This message was deleted Pulumi Community #getting-started

Join Slack

This message was deleted.

# getting-started

sparse-intern-71089

01/24/2024, 10:20 PM

This message was deleted.

miniature-musician-31262

01/24/2024, 10:22 PM

There's an example in the docs that contains an

egress

block -- have you tried this? https://www.pulumi.com/docs/clouds/aws/guides/ecs/#creating-an-ecs-cluster-in-a-vpc

cuddly-computer-18851

01/25/2024, 12:11 AM

Do you tasks have public IPs, or in a subnet routed via a NAT GW?

narrow-boots-93205

01/25/2024, 12:27 AM

Let me just attach the code I'm currently using.

Copy code

const cluster = new awsx.classic.ecs.Cluster('cluster');

export const alb = new awsx.classic.lb.ApplicationLoadBalancer( 'net-lb', {
  external: true,
  securityGroups: cluster.securityGroups
});
const atg = alb.createTargetGroup('app-tg', { port: 4000, deregistrationDelay: 0, protocol: 'HTTP' });
export const webHTTPS = atg.createListener('webHTTPS', {
  external: true,
  port: 443,
  protocol: 'HTTPS',
  sslPolicy: 'ELBSecurityPolicy-2016-08',
  certificateArn: config.certificateArn
});

const fargateSecurityGroup = new aws.ec2.SecurityGroup('fargateSecurityGroup', {
  egress: [
    {
      fromPort: 0,
      toPort: 0,
      protocol: '-1',
      cidrBlocks: [ '0.0.0.0/0' ],
      ipv6CidrBlocks: [ '::/0' ]
    }
  ]
});

const appService = new awsx.classic.ecs.FargateService('app-svc', {
  cluster,
  securityGroups: [ fargateSecurityGroup.id, ...cluster.securityGroups.map(g => g.id) ],
  taskDefinitionArgs: {
    container: {
      image: img.imageUri,
      cpu: 102 /*10% of 1024*/,
      memory: 50 /*MB*/,
      portMappings: [
        // webHTTP,
        webHTTPS
      ]
    }
  },
  desiredCount: 1
});

narrow-boots-93205

01/25/2024, 12:29 AM

Basically have an ALB forwarding https traffic to the port used by the container. Not really sure if I should convert this to awsx instead of classic but the example I started this project with was using classic.

cuddly-computer-18851

01/25/2024, 12:45 AM

You need to provide networking configuration

narrow-boots-93205

01/25/2024, 12:55 AM

To the FargateService? The non classic ones have a parameters

networkConfiguration

. Is that what you are talking about?

cuddly-computer-18851

01/25/2024, 1:11 AM

https://www.pulumi.com/registry/packages/aws/api-docs/ecs/service/#servicenetworkconfiguration Personally I would not recommend using

awsx

- they're a poorly document / maintained abstraction compared to the core packages.

Open in Slack

Previous Next