snippetMinor
How to use ecs service dicovery
Viewed 0 times
dicoveryecsservicehowuse
Problem
I'm trying to use amazon service discovery to register a Redis server in order to be reachable by other ECS services in the same cluster.
I'm using EC2 to deploy my services not Fargate, so service discovery create a simple SRV DNS record, that's mean my others services must request R53 service to get a real "A" record to have access to Redis service.
My question for DevOps/AWS engineer is: what's the correct way to do so? A request to R53 each time absolutely not a good idea.
My solution is in comments.
I'm using EC2 to deploy my services not Fargate, so service discovery create a simple SRV DNS record, that's mean my others services must request R53 service to get a real "A" record to have access to Redis service.
My question for DevOps/AWS engineer is: what's the correct way to do so? A request to R53 each time absolutely not a good idea.
My solution is in comments.
Solution
The goal can be achieved via several solutions. We can use service with awsvpc as network mode, so your service can get a real "A" DNS record and ENI interface, you must pay attention with this solution, ec2 instances has a limited number of ENI that can be attached, for a micro or small I think max 3.
Other solution more flexible is to use an internal NLB or custom proxy like HAproxy as ambassador, you run the proxy as service with awsvpc so he can get his "A" DNS record eg proxy.prod, all other services like Redis, Mongo, Elasticsearch ... can be configured as service with bridge networking mode so they will get an SRV record if configured with service discovery.
Finally you have to configure your proxy to redirect all traffic to desired service using port forwarding. HAproxy can resolve "SRV" records so you don't have to deal with that HAproxy will do it for you, you must just configure your app to use proxy.prod + port, for each service so:
Using this technique you can do a lot of amazing things, no matter where your proxy can lives, it can run as container in the same node with your apps or on a Fargate or in another node ...
Other solution more flexible is to use an internal NLB or custom proxy like HAproxy as ambassador, you run the proxy as service with awsvpc so he can get his "A" DNS record eg proxy.prod, all other services like Redis, Mongo, Elasticsearch ... can be configured as service with bridge networking mode so they will get an SRV record if configured with service discovery.
Finally you have to configure your proxy to redirect all traffic to desired service using port forwarding. HAproxy can resolve "SRV" records so you don't have to deal with that HAproxy will do it for you, you must just configure your app to use proxy.prod + port, for each service so:
- Redis proxy.prod:6379
- Mongo proxy.prod:27017
- And so on...
Using this technique you can do a lot of amazing things, no matter where your proxy can lives, it can run as container in the same node with your apps or on a Fargate or in another node ...
Context
StackExchange DevOps Q#6529, answer score: 2
Revisions (0)
No revisions yet.