1

I have deployed the docker image of my spring boot application over aws ECR, following creation of AWS fargate cluster. PFA screenshots of the configurations stating task, security, service and cluster definition.I can ping my public ip successfully. But I can't access my application over neither load balancer nor public ip. The urls I tried to access application were

public_ip:8081/my_rest_end_point

and

load_balancer_public_dns:8081/my_reset_end_point

I have tested running my docker image on local host using port 8081 and the same 8081 port I have configured for port mapping in my Fargate container configuration (reference: service definition). How can I access my application? I have followed almost all the articles over Medium and AWS.

Task Definition security definition service definition cluster definition Target group load balancer definition1 load balancer definition2 inbound rules Updated security rules service subnet load balancer subnets registered target groups

Tutorials followed: https://medium.com/underscoretec/deploy-your-own-custom-docker-image-on-amazon-ecs-b1584e62484

https://medium.com/faun/aws-fargate-services-deployment-with-continuous-delivery-pipeline-b67d33407c88

Caffeine Coder
  • 948
  • 14
  • 17
  • 2
    Can you provide settings of your ALB, end its target groups? – Marcin Aug 11 '20 at 06:45
  • @Marcin ALB settings and target group updated! – Caffeine Coder Aug 11 '20 at 07:32
  • If you use dynamic port mapping, then your fargate task SG must allow all ports from your LB, or just all ports. Not only 8081. – Marcin Aug 11 '20 at 07:34
  • @Marcin in security settings I have also configured all traffic with all ports, have attached screenshot just now! – Caffeine Coder Aug 11 '20 at 07:38
  • The screenshot shows that IPv4 is still 8081. All ports are for IPv6. – Marcin Aug 11 '20 at 07:40
  • If this still does not work, can you pealse check if subnets/AZs enabled for ALB, are same as those used by Fargate service. ALB will not route traffic to AZs others then those enabled ones. – Marcin Aug 11 '20 at 07:44
  • @Marcin the submets used by ALB and Service are same! Also I have updated the inbound rules to all TCP and traffic! Am I accessing the application in right format of url? As I'm successullly able to docker run my application on local using docker run -p 8081:8081 {docker_image} – Caffeine Coder Aug 11 '20 at 08:03
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/219595/discussion-between-caffeine-coder-and-marcin). – Caffeine Coder Aug 11 '20 at 08:08

1 Answers1

1

Based on the comments and chat discussion.

The tutorial followed creates a custom VPC with CIDR range of 10.0.0.0/16 with two subnets. There is no internet gateway (IGW); and subsequently, the Fargate tasks launched in the VPC have no internet access nor they can't be accessed from the internet.

There are two solutions to this problem:

  • use the default VPC which correctly provides internet access
  • create a custom VPC (or modify existing) that is setup with IGW and the corresponding route tables. An example of a custom VPC with internet access is in AWS docs.
Marcin
  • 215,873
  • 14
  • 235
  • 294