Reputation: 410
Docker compose ECS AWS Application Load balance redirect
Im deploying my docker container via my docker compose file.
When i initially deploy my app it creates a load balancer but as type "network". I cannot do a redirect to https with this type.
I want my load balancer to be created as a type "application" and then setup the redirect from http to https.
My container will still be listening to port 80.
Bonus: i would like to deploy and also attach my SSL cert in my compose file so that its all ready on a fresh deploy.
As you can see ive tried a few things but cant get it to work.
Thanks
version: '3.8'
services:
web:
container_name: auction_web
image: <ECR Image>
# x-aws-pull_credentials: arn:aws:secretsmanager:xxxxxxxxxxxx
depends_on:
- redis
ports:
# - "80:80" - tried this
# - "443:443" - tried this
- target: 80
x-aws-protocol: http
- target: 443
x-aws-protocol: https
# - published: 80
# protocol: "http"
# x-aws-alb-default-actions:
# - type: redirect
# host: '<domain>'
# port: 443
# protocol: HTTPS
# status-code: HTTP_301
# - published: 443
# protocol: "https"
# x-aws-acm-certificate: <cert name>
deploy:
resources:
limits:
cpus: '1'
memory: 4096M
Upvotes: 0
Views: 903
Answers (2)
Reputation: 410
x-aws-cloudformation:
Resources:
App80Listener:
Properties:
Port: 80
Protocol: HTTP
LoadBalancerArn:
Ref: LoadBalancer
DefaultActions:
- Type: redirect
RedirectConfig:
Port: 443
Protocol: HTTPS
StatusCode: HTTP_301
Type: AWS::ElasticLoadBalancingV2::Listener
App443Listener:
Properties:
Port: 443
Protocol: HTTPS
LoadBalancerArn:
Ref: LoadBalancer
DefaultActions:
- ForwardConfig:
TargetGroups:
- TargetGroupArn:
Ref: App8080TargetGroup
Type: forward
Certificates:
- CertificateArn: "<arn for cert>"
Type: AWS::ElasticLoadBalancingV2::Listener
App8080TargetGroup:
Properties:
Name: 'jenkins-tg'
Port: 8080
Protocol: HTTP
Tags:
- Key: com.docker.compose.project
Value: jenkins
TargetType: ip
VpcId: vpc-d21afbbb
HealthCheckPath: '/login'
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Upvotes: 0
Reputation: 1664
Please try this:
Define ports with "80:80" and "443:443" and nothing else.
Add the following section at the bottom of the docker-compose file:
x-aws-cloudformation:
Resources:
Web443Listener:
Properties:
Certificates:
- CertificateArn: "<certificate ARN>"
Protocol: HTTPS
Port: 443
Web80Listener:
Properties:
DefaultActions:
- Type: redirect
RedirectConfig:
Port: 443
Protocol: HTTPS
StatusCode: HTTP_301
Upvotes: 1
Related Questions
- How to use Application Load Balancer for an ECS Service with multiple port mappings?
- Docker compose ECS integration: load balancer is of type application, project require a network
- Aws ec2 - how to setup load balancer to match docker container on ec2 instance
- Deploy Applications on Amazon ECS Using docker compose
- Deploying docker to AWS without load balancing
- AWS load balancer for multiple services
- ecs-cli compose service up with a load balancer
- Amazon Application Load Balancer Host Based Routing to a specific ECS Container Service
- ECS and Application Load Balancer
- Aws Elastic Load Balancer