CODEWITHSUNDEEP
amazon-web-servicesamazon-ecs
Christian Johansen
Christian Johansen

Reputation: 2031

ECS: How does taskdefinition port mapping relate to service load balancer port?

I'm writing some cloudformation templates to bring up an ECS cluster with some docker containers in it. I don't fully understand how all the ports relate to eachother.

I have an AWS::ECS::TaskDefinition, which specifies a port mapping consisting of a ContainerPort - which I understand to be the port used by the process running in the container - and a HostPort, which I think is the port exposed on the EC2 instance.

Then I have an AWS::ECS::Service, which has a LoadBalancers section. This section contains ContainerPort again - but how does this relate to my task definition? Should this be the ContainerPort or the HostPort from before? If the latter, how does that work? Does AWS do a "reverse lookup" on the instances? E.g. "get me the host port of the container port XYZ"?

Upvotes: 5

Views: 9425

Answers (2)

Sam
Sam

Reputation: 262

Should this be the ContainerPort or the HostPort from before?

One would logically assume the HostPort. However the documentation indicates the answer is ContainerPort. The reason for this design decision is likely because the HostPort can be dynamic when it's set to 0. You can't reliably specify it.

From http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-service-loadbalancers.html :

ContainerPort The port on the container to associate with the load balancer. This port must
correspond to a containerPort in the service's task definition. Your container instances must allow ingress traffic on the hostPort of the port mapping.

And,

Does AWS do a "reverse lookup" on the instances?

That must be the case. We must infer that AWS is doing some magic behind the scenes to lookup HostPort.

Upvotes: 1

Daniel Conde Marin
Daniel Conde Marin

Reputation: 7742

but how does this relate to my task definition?

Your task definition states which port your docker container will be listening, which is where the Load Balancer will route traffic to. That is the ContainerPort.

Should this be the ContainerPort or the HostPort from before?

Should be ContainerPort. This port is reachable from the Load Balancer to route incoming traffic to.

From http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-service-loadbalancers.html :

ContainerPort

The port number on the container to direct load balancer traffic to. Your container instances must allow ingress traffic on this port.

Upvotes: 0

Related Questions