使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Network Load Balancers, Elastic IPs, and Fargate Services + Tasks?

0

Hi, I'm new to AWS and trying to get some of our on-prem VMs migrated over to Fargate. From what I've read, I need to use a Network Load Balancer since I want to setup an Elastic IP on the NLB which can be delegated via an A record from our on-prem DNS (Route 53 isn't an option right now).

In ECS, I have a Task Definition for my container, which runs Nginx, listening on TCP 80 and 443. Also in ECS, I've setup a Cluster and two Services; One Service for TCP 80, and another Service for TCP 443. Each of these services have at least one Task defined which spins up the Nginx container.

When I define the NLB, I create two Listeners/Target Groups. One for TCP 80 and the other for TCP 443. When defining the Listeners, I assign the EIP to each listener. The NLB has an A record associated with it named something like my-net-lb-xxxxxxx.elb.us-east-1.amazonaws.com. There are also two public IP addresses associated with the A record but here's where it gets weird.

If I do an nslookup on NLB A record, I only see one of the EIPs attached to it. Likewise, I can point a browser at that EIP and I can reach the Fargate Task. The second IP seems to be orphaned somewhere. It's setup as a listener, but doesn't show up anywhere except under the other AZ for the NLB. Pointing a browser at that orphaned IP goes nowhere.

I was expecting a Round Robin DNS setup on the NLB A record so if one of the EIPs is unroutable because a Task is down, the client has a chance to refresh and roll-over to the other IP address.

I must be missing something. I've tried finding specific documentation on this setup but everything I've found so far is either incomplete, or so old it's irrelevant.

Thanks for any insight, and apologies this is so long

主题
无服务器容器
标签
AWS Fargate网络负载均衡器
语言
English
0x90
已提问 2 年前317 查看次数
1 回答
0
已接受的回答

There are 2 types of DNS for NLB - regional and zonal. you should use regional DNS names and AWS will automatically resolve to zonal DNS in a round robin fashion; the reason is if you are using zonal DNS and if there is AZ level outage (unlikely but possible) there wont be any failover therefore its recommended to use Regional DNS of NLB for connectivity. See more information on this topic here

If you are using a single NLB deployed across multiple Availability Zones, you can use the Availability Zone-specific DNS names provided by the NLB in your DNS configuration. For example, suppose you have a workload, www.example.com, that operates behind an NLB in us-west-2a, us-west-2b, and us-west-2c. It has a Regional AWS provided DNS A record of my-load-balancer.elb.us-west-2.amazonaws.com, as well as zonal records for each Availability Zone such as us-west-2a.my-load-balancer.elb.us-west-2.amazonaws.com.

profile pictureAWS
专家
Tushar_J
已回答 2 年前
profile picture
专家
Giovanni Lauria
已审核 8 天前
  • 0x90
    2 年前

    Thanks for that answer and the link for the DNS explanation! The second EIP showed up in DNS a couple days later. I'm not clear why the second EIP took so long to propogate.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容