https://pulumi.com logo
Powered by
Title
w

wide-jackal-86020

03/25/2021, 1:39 AM
Hello, This might be a stupid question, but I am stuck with routing with ALB for ECS cluster. And I couldn't find any help on Pulumi website. Resources created: 1. ECS services 
const helloService = new awsx.ecs.FargateService(...)
2. Load balancer 
const alb = new <http://awsx.lb|awsx.lb>.ApplicationLoadBalancer(...)
3. Listener 
export const backendListener = alb.createListener(...)
4. Target groups 
const helloTarget = alb.createTargetGroup()
5. Listener Rules: 
const helloRule = new <http://aws.lb|aws.lb>.ListenerRule()
My question is how can I connect the 
helloRule
to the 
helloService
? For example, 
helloService1
should response to requests matches 
hellowRule1
, and 
helloService2
should response to requests matches 
helloRule2
.
b

billowy-army-68599

03/25/2021, 1:48 AM
I believe you need a 
targetgroupattachment
https://www.pulumi.com/docs/reference/pkg/aws/applicationloadbalancing/targetgroupattachment/
w

wide-jackal-86020

03/25/2021, 1:57 AM
Thanks! There's only example of how to use it with Lambda, and I am sorry that I couldn't figure out how to use it with instance (Fargate). How can I find container ID for an ECS container?
m

millions-furniture-75402

03/25/2021, 5:51 PM
const appTargetGroup = new awsx.lb.ApplicationTargetGroup(`${appName}-tg`, {
  deregistrationDelay: 0,
  healthCheck: {
    path: "/healthcheck",
    port: "80",
    protocol: "HTTP",
    matcher: "200",
  },
  loadBalancer: alb,
  port: 80,
  protocol: "HTTP",
  vpc: vpc,
});

const appListenerRule = new awsx.lb.ListenerRule(`${appName}-lr`, https, {
  actions: [{
    targetGroupArn: appTargetGroup.targetGroup.arn.apply(v => v),
    type: "forward",
  }],
  conditions: [{
    hostHeader: {
      values: [`${appName}.*`],
    },
  }],
  priority: 1,
});
ā€¦ 
const appService = new awsx.ecs.FargateService(`${appName}-fargate-service`, {  
  taskDefinitionArgs: {
    containers: {
      [`${appName}-service`]: {
        image: ...
        ...
        portMappings: [appTargetGroup],
      },
    }
  }
fwiw, above that, I also do: 
const lbSecurityGroup = new awsx.ec2.SecurityGroup(`${appName}-default-http-and-https`, {
  vpc: vpc,
});

const alb = new awsx.lb.ApplicationLoadBalancer(`${appName}-lb`, {
  accessLogs: {
    bucket: logBucketId,
    enabled: true,
    prefix: appName,
  },
  external: true,
  securityGroups: [lbSecurityGroup],
  subnets: publicSubnetIds,
  vpc: vpc,
});

const http = alb.createListener(`${appName}-http`, {
  defaultAction: {
    type: "redirect",
    redirect: {
      protocol: "HTTPS",
      port: "443",
      statusCode: "HTTP_301",
    },
  },
  external: true,
  port: 80,
  protocol: "HTTP",
});

const https = alb.createListener(`${appName}-https`, {
  certificateArn,
  defaultActions: [{
    fixedResponse: {
      contentType: "text/plain",
      messageBody: "404 Site Not Found",
      statusCode: "404",
    },
    type: "fixed-response",
  }],
  external: true,
  port: 443,
  protocol: "HTTPS",
  sslPolicy: "ELBSecurityPolicy-TLS-1-2-Ext-2018-06",
});
w

wide-jackal-86020

03/25/2021, 7:02 PM
Thank you so much! @millions-furniture-75402 šŸ‘
šŸ‘ 1
#awsJoin Slack
Powered by