https://pulumi.com logo
Join Slack
Powered by
Hi, Does anyone have an example for using Fargate ...
# general
b
Hi, Does anyone have an example for using Fargate behind an ALB? Thanks
Copy code
const pulumi = require('@pulumi/pulumi')
const awsx = require('@pulumi/awsx')

let cluster = new awsx.ecs.Cluster('app', {})

const loadBalancer = new awsx.elasticloadbalancingv2.ApplicationLoadBalancer(
  'primary-alb',
  {
    external: true,
  }
)

const targetGroup = loadBalancer.createTargetGroup('ip-target-group', {
  port: 3000,
  targetType: 'ip',
  protocol: 'HTTP',
})

const listener = targetGroup.createListener('http-listener', {
  port: 80,
  defaultAction: {
    type: 'forward',
    targetGroupArn: targetGroup.targetGroup.arn,
  },
})

let service = new awsx.ecs.FargateService('frontend', {
  cluster,
  desiredCount: 1,
  taskDefinitionArgs: {
    containers: {
      frontend: {
        image: awsx.ecs.Image.fromPath('frontend-image', './frontend'),
        memory: 512,
        portMappings: [targetGroup],
      },
    },
  },
})

// export just the hostname property of the container frontend
exports.hostname = pulumi.interpolate`http://${listener.endpoint.hostname}`
This is what I've got so far - it deploys fine but when I try and hit the endpoint it times out
It was a security group issue - I have tried to fix it using the following code:
Copy code
const pulumi = require('@pulumi/pulumi')
const aws = require('@pulumi/aws')
const awsx = require('@pulumi/awsx')

let cluster = new awsx.ecs.Cluster('app', {})

const albSecurityGroup = new aws.ec2.SecurityGroup('alb-sg', {})

const ingressRule = new aws.ec2.SecurityGroupRule('alb-ingress-rule', {
  securityGroupId: albSecurityGroup.id,
  type: 'ingress',
  protocol: 'tcp',
  fromPort: 80,
  toPort: 80,
  cidrBlocks: ['0.0.0.0/0'],
})

const egressRule = new aws.ec2.SecurityGroupRule('alb-egress-rule', {
  securityGroupId: albSecurityGroup.id,
  type: 'egress',
  protocol: 'all',
  fromPort: 0,
  toPort: 65535,
  cidrBlocks: ['0.0.0.0/0'],
})

const loadBalancer = new awsx.elasticloadbalancingv2.ApplicationLoadBalancer(
  'primary-alb',
  {
    external: true,
    securityGroups: [albSecurityGroup],
  }
)

const targetGroup = loadBalancer.createTargetGroup('ip-target-group', {
  port: 3000,
  targetType: 'ip',
  protocol: 'HTTP',
})

const listener = targetGroup.createListener('http-listener', {
  port: 80,
  defaultAction: {
    type: 'forward',
    targetGroupArn: targetGroup.targetGroup.arn,
  },
})

let service = new awsx.ecs.FargateService('frontend', {
  cluster,
  desiredCount: 1,
  taskDefinitionArgs: {
    containers: {
      frontend: {
        image: awsx.ecs.Image.fromPath('frontend-image', './frontend'),
        memory: 512,
        portMappings: [targetGroup],
      },
    },
  },
})

// export just the hostname property of the container frontend
exports.hostname = pulumi.interpolate`http://${listener.endpoint.hostname}`
However now I get the error: Error message:A duplicate Security Group rule was found on ... the specified rule "peer: 0.0.0.0/0, TCP, from port: 80, to port: 80, ALLOW" already exists
s
Aha that is a known bug, one second let me find the issue
Are you using the latest AWS package? That sounds like this: https://github.com/pulumi/pulumi-aws/issues/398
b
@stocky-spoon-28903 Yes thank you that looks like it has been fixed in version 0.18.0 but I'm not quite sure how to use an unreleased version
36 Views
Open in Slack
PreviousNext
Powered by