ECS Fargate ports without ALB and Spring Boot-CodePudding

I have a Spring Boot application on port 5000 that I am trying to deploy to ECS fargate. When I build it as Docker image locally I can easily do 80:5000 and do not need the port on the URL.

I cannot seem to do above on ECS fargate.

When I set the container port to 5000 in the Task definition. It created it like this:

{
    ...
            "portMappings": [
                {
                    "containerPort": 5000,
                    "hostPort": 5000,
                    "protocol": "tcp"
                }
            ],
    ...
}

I tried fixing it as JSON, but I received an error messages that host and container ports must match.

Like this, I had to open in the security group a TCP inbound rule for port 5000 and I need to visit my application's public IP with the 5000 port. It does not work without it (port 80 is opened in the security group also).

I have done this before with ALBs and services of more than 1 container and it works fine with a domain name or the dns of the load balancer without the 5000 port.

Can I achieved this with a single container? Sorry for my noobness.

CodePudding user response：

I have done this before with ALBs and services of more than 1 container and it works fine with a domain name or the dns of the load balancer without the 5000 port.

Can I achieved this with a single container?

No. You would either need to modify your SpringBoot app to listen on port 80, or add an Application Load Balancer in front of the ECS service. Note that even if you configured the container to listen on port 80 that's still very insecure. If you are exposing an ECS container to web browsers you should absolutely be using an Application Load Balancer configured with an AWS ACM SSL certificate to make the connection between the web browser and AWS secure.