Can't connect to an AWS container service in Lightsail using it's private domain

Question

I've created an Ubuntu (20.04 LTS) instance on AWS Lightsail on which I have installed nginx (1.18.0). I've also successfully published a docker image to an AWS Lightsail Container Service that, when the public endpoint is enabled, works fine. However, I don't want to expose this service to the public but instead route traffic to it through a reverse proxy on my Ubuntu instance.

My problem is when I try and curl the container service's private domain (<ServiceName>.service.local:<PortNumber>) from my Ubuntu instance I get Could not resolve host servicename.service.local. According to the Lightsail docs (section "Private domain") this should be accessible to my "Lightsail resources in the same AWS Region as your service".

I'm pretty new to networking so I would greatly appreciate some input. Is there anything else that needs to be configured in order to reach this service from my instance?

Things I've verified:

• The image is up and running and works fine when connecting to it using the public domain
• I'm running both instance and container service in the same region

Many thanks!

Answer 1

I just ran into the same problem. I spun up two instances, one with Amazon Linux 2, one with Ubuntu 20.04. The AL2 instance can resolve and access a container service by domain name:

[ec2-user@ip-172-26-0-176 ~]$ host nginx.service.local
nginx.service.local has address 172.26.17.185
[ec2-user@ip-172-26-0-176 ~]$ curl http://nginx.service.local/
<!DOCTYPE html>
...

The Ubuntu instance cannot.

What did help was removing the /etc/resolv.conf on the Ubuntu instance, and replacing it with the one from the AL2 instance:

[ec2-user@ip-172-26-0-176 ~]$ cat /etc/resolv.conf 
; generated by /usr/sbin/dhclient-script
search eu-central-1.compute.internal
options timeout:2 attempts:5
nameserver 172.26.0.2

It works, but doesn't feel like a particularly clean solution, since this overwrites Ubuntu's systemd-managed resolv.conf.