Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS ECS EC2 without loadbalancer?

0

I am deploying Nginx as a service/task on AWS ECS with EC2, and I've run into an issue where I cannot connect to the Nginx welcome page via its public IP address. I can access that by using loadBalancer but I don't want to use it.

Is there anyway I can deploy ECS task defination to ECS-EC2 and access it by using ipV4?

Here's a breakdown of my setup and what I've checked:

  1. ECS Configuration:

    • I've set up ECS with an EC2 instance and defined a task definition for Nginx. The task is running according to the ECS console, and I can see the logs working there.

  2. Docker and Nginx Container Status:

    • The Docker container for Nginx is active, and the port mapping is 0.0.0.0:80->80/tcp

  3. Security Group and Network ACLs:

    • The security group associated with the EC2 instance allows all inbound traffic on port 80.
    • Network ACLs also permit both inbound and outbound traffic on this port.

  4. Internal Connectivity Test:

    • Using curl http://localhost and http://127.0.0.1 from within the EC2 instance isn't displays the Nginx welcome page.

I am unable to access it using the public IP. This issue persists even though everything seems configured properly.

Any insights or suggestions would be highly appreciated!

Topics
ComputeContainers
Tags
Amazon EC2ECS Service DiscoveryAmazon Elastic Container Service
Language
English
asked 2 years ago995 views
2 Answers
1

Hello.

What network mode are you using for your ECS tasks?
I think that if I used bridge mode, I would be able to connect from the public IP address of EC2.
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html

I think this stackoverflow answer will be helpful.
https://stackoverflow.com/questions/51184501/aws-ecs-containers-are-not-connecting-but-works-perfectly-in-my-local-machine

EXPERT
answered 2 years ago
0

Hello,

To access the webpage directly from the internet using the EC2 instance's public IP address, ensure that your ECS task definition uses the host or bridge network mode. If your ECS task definition is using the awsvpc network mode, this would explain why you can only access the webpage through a load balancer. The awsvpc network mode assigns a unique ENI to each task, load balancer can reach the task's Private IP. Task networking for the EC2 launch type

So that's probably a reason why running curl http://localhost and http://127.0.0.1 from within the EC2 instance isn't displays the Nginx welcome page

The task is allocated its own elastic network interface (ENI) and a primary private IPv4 address.

To ensure direct access from the internet using the EC2 instance's public IP, adjust your task definition to use the host or bridge network mode instead of the load balancer. However, be aware that using host mode has its disadvantages: you cannot run more than a single instance of a task on each host.

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/networking-networkmode-host.html

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/networking-networkmode-bridge.html

EXPERT
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content