Lets say I have 2 containers. One with nginx and and another with a simple app. Each container has his own ECR repo image and his own Task Definition. My nginx container is running in a public subnet with a public IP. How do I pass the request from nginx to my container like this:
proxy_pass app_container:9000;
How can I make my second container only visible to nginx container? Should I put him in a private subnet? Do I need to map a port for the app container in the task definition? Should I use Cloud Map? Should I call him with localhost:9000? Will the container be called the same as it is in the task definition?
I tried using service discovery but I still dont know how to call my container. I created the container, its running, but my nginx container cant reach him doesnt matter how I try, the documentation doesnt explain it well. How exactly should i call my container?
CodePudding user response:
How can I make my second container only visible to nginx container? Should I put him in a private subnet?
Private subnet is fine here yes.
Do I need to map a port for the app container in the task definition?
No, they are running on two separate services, since you are using two separate task definitions. So port mapping isn't an option here.
Should I use Cloud Map?
No, just use ECS Service Discovery.
Should I call him with localhost:9000?
No, that would only work if both containers were in the same task definition. And to be honest, that is probably the correct solution for this sort of thing. Running Nginx on a completely separate server is unnecessary and makes this all much more complicated.
Will the container be called the same as it is in the task definition?
No, you either have the option of using Service Discovery, and then using the name you gave the service in the Service Discovery namespace, or moving both of the containers into the same task definition and using localhost
for inter-service communication.
I tried using service discovery but I still dont know how to call my container. I created the container, its running, but my nginx container cant reach him doesnt matter how I try, the documentation doesnt explain it well. How exactly should i call my container?
Without any details about what you did exactly, it's impossible to point out what you did wrong. When you created a private DNS namespace for Service Discovery, what DNS name did you use? The service address would be the service name the private DNS name.