By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Failed to expose AWS ECS Fargate Service via ALB

0

Hi,

I follow AWS Blog to provision and expose service through Application Load Balancer (https://aws.amazon.com/blogs/compute/building-deploying-and-operating-containerized-applications-with-aws-fargate/).

I found that after I follow the step, ECS service is provisioned, but when I tried to access from internet, it cannot be accessed, is there any way for me to trace it. Whether Application Load Balancer is not configure properly or what?

Thank You.

Topics
ServerlessContainers
Tags
AWS FargateECS Service Discovery
Language
English
AWS-User-6022443
asked 2 years ago1080 views
3 Answers
1
  1. Check whether the ECS tasks are running successfully or not. Looking at logs to confirm might help
  2. Is the service active and has the load balancer configured?
  3. Are the target tasks healthy?
  4. Is the load balancer active? Check access logs and CloudWatch metrics to check if it is getting requests. Are there any HTTP 400 or 500 error responses etc.

Further, you can deploy the following ECS/Fargate Load Balanced example. It uses AWS CDK. The solution should deploy successfully and you can use that to compare to your setup to get further pointers on what the issue could be.

AWS
Rajarshi_D
answered 2 years ago
  • AWS-User-6022443
    2 years ago

    Sorry for late response.

    1. Yes. It's running successfully, and stated on event log : a856f3dc-9b08-44e0-8e5a-dc2e9e1c2a6e 2022-05-23 14:06:11 +0700 service NGINX has reached a steady state. bcbcc586-ce9f-4b6b-b457-67fe6178bff8 2022-05-23 08:05:54 +0700 service NGINX has reached a steady state.

    2. Yes, Service is active, I can access with Public IP Address for each pod in the tasks. I created Application Load Balancer & Target Group by IP type already. But cannot accessed via Application Load Balancer End Point.

    3. Yes, it's healthy.

    4. OK, this will check.

    Thanks also for the CDK, will take a look on that.

  • AWS-User-6022443
    2 years ago

    Updates : 4. it's timeout. I call using Application Load Balancer DNS Name, it's getting timeout. and not shown in the CloudWatch.

  • AWS-User-6022443
    2 years ago

    I think I find the issue, after I check everything is fine, except the ALB can't be accessed. I just link to Internet Gateway through Route Tables edge association, the VPC also support for internet-facing already, but ALB still can't be accessed.

1

Is your ALB on a public subnet ? Did you open the ports from internet to the ALB' SG ? Same from the ALB to the container' SG?

I'd recommend one of two things though, If you want to use a friendly format (docker compose specs) to define your services and AWS Resources to deploy, checkout ECS Compose-X or AWS AppRunner. The latter is very hands-off and friendly for people who are starting with ECS and AWS. The former is too, but will allow for much more complex settings and deployments options.

Going down the CDK route is much more involved. I'd rather recommend Copilot before CDK at this point.

profile picture
JohnPreston
answered 2 years ago
0

Hi John & Rajarshi,

Thanks for your reply. I've found the issue already. It's related with Route Tables. I missed out to associate the subnet.

Thank You.

AWS-User-6022443
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content