Deploy on ECS Fargate a Docker container that exposes multiple ports
Most examples involve a docker container that exposes one port. Here, we will look at a container that exposes multiple ports.
Let us consider, for example, a container that exposes a public port and an admin port. i.e. the public port is open to all and admin port should be locked down to everyone except administrators.
ECS Fargate Launch Type uses awsvpc network. Hence, when creating Target Group, specify Target Type: ip and not instance.
The ALB automatically distributes traffic among Targets registered to a Target Group. But when targeting ECS, we do not register targets when creating ALB and Target Groups. ECS Service automatically registers and de-registers targets.
After ALB and Target Groups are created, then create ECS Service specifying the Target Groups where the task spun up should be registered. ECS takes care of routing traffic destined for those target groups to the specified container name and port. i.e. Traffic from multiple target groups will be hitting different ports of the same container instance as shown in above diagram.
The ECS Service definition file would look like the below.
“serviceName”: “demo-svc”,
“taskDefinition”: “demo-task-def:11”,
“loadBalancers”: [
{
“targetGroupArn”: “arn:aws:elasticloadbalancing:us-east-1:xxx:targetgroup/public-tg/123”,
“containerName”: “demo-container”,
“containerPort”: 4444
},
{
“targetGroupArn”: “arn:aws:elasticloadbalancing:us-east-1:xxx:targetgroup/admin-tg/abc”,
“containerName”: “demo-container”,
“containerPort”: 4445
}
],
“desiredCount”: 1,
“clientToken”: “”,
“launchType”: “FARGATE”
