How do I set up dynamic port mapping for Amazon ECS?

3 分的閱讀內容

I want to set up dynamic port mapping for my container instance in Amazon Elastic Container Service (Amazon ECS).

Short description

The Classic Load Balancer doesn't allow you to run multiple copies of a task on the same instance. Instead, when using the Classic Load Balancer, you must statically map port numbers on a container instance. However, an Application Load Balancer uses dynamic port mapping, so you can run multiple tasks from a single service on the same container instance.

Note: Network Load Balancers can also be used for dynamic port mapping. See Network Load Balancer and Creating a Network Load Balancer.


To set up dynamic port mapping, follow these steps:

  1. Create an Application Load Balancer and a target group.
    Important: To route health check traffic correctly when you create a target group, expand Advanced health check settings. For Port, select traffic port.
  2. Open the Amazon ECS console, and then set the host port to 0 for the task definition that you're creating or updating. Be sure to set the container port mappings for your application.
    Important: The host and awsvpc network modes do not support dynamic host port mapping.
  3. Add a rule to allow inbound traffic from your load balancer to your container instances. The security group and network access control list (network ACL) must allow traffic from the load balancer to the instances over the ephemeral port range.
    Note: For more information about ephemeral port ranges, see PortMapping.
  4. Open the Amazon ECS console, and then configure your service to use the Application Load Balancer that you created.
    Important: You can add a load balancer only during the creation of the service. After service creation, you can't change the target group's Amazon Resource Name (ARN), container name, or the container port specified in the service definition. You can't add, remove, or change the load balancer configuration of an existing service. If you update the service task definition, then the container name and container port specified at service creation must remain in the task definition. For more information, see Service load balancing.
  5. Open the Amazon Elastic Compute Cloud (Amazon EC2) console, and then choose Target Groups from the navigation pane. Choose the hyperlinked name for your target group. From the Targets tab, you can see what port is used for the task in the service that you created.

If dynamic port mapping is set up correctly, then you see the registered targets in the target group and the assigned port for the task. You also see the task in the registered targets for the following ephemeral port ranges: 49153–65535 and 32768–61000.

Related information

What is Elastic Load Balancing?

What is an Application Load Balancer?

AWS 官方
AWS 官方已更新 1 年前