Possible way to expose the Streamlit application


I have deployed the streamlit application with nginx reverse proxy in the ECS Fargate service ,and I am using ALB for load balancing all inside a VPC and the routes are exposed in API gateway which is using a HTTP protocol, but the application is not loading as it is not able to perform switching from http to websocket. solution not considered:-

A websocket all the way to backend if possible if we expose the ALB directly to the client, without an API Gateway.Not possible because we have multiple services using the same ALB and architecture, we cannot expose the ALB publicly and creating a separate ALB is out of picture.

We need a more efficient and cost effective solution as this service is only to view the backend services with a UI.

1 Answer

Given your constraints and the requirement to efficiently expose a Streamlit application hosted on ECS Fargate with an ALB and Nginx reverse proxy setup, while also dealing with the challenge of websocket connections, here's a workaround solution:

Utilize AWS CloudFront as a Front-End to API Gateway and ALB

  1. CloudFront Distribution: Set up a CloudFront distribution to act as the front-end for your application. CloudFront can handle both HTTP and WebSocket traffic efficiently. Configure it to forward requests to your API Gateway and ALB based on path patterns.

  2. Path-Based Routing: Use path-based routing in CloudFront to direct HTTP requests to the API Gateway and WebSocket requests directly to the ALB endpoint. This allows you to bypass the limitation of API Gateway not supporting WebSocket in your current setup.

  3. Security and Caching Policies: Configure CloudFront with appropriate security and caching policies. Ensure that dynamic content (like WebSocket connections) bypasses the cache, while static content can be cached to improve performance and reduce load on your backend.

  4. API Gateway Adjustments: Ensure your API Gateway is configured to handle connections to other backend services efficiently. Since CloudFront now handles the WebSocket traffic directly to the ALB, your API Gateway setup can remain focused on HTTP/HTTPS traffic for APIs.

This solution leverages AWS CloudFront to work around the limitation of not being able to directly expose your ALB or modify the API Gateway to handle WebSocket connections. It's cost-effective because CloudFront pricing is based on usage (data transfer and requests), and it can significantly reduce the load on your backend services by caching static content at edge locations. Moreover, it respects your architectural constraints by not requiring a separate ALB and keeps your existing services untouched.

Hope it helps!

profile picture
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions