CODEWITHSUNDEEP
dockernginxamazon-ec2amazon-ecs
Jon Sud
Jon Sud

Reputation: 11671

Do I need AWS Load balancer with nginx in AWS ECS?

I'm using Docker in AWS ECS. I have one EC2 machine with docker agent from AWS ECS, and the ECS task contains of 3 containers:

I want to support very huge traffic. Do I need to setup AWSLoad Balancer? or my setting for nginx upstream is enough?

nginx conf example:

upstream appwww {                                                                                            
    server app-www:3000;                                                                                     
}                                                                                                             

server {                                                                                                      
    server_name  my.home.net;                                                                       

     location / {                                                                                             
        proxy_pass http://appwww;                                                                            
        proxy_http_version 1.1;                                                                               
        proxy_set_header Upgrade $http_upgrade;                                                               
        proxy_set_header Connection 'upgrade';                                                                
        proxy_set_header Host $host;                                                                          
        proxy_cache_bypass $http_upgrade;                                                                     
    }                                                                                                         

    listen 443 ssl http2; # managed by Certbot                                                                      
    ssl_certificate......; # managed by Certbot            
    ssl_certificate_key........ # managed by Certbot          
    include /.......# managed by Certbot                                     
    ssl_dhparam /.....pem; # managed by Certbot                                       

}                                                                                                             


server {                                                                                                      
    if ($host = my.host.net) {                                                                      
        return 301 https://$host$request_uri;                                                                 
    } # managed by Certbot                                                                                    


    listen       80;                                                                                          
    server_name  my.host.net;                                                                       
    return 404; # managed by Certbot                                                                          
}

Edit

I draw the currect architecture and I want to add LoadBalancer, where should I put it? auto scale fits to this drawing? should I use one or more ec2 machines? multi containers? multi upstream?

enter image description here

Upvotes: 3

Views: 6157

Answers (3)

Arun Kamalanathan
Arun Kamalanathan

Reputation: 8603

I suggest you start with using the load balancer, because:

  • you can configure SSL at the load balancer and terminate SSL at the load balancer

  • you can protect yourself from malicious attacks by configuring the load balancer to integrate with AWS WAF

  • you could easily add more targets in the future

  • the absence of load balancer requires you to configure SSL at the application level

  • it supports health check.

  • you get free ACM certificate to use with load balancer
  • easy to renew SSL certs every year

Note: consider using AWS S3 and cloudfront to serve your static content

introducing load balancer to your existing architecture

The application load balancer supports host based routing now, which means it makes it possible to use multiple domains (or sub domains) pointing to multiple websites. In addition to host based routing its also supporting path based routing. for e.g while mydomain.com/web1 pointing to website1 , mydomain.com/web2 can point to website2.

I can't think of a reason why you would need to use nginx (unless I am missing something).

So answering to your question, I would do this way.

  • introduce an application load balancer
  • deploy multiple containers via ECS (Fargate)
  • for each service, i will have a target group dedicated to manage scaling and health checks.
  • finally, I would do host based routing, s1.mydomain.com, s2.mydomain.com each pointing to different target groups (one per service)

Reference: https://aws.amazon.com/blogs/aws/new-host-based-routing-support-for-aws-application-load-balancers/

Hope this helps.

Upvotes: 5

pabloxio
pabloxio

Reputation: 1493

If this statement is true

I want to support very huge traffic

In addition to ECS tasks, you need to read about different concepts within AWS ECS:

In order to properly use AWS ECS you need to use those services together.

Upvotes: 1

Marek Trunkát
Marek Trunkát

Reputation: 824

As you are saying that

I want to support very huge traffic.

I would expect that at some point you will need to scale your AWS ECS cluster horizontally to multiple instances and at that point, you will need an Elastic Load Balancer to balance your traffic between them.

https://docs.aws.amazon.com/AmazonECS/latest/developerguide///service-load-balancing.html

Upvotes: 1

Related Questions