to simply tie the ACM certificate directly to the ALB.
The ALB tied to the domain will not change with blue-green deployments, so I think simply tying the SSL certificate to the ALB will solve the problem.

profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor 10 Monaten
  • Atul Anand
    vor 10 Monaten

    What I see from documentation is this

    Associate an ACM SSL certificate with an Application Load Balancer In the navigation pane, choose Load Balancers, and then choose your Application Load Balancer.

    • Choose Add listener.
    • For Protocol, choose HTTPS.
    • For port, choose 443.
    • For Default action(s), choose Forward to, and then select your ALB target group from the dropdown list.
    • For Default SSL certificate, choose From ACM (recommended) and then choose the ACM certificate. Choose Save.

    Here if you see the above steps then i need to define or add target group in case of alb and that's the issue. If i will add/forward to target group then i also need to define weights. Once i will add weights then blue green deployment will not work with ecs because in ecs it automatically rotates the target group.

  • Riku_Kobayashi EXPERTE
    vor 10 Monaten

    In the procedure for creating a deployment group described in this document, you can use blue-green deployments without problems even with HTTPS by setting the Production listener port and the Test listener port. https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-groups-create-ecs.html

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt