Reputation: 455
Link between two containers in two different ECS clusters
I'm looking for the best way to get access to a service running in container in ECS cluster "A" from another container running in ECS cluster "B". I don't want to make any ports public.
Currently I found a way to have it working in the same VPC - by adding security group of instance of cluster "B" to inbound rule of security group of cluster "A", after that services from cluster "A" are available in containers running in "B" by 'private ip address'.
But that requires this security rule to be added (which is not convenient) and won't work for different regions. Maybe there's better solution which covers both cases - same VPC and region and different VPCs and regions?
Upvotes: 5
Views: 2212
Answers (2)
Reputation: 1304
To avoid adding custom security rules, you could simply perform some VPC peering between regions, which should allow instances in VPC 1 from Region A, view instances in VPC 2 from Region B. This document describes how such connectivity may be established. The same document provides references on how to link VPCs in the same region as well.
Upvotes: 0
Reputation: 2386
The most flexible solution for your problem is to rely on some kind of service discovery. The AWS-native one would be using Route 53 Service Registry or AWS Cloud Map. The latter one is newer and also the one recommended in the docs. Checkout these two links:
- https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html
- https://aws.amazon.com/blogs/aws/amazon-ecs-service-discovery/
You could go for open source solutions like Consul.
All this could be overkill if you just need to link two individual containers. In this case you could create a small script that could be deployed as a Lambda that queries the AWS API and retrieves the target info.
Edit: Since you want to expose multiple ports on the same service you could also use load balancer and declare multiple target groups for your service. This way you could communicate between containers via the load balancer. Notice that this can lead to increased costs because traffic goes through the lb.
Here is an answer that talks about this approach: https://stackoverflow.com/a/57778058/7391331
Upvotes: 2
Related Questions
- Communication between containers in ECS task definition
- How to communicate containers in ECS cluster?
- ECS containers call each other
- ECS on EC2 bidirectional communication between two containers in the same task
- Connect to a running container in AWS ECS Cluster
- Multiple containers in one ECS cluster
- AWS ECS: How to communicate between services within ECS Cluster without using ALB? Is there a way?
- AWS ECS how to call services from one container to another one
- How to make containers communicate with each other in ECS without link and port mapping?
- Communication between different services in AWS ECS