Hi, I'm trying to setup a Fargate service using `p...
# aws
p
Hi, I'm trying to setup a Fargate service using
pulumi/awsx
. Here's the relevant part of the Pulumi program:
Copy code
// Create an ALB associated with the default VPC listening to HTTP traffic on port 80.
const lb = new awsx.lb.ApplicationListener("flatzone-sk-strapi-lb", {
  external: true,
  protocol: "HTTP",
  port: 80,
  targetGroup: {
    protocol: "HTTP",
    port: 1337
  }
});

// Create an ECS service containing a Strapi task running on Fargate.
const service = new awsx.ecs.FargateService("flatzone-sk-strapi-svc", {
  cluster: cluster,
  taskDefinitionArgs: {
    container: {
      image: image,
      cpu: 256,
      memory: 1024,
      portMappings: [ lb ]
    },
    executionRole: executionRole,
    logGroup: logGroup
  },
  desiredCount: 1
});
After deployment, I can't connect to the port 80 of the listener endpoint. I keep seeing this in the Events tab of the service:
Copy code
0762c099-8eb3-4b80-aa6b-1282013cea6e
2021-05-07 21:45:26 +0200
service flatzone-sk-strapi-svc-8d4bf16 (port 1337) is unhealthy in target-group flatzone-sk-strapi-lb-78d9d12 due to (reason Health checks failed).
fdda0e3f-f1d9-4518-9fb8-81f37023a205
2021-05-07 21:42:30 +0200
service flatzone-sk-strapi-svc-8d4bf16 registered 1 targets in target-group flatzone-sk-strapi-lb-78d9d12
48ca16be-c96c-490e-b984-1ce03e2755f8
2021-05-07 21:41:49 +0200
service flatzone-sk-strapi-svc-8d4bf16 has started 1 tasks: task d1810b4141bf4af8a64e65b672007abb.
a8a501ed-7e2b-446d-b16c-9f7d1d1b0b4d
2021-05-07 21:41:38 +0200
service flatzone-sk-strapi-svc-8d4bf16 has stopped 1 running tasks: task 32808dc77f0149ddb251926417d45710.
7736ecad-8ebf-44a1-aedd-cbce2e1c0e72
2021-05-07 21:41:38 +0200
service flatzone-sk-strapi-svc-8d4bf16 deregistered 1 targets in target-group flatzone-sk-strapi-lb-78d9d12
a17597c4-a163-4dff-a17f-03263ea54b35
2021-05-07 21:41:38 +0200
service flatzone-sk-strapi-svc-8d4bf16 (port 1337) is unhealthy in target-group flatzone-sk-strapi-lb-78d9d12 due to (reason Request timed out).
22b214d3-0dd5-4dca-a80d-0ab7ccb485fa
2021-05-07 21:39:03 +0200
service flatzone-sk-strapi-svc-8d4bf16 registered 1 targets in target-group flatzone-sk-strapi-lb-78d9d12
3ba68e54-225d-41f3-acbe-53452d14c58d
2021-05-07 21:38:10 +0200
service flatzone-sk-strapi-svc-8d4bf16 has started 1 tasks: task 32808dc77f0149ddb251926417d45710.
The container is listening on port 1337 and I can connect to it using running tasks pubic IP, however the health check keeps failing. The weird thing is that when I change the listener port from 80 to 1337 by explicitely
port: 1337
then I can connect to the listener endpoint on 1337. I've spent half a day trying to get it to work but without success. What am I doing wrong? Thanks for help
r
I’m not sure about your specific question, but the aws-ts example in the repo shows it set up slightly differently… https://github.com/pulumi/examples/blob/master/aws-ts-hello-fargate/index.ts Perhaps that could be helpful?
p
There are multiple examples showing usage of load balancers I have tried, e.g. • https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/awsx/lb/https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/awsx/ecs/ But none of them handles the case when the task port differs from the listener port. Such example would be really helpful
Looking at the code (https://github.com/pulumi/pulumi-awsx/blob/master/nodejs/awsx/index.ts), the
elasticloadbalancingv2
from your example is just an alias to
lb
so it's equal to the example from
pulumi/awsx
docs I posted. That's what I also tried without success :-/
r
Yeah hopefully someone else can jump in and help you out, this isn’t my area of expertise 🙂
👍 1
p
Got some sleep and it was worthy. I found out where the problem was. The load balancer's security group didn't have an outbound rule allowing traffic to the target group / health check port. I think this should be carried out by the package, though.