How can I specify IP address to my load balancer?

Question

I have ECS service running in AWS and I am going to create application load balancer for this service. I have read through this doc: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html but what I don't quite understand is how I can specify an entry endpoint IP address to my load balancer. This IP address will be used by client to send requests to my service. Based on my understanding, the IP should be configured in load balancer not my ECS service's task.

Answer 1

Using an IP address for connecting to an elastic load balancer is a bad idea. ELBs are elastic, which means there are multiple instances behind a single load balancer for fault tolerance. That's the reason AWS recommends to use the Hostname instead of IP address.

If you still want to test the connetivity using load balancer IP address, you can try the nslookup command

nslookup yourELBPublicDNS

This will give you multiple addresses back, you can try to hit one. But keep in mind that those IP addresses may change. The reason is simple, if the underlying host for the load balancer fails, it will be replaced by a new one, which most likely will have new IP. But what remains constant is the domain name, so using the hostname is recommended.

Answer 2

As mentioned in the answer IP is bad idea but not if its static IP. As NLB support static IP while application LB does not support static IP.

If you are looking for static IP, then you need to place network LB in the top of application LB, application LB will communicate with backend ECS services while the NLB will be for the client. The client will able to communicate using the static IP of NLB that will not change.

Against each availability zone, you have static IP for NLB, you can check further integration here.

If you are looking for allowing specific IP to use your Endpoint then you need AWS application firewall.