- Newest
- Most votes
- Most comments
Let's break down the traffic flow and steps for effective communication within your setup:
Traffic flow: Internet---> External Load Balancer ---> Backend (REST) ---> DSE
To address the "Connection refused" error while attempting to access the REST APIs on Port 8000, make sure that the task definition for your containers specifies that they are indeed listening on this port. Also, verify from the application container logs that the port is up and Listening.
The "Connection refused" error generally occurs due to incorrect IP or port settings, or the application not properly listening on the port. To diagnose further, you could try using the "dig" command to check the DNS resolution.
For proper service discovery, remember that it's primarily intended for interconnecting internal services within a VPC. When using the awsvpc network mode, you have the option to create either A records or SRV records. If you choose SRV records, ensure you're specifying the correct port that the container is listening on.
Internet to Loadbalancer : When dealing with external access from the Internet to your load balancer, ensure the load balancer is placed in a public subnet to allow accessibility. Establish a listener and a target group for routing.
Loadbalancer to Backend Container in a VPC via DNS : For communication between the load balancer and the backend container in the VPC via DNS, the target group specified in the service definition ensures that, with each task launch, the container and port are registered with the target group. This enables effective routing of traffic from the load balancer to the specific container. [+] https://docs.aws.amazon.com/AmazonECS/latest/userguide/create-application-load-balancer.html
Backend Container to other service in the VPC via DNS: Furthermore, once the load balancer routes traffic to the REST API, the backend container's communication with DSE can be achieved using the Service Discovery DNS name (which will use the <service discoveryservice name>.<service discovery namespace> as endpoint). Ensure that the tasks within the REST API have this Service Discovery DNS name parsed, possibly as an environment variable, to reach out to DSE effectively. You can refer to the AWS blog on Amazon ECS Service Discovery for detailed steps. [+] https://aws.amazon.com/blogs/aws/amazon-ecs-service-discovery/ [+] Service discovery - Service discovery considerations - https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html#service-discovery-considerations
Lastly, to address the scaling of your containers, refer to the concept of service scaling. You won't need an additional load balancer; the scaling process manages the load distribution efficiently. As the number of tasks increases, each task's container and port combination specified in the service definition is registered with the target group, streamlining the load distribution.
Relevant content
- asked 8 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
The problem was: Always check your containers first :) They refused the connection because the start did not work correctly. Thanks a lot for your help with all the networking!