Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update ECS module to enable Dynamic Port Mapping #10

Open
mswezey23 opened this issue Aug 15, 2022 · 1 comment
Open

Update ECS module to enable Dynamic Port Mapping #10

mswezey23 opened this issue Aug 15, 2022 · 1 comment

Comments

@mswezey23
Copy link
Contributor

mswezey23 commented Aug 15, 2022

Currently, as provided, one cannot do rolling deployments on the ECS-EC2 module.

This is due to the hostPort being configured (port 80) and not allowing AWS/Docker magic to occur.

The fix is simple. Update hostPort: 0 instead of hostPort: 80 on both task definitions.

Doing this one update allowed for a smooth rolling update to occur.
Verified by monitoring the ECS Cluster -> Services -> Event logs and checking which task definitions were active.

Example Error:

service [alpha-retool-main-service](https://us-east-1.console.aws.amazon.com/ecs/home?region=us-east-1#/clusters/alpha-retool-ecs/services/alpha-retool-main-service) 
was unable to place a task because no container instance met all of its requirements. 
The closest matching container-instance is already using a port required by your task. For more information, see the [Troubleshooting section]
(http://docs.aws.amazon.com/AmazonECS/latest/developerguide/troubleshooting.html).
@mswezey23
Copy link
Contributor Author

mswezey23 commented Aug 15, 2022

You will also need to update SG ingress rules for the EC2 instance(s) to allowed the ALB traffic to occur over the ephemeral port range.

With this, you can delete the the Port 80 & 443 ingress rules for the EC2 instance. ALB should receive incoming HTTP(S) traffic and manage the SSL connection via ACM certs.

ingress {
    description     = "Ephemeral Port Range DPM"
    from_port       = "49153"
    to_port         = "65535"
    protocol        = "tcp"
    security_groups = [aws_security_group.alb.id]
  }

Sauce: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PortMapping.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant